In this episode, we explore how often OT teams really need to refresh asset-inventory data and what MITRE’s near-miss funding lapse for the CVE program means for vulnerability management. Join host Ken Kully, Systems Support Lead at Verve Industrial, and his guests Natalie Kalinowski (OT Security Specialist), Lance Lamont (Team Lead, Special Projects & Protocols), Andrew Wintermeyer (Senior ICS Architect), and Tyler Bergman (Principal Security Consultant) as they discuss scan cadences, change-detection value, and building redundancy into threat-intel pipelines. Key Takeaways Context drives cadence. Fan speed may need minute-level polling, firmware often does not. Redundancy is resilience. Blend NVD, CISA, MITRE, and vendor advisories to survive feed outages. CVE is a language, not the cure. Losing it wouldn’t add vulnerabilities, but it would cripple prioritization. Change detection turns inventory data into real-time alerts for unauthorized config tweaks. Timestamps 00:00 – Introduction and sound check 03:30 – Why “asset-data freshness” landed on today’s agenda 04:10 – MITRE CVE funding scare: what happened and why it matters 10:50 – OT vs. IT views on vulnerability backlog and enrichment 18:00 – Mapping scan frequency to business need 24:40 – Change management and configuration-drift detection 33:00 – Diversifying data sources beyond NVD 38:50 – The proposed “CVE Foundation” for long-term stability 42:40 – Building redundancy into threat-intel pipelines 44:50 – Listener poll results: hard-rock “Legacy Code” wins 46:15 – Sign-off and credits Listener Q&A We're happy to announce that the hard rock version of Legacy Code on the Conveyor Belt was far-and-away the fan favorite! Download it now! Guest Information Natalie Kalinowski: OT Security Specialist at Verve Industrial; leads proof-of-value engagements and vulnerability mapping. Lance Lamont: VP, Solutions Engineering at Verve Industrial; directs driver development and asset-inventory strategy. Andrew Wintermeyer: Senior ICS Architect at Verve Industrial; designs secure network architecture for critical infrastructure. Tyler Bergman: Principal Security Consultant at Verve Industrial; focuses on risk prioritization and framework alignment. Subscribe Follow and Subscribe Get in Touch LinkedIn | YouTube | Twitter/X | Contact Verve I Listener Q&A

Ver todos los episodios