Skip to main content

Free audit program · v0.1.0

ICS / OT Device Vulnerability — Audit Program

Vulnerability disclosed in an industrial / building-control device. Implies the device may be reachable from the corporate network or directly from the internet. Calls for network segmentation, asset inventory and vendor patch tracking.

  • vulnerability target area
  • framework
  • 5 controls in this program
  • Mustafa Senior Reviewer
Sign in to run → Back to library

About this program

Threat context: ICS / OT Device Vulnerability

This program audits the controls that mitigate the above threat. Each procedure references one mapped control. Run the program to score your exposure.

Risks addressed

Controls (5)

  1. Patch management

    Patch management is the process of identifying, testing, approving, and deploying security updates and software patches to systems, applications, and firmware across the enterprise. Organizations maintain an inventory of all patchable assets, establish risk-based prioritization criteria (such as CVSS scores…

    How to test + evidence

  2. Vulnerability scanning

    Vulnerability scanning is an automated security practice that systematically probes network-connected systems, applications, and infrastructure components to identify known security weaknesses, misconfigurations, missing patches, and exploitable vulnerabilities. Organizations deploy authenticated and unauthenticated scanners on scheduled intervals (typically weekly or monthly…

    How to test + evidence

  3. CVE-driven prioritisation

    CVE-driven prioritisation is a vulnerability management approach that ranks and schedules remediation activities based on the presence of publicly disclosed Common Vulnerabilities and Exposures (CVE) identifiers, their severity scores (CVSS), exploitability metrics, and threat intelligence indicating active exploitation. Organizations integrate…

    How to test + evidence

  4. Web application firewall

    A web application firewall (WAF) is a security appliance or cloud service that inspects HTTP/HTTPS traffic between clients and web applications, blocking malicious requests based on signatures, behavioral analysis, and policy rules. The WAF filters common attack patterns including SQL…

    How to test + evidence

  5. Network segmentation between user and server tiers

    Network segmentation logically separates the user workstation tier from the server / data tier so that compromise of a single endpoint cannot grant direct lateral movement into critical infrastructure. Effective segmentation uses VLANs, host-based firewalls, identity-aware proxies and explicit east-west…

    How to test + evidence