Operational Technology Vulnerability Solution Management

  • Release version: Australia
  • Updated March 12, 2026
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Operational Technology Vulnerability Solution Management

    Operational Technology Vulnerability Solution Management is a feature in the Operational Technology Vulnerability Response application, introduced in the Xanadu version. It streamlines the process of addressing vulnerability findings by automatically correlating them with effective remediation solutions, thereby reducing manual effort and errors common in large organizations. This feature allows security and IT teams to prioritize remediation actions based on the severity of vulnerabilities and implement compensating controls when immediate patching is not feasible.

    Show full answer Show less

    Key Features

    • Automatic correlation of vulnerability findings with remediation solutions.
    • Prioritization of remediation actions based on vulnerability risk severity.
    • Support for Common Security Advisory Framework (CSAF) for standardized security advisories.
    • Configuration through Setup Assistant for easy integration.
    • Import options for CSAF data via file import, CSAF URL, and advisories or APIs.
    • Support for importing CSAF data from individual vendors, ROLIE Feed, and Trusted Providers.

    Key Outcomes

    By utilizing the OT Vulnerability Solution Management feature, organizations can effectively manage their vulnerability responses, improve information exchange with standardized formats, and significantly reduce the time and effort needed to address vulnerabilities. This results in enhanced security posture and streamlined operations within the IT environment.

    Starting from the Xanadu version, Operational Technology (OT) Vulnerability Solution Management is a feature available within the Operational Technology Vulnerability Response application.

    Security and IT teams often spend a significant amount of time and effort to research vulnerability findings and identify the most effective solutions for their environment. In large organizations, translating vulnerability findings into remediation tasks is a manual, tedious, and error-prone process due to the volume and complexity of the vulnerabilities.

    OT Vulnerability Solution Management automatically correlates the vulnerability findings in your environment with possible solutions that remediate them. You can identify the remediation actions that apply to your vulnerabilities and prioritize them by the severity of the vulnerability risk. Also, you can mitigate the risk posed by vulnerabilities that cannot be patched immediately by using compensating controls for OT. For more information, see Use compensating controls for Operational Technology.

    The OT Vulnerability Solution Management feature is based on the feature available in the Vulnerability Response application. For more information on Vulnerability Solution management, refer to Vulnerability Solution Management.

    OT Vulnerability Solution Management supports the generic format for solution intelligence integration. The generic framework for solution intelligence integration ingests data in different file formats from solution vendors. These formats speed up information exchange and processing. It also improves critical security-related information sharing in a standardized reporting format. The supported file format is the Common Security Advisory Framework (CSAF), which is an open-source standard that provides JSON-based structured, machine-readable security advisories. Major vendors such as Cybersecurity & Infrastructure Security Agency (CISA), Siemens, Hitachi, Schneider Electric, and others support the CSAF format.

    The CSAF supported solution management includes the following key features:
    • Configuration through Setup Assistant. For more information, see Configure vulnerability solution providers.
    • Support of importing CSAF data through file import. For more information, see Import Common Security Advisory Framework data through file import.
    • Support of importing CSAF data through CSAF URL. For more information, see Import Common Security Advisory Framework (CSAF) data through CSAF URL. OT Vulnerability Solution Management enables you to import CSAF data from:
      • Individual vendors that support CSAF format and have a CSAF URL ROLIE Feed. You can use the CSAF URL ROLIE Feed provided by the vendor to import the CSAF data. For example, the Siemens URL ROLIE Feed.
      • CSAF Aggregators or Trusted Providers through a URL import that supports the ROLIE Feed. You can import CSAF data of multiple vendors from a Trusted Provider. For example, CISA is a Trusted Provider and you can import CSAF data of multiple vendors from the Industrial Control System (ICS) CSAF advisories located at the CISA’s GitHub CSAF repository. These vulnerability solutions are automatically mapped to the correct vendor and vulnerable items (VITs) based on the Common Vulnerabilities and Exposures (CVEs). Using a Trusted Provider reduces the time and effort required to import CSAF data from individual vendors' CSAF URLs.
    • Support of importing CSAF data through advisories or using the APIs. For more information, see Import Common Security Advisory Framework data from advisories.
    Note:
    Navigate to All > Vulnerability Response > Solutions > All to view the list of solutions you have imported using the preceding methods.

    The Vulnerability Response plugin takes care of updating the metrics statuses of the created solution.