The new product offering for patch gap and update management, being marketed by FoxGuard Solutions is a result of a multi-year project and a $4.3 million Cooperative Agreement awarded in 2013 from the U.S. Department of Energy’s Cybersecurity for Energy Delivery Systems (CEDS) division.
FoxGuard Solutions leveraged the ConsoleWorks Platform along with their own technologies to develop a solution to help companies identify and mitigate gaps in the security of their systems for IT & OT assets.
The ConsoleWorks Platform can determine the current patch level across all assets. FoxGuard extended the capability to determine which patches are security related and the priority level. By analyzing the relationships between packages, updates, and dependencies, FoxGuard’s Patch Gap product can lay out the shortest, most secure, and safest path for a cyber asset.
ConsoleWorks takes the results generated by FoxGuard and produces simplified yet comprehensive dashboards and associated reports of the current patch situation – across all assets. The simplified view enables companies to assess risk according to their management policies and adhere to compliance and security priorities.
FoxGuard Solutions was tasked with researching, developing, and demonstrating technology and techniques to identify and verify the integrity of updates and patches for energy delivery systems software, hardware and firmware, while also facilitating the deployment of those updates.
Key Elements:
• Patch & Update Data Aggregator & Web Portal
• Patch & Update Authentication
• Validation Techniques
• Query Engine
The Patch and Update Management Program simplifies the process of understanding what patches are available for energy delivery industrial control system devices for both end users and equipment vendors, while also simplifying the ability for a utility to adhere to NERC CIP v6 requirements involving patching, ultimately leading to a safer grid. Read press release.
