Verve Security Center

Additional Info

CompanyVerve Industrial Security
Websitehttp://www.verveindustrial.com
Company size (employees)10 to 49

Overview

Verve is a 25-year old IT/OT reliability and security company. The company’s flagship product, the Verve Security Center (VSC), is a comprehensive IT/OT security management platform. It brings together all of the required elements of NIST CSF (as well as other standards such as CSC20, IEC62443, etc.) into a single pane of glass. It includes automated asset inventory, patch management, change management, vulnerability assessment, configuration compliance, application whitelisting, log management and anomaly detection, and incident response analysis.

Over 60% of the labor involved in cybersecurity today is in the operations and maintenance function to ensure security is maintained on current and new systems. This challenge is hard enough in the world of IT. But as cybersecurity begins to extend into OT systems (either traditional industrial controls like SCADA or HMIs, etc. or newer IOT deployments) the security management challenges increase dramatically. These systems have historically been unmanaged and even basic inventory is often no available.
Further, IT personnel don’t normally have the knowledge of these systems.

Verve addresses this challenge by providing a single management platform for both IT and OT systems. It deploys quickly and inexpensively using only software. Further, by deploying the only OT-proven agent-based architecture, Verve allows customers not only to detect vulnerabilities and threats but also to remediate them quickly and safely. This architecture is what allows Verve to provide the first truly comprehensive solution for integrated IT/OT cybersecurity.

Verve is proven on dozens of deployments in industries ranging from power generation and transmission to pharmaceuticals, pipelines, and discrete manufacturing.

How we are different

- Rich software asset inventory: Verve’s proven vendor-agnostic agent and agentless service gathers full detail on OS, application software, firmware, patch status, configurations, etc. Verve does this by leveraging existing protocols and communications to gather information from endpoints rather than trying to interpret from communication packet analysis.
- Vulnerability analysis: For OS devices, Verve has customized best-in-class scanners such as Tenable and Rapid 7/Nexpose for ICS environments. For embedded devices, Verve compares against multiple vulnerability databases as well as reviewing underlying components against an array of potential hidden vulnerabilities
- Vulnerability remediation service: Regular monthly review of patches and potential software vulnerabilities, integrated patch deployment or software removal with Verve Security Center and onsite cross-vendor deployment support as necessary.