Kaspersky Unveils ICS Vulnerabilities Database

Cyber security

Kaspersky on Thursday announced the ICS Vulnerabilities Database, a new service designed to help industrial organizations keep track of relevant security flaws and protect their networks against potential threats.

The ICS Vulnerabilities Database offers Kaspersky clients with continually updated data on weaknesses in Industrial Control Systems (ICS) and IIoT devices.

Each record will include comprehensive technical information which is supplied both in a human readable format and in a machine readable format via a REST API. The API will enable companies to feed the data to their current safety instruments.

The ICS Database also involves a component called the Signature Network Attacks Database, which gives clients signatures on recognized ICS threats. These information can be incorporated with Intrusion Detection Systems (IDS) from third parties.

In December 2019, the fresh service is anticipated to be accessible. It has been recommended to contact Kaspersky by e-mail to companies interested in obtaining or testing the service on ics(at)kaspersky.com.

Kaspersky states that ICS CERT scientists discover no less than 60 vulnerabilities in ICS and IIoT products each year, and hundreds or thousands of devices may be affected by these defects.

“Penetrating and regular vulnerability assessments by an industrial undertaking could give a nice image of its present state of cybersecurity,” said Georgy Shebuldaev, Kaspersky Chief Industrial Cybersecurity Officer. “Unfortunately, there is a lack of much of the data, consistency and clarity necessary for efficient ongoing vulnerability assessments in current publicly accessible ICS or IIoT vulnerability data sources. This new service seeks to assist clients with Kaspersky’s knowledge and guidance in vulnerability management and incident detection”.

Mark Funk
Mark Funk is an experienced information security specialist who works with enterprises to mature and improve their enterprise security programs. Previously, he worked as a security news reporter.