performing-ot-vulnerability-assessment-with-claroty
Installation
SKILL.md
Performing OT Vulnerability Assessment with Claroty
When to Use
- When conducting scheduled OT vulnerability assessments per IEC 62443 or NERC CIP requirements
- When deploying Claroty xDome for the first time and performing initial asset discovery and risk assessment
- When correlating newly published ICS-CERT advisories against your OT asset inventory
- When prioritizing OT vulnerability remediation with limited maintenance windows
- When generating compliance evidence for CIP-010-4 vulnerability assessment requirements
Do not use for active vulnerability scanning of PLCs and safety systems (see performing-ot-network-security-assessment for passive approaches), for IT-only vulnerability management (see standard vulnerability scanners), or for penetration testing (see performing-ics-penetration-testing).
Prerequisites
- Claroty xDome or CTD (Continuous Threat Detection) deployed with sensors on OT network
- Network SPAN/TAP access for passive asset discovery
- CISA ICS-CERT advisory subscription for vulnerability tracking
- Asset inventory with firmware versions for all OT devices
- Change management process for patch deployment during maintenance windows