Run scheduled jobs to perform Hardware Vulnerability Assessment

  • Release version: Xanadu
  • Updated January 10, 2025
  • 2 minutes to read

    • Execute scheduled jobs to perform hardware vulnerability assessment.

    Before you begin

    Role required: sn_otvr.vul_event_manager

    Hardware Vulnerability Assessment is based on the vulnerability assessment feature in Vulnerability Response. Before scheduling the jobs for HVA, navigate to All > Vulnerability Response > Administration > Integrations and run the following NVD integrations:
    Table 1. NVD integrations
    Integration Description
    NIST National Vulnerability Database Integration - API (CVE only) Retrieves only NIST NVD vulnerability data (CVE). By default, this integration is automatically set to run daily.
    NIST National Vulnerability Database Integration-API (CPE only) Retrieves CPE data from NIST NVD. This integration is inactive by default.

    Activate this integration to capture CPE data that includes a formal name format, a method for checking names against a system, and a description format for binding text and tests to a name. This information is stored in Vulnerable Software.

    This integration is set to run daily and is inactive by default. For more information, see Activate the NIST National Vulnerability Database–API (CPE only).
    NIST National Vulnerability Database Integration-API (Unmapped CPE) Retrieves CPE data associated with fetched CVE from NIST NVD. This integration is inactive by default.

    Activate this integration to capture CPE data that includes a formal name format, a method for checking names against a system, and a description format for binding text and tests to a name. This information is stored in an NVD vulnerability entry record related list. This integration is set to run On Demand and is inactive by default. For more information, see Activate the NIST National Vulnerability Database–API (Unmapped CPE).
    For more information, see:

    About this task

    You must perform the following scheduled jobs to detect firmware vulnerabilities of any OT devices in the inventory:

    Procedure

    1. Navigate to Scheduled Vulnerability Assessment Jobs > Configure > Scheduled Jobs.
      Important:
      • You must run Hardware Assessment - Full before you schedule the Hardware Assessment - Delta job. You can run the Hardware Assessment - Full job on demand.
      • You can schedule Hardware Assessment - Delta job to run daily, weekly, or according to your required frequency.
    2. Select Hardware Assessment - Full > Execute Now.
      This job performs an assessment on all OT devices in the inventory to detect any firmware vulnerabilities regardless of prior assessments.
    3. Select Hardware Assessment - Delta > Active.

      Select Run and choose a frequency from the list. The Hardware Assessment - Delta job runs according to the frequency that you select.

      This job performs incremental assessments, targeting only changes or updates since the last assessment run. It captures changes on firmwares, normalized contents, and vulnerabilities since the last successful run of the hardware vulnerability assessment. This job makes sure you can maintain continuous monitoring and timely updates.