Verve embeds aDolus’ ability to generate SBOMs and validate components for improved cybersecurity.
Our combined offering is the only platform that enables end users to manage the security of their ICS/OT endpoints down to vulnerabilities in hidden subcomponents.” — Eric Byres, P.Eng, ISA Fellow
I recently caught up with Verve Industrial CEO John Livingston to go over the news of a partnership with Eric Byres’ new company, aDolus Technology. Livingston reminded me that, unlike most cybersecurity solutions that sit on the network and perform packet analysis looking for anomalies, Verve is an endpoint management tool that speaks a language comfortable to CISOs. He told me that market acceptance has been good, with sales doubling in 2020. Partly, I’m sure, due to stresses on security due to the sudden migration of employees from offices to home, and partly due to CISOs recognizing a different type of solution.
aDolus Technology Inc., a global authority on software intelligence for critical infrastructure, announced its partnership with Verve Industrial, a leading industrial control system management and cyber security provider. The partnership brings the power of the aDolus FACT platform’s IoT/OT SBOM (software bill of materials) analysis and validation into Verve’s IoT/OT endpoint vulnerability management platform.
“Supply chain attacks like the recent SolarWinds hack are now front-page news, and we are working with Verve to reduce the risk these attacks pose to critical systems,” said Eric Byres, CEO of aDolus and inventor of the Tofino Firewall. “Our combined offering is the only platform that enables end users to manage the security of their ICS/OT endpoints down to vulnerabilities in hidden subcomponents.”
The FACT platform correlates information from diverse sources about ICS, IIoT, and IoT firmware and software to provide continuous assurance that packages (and all their subcomponents) are legitimate, tamper-free, and safe to ship and install. Verve embeds this intelligence as an easy-to-use “FACT score” that indicates a component’s trustworthiness.
With over 25 years of OT experience, Verve is an OT/ICS cyber security company, partnering with customers to bridge IT OT security challenges in industrial environments. The Verve Security Center provides a robust asset inventory, vulnerability assessment, threat detection and the ability to safely remediate risks in a unified software-based platform.
“Current approaches that rely on passive detection of software miss the underlying reservoir of risk of both OS and application software as well as the hidden risks of vulnerable components within OT/IoT firmware,” said John Livingston, CEO of Verve. “Through this partnership, our customers can not only identify ‘known’ risks, but immediately check for vulnerabilities hidden in their embedded firmware.”
The Verve Security Center continues to deliver the most innovative capabilities to its clients in a single, easy-to-use platform and aDolus’ FACT platform is the latest in Verve’s ability to both simplify and improve their client’s risk management.
To learn more about the partnership between aDolus and Verve Industrial to reduce risk in industrial environments, join our webinar on February 25th: Why 40 Years of Product Outsourcing, Corporate Acquisitions, and Bad Spelling Leaves OT Security Flaws Hidden.
About aDolus Technology Inc.
aDolus provides an ecosystem called FACT (Framework for Analysis and Coordinated Trust) for brokering information about IoT and Industrial IoT software. FACT helps facilities determine if updates are safe to install on mission-critical devices. FACT aggregates information from vendors, asset owners, system integrators, consultants, and security researchers, and applies decades of security expertise to build a “FACT score” of trustworthiness. Much like a FICO credit score, FACT makes it quick and easy to make installation decisions, enforce policies, and ensure governance of security processes via an audit trail. Visit us at www.adolus.com.
About Verve Industrial
Verve Industrial Protection has ensured reliable and secure industrial control systems for 25 years. Its principal offering, the Verve Security Center, is a unique, vendor-agnostic OT end point management platform that provides IT-OT asset inventory, vulnerability management, and the ability to remediate threats and vulnerabilities from its orchestration platform. Verve’s Design-4-Defense professional services support clients in ensuring their OT environments are designed and operated in a secure manner. To learn more about Verve Industrial, please visit us at www.verveindustrial.com