Advanced Vulnerability Grading Tool
Asset Vulnerability Management
A Global Power Research Institute
In Partnership with Black Ice, LLC
A web application for facility managers to cross-reference their own infrastructure and control system components against databases of known security vulnerabilities from the Department of Homeland Security’s (DHS) Alert and Advisory feed and the National Vulnerability Database from the National Institute of Standards and Technology. The tool aids in identifying relevant vulnerabilities and prioritizing and tracking response actions.
The Problem
Like many large organizations, electric utilities face infrastructure-security issues such as hardware failure, data breaches, or cyberattacks. As the electric power grid is such a high-profile target for attackers and would-be infiltrators, monitoring and remediating vulnerabilities is a top priority. However, the massive volume of data from multiple public sources of this information (billions of assets and vulnerabilities), combined with a lack of structural consistency in the data, make it daunting for utilities to effectively use the information and stay ahead of their vulnerabilities.
The Solution
YoJonesy partnered with the our clients Technology Innovation team to create a web application that acts as a dashboard for monitoring vulnerabilities. It normalizes data from multiple sources and provides a clean modern user experience that includes a fast and easy-to-use search capability and clear visual indicators of asset vulnerability mitigation status. The solution also included defining the IT infrastructure to scalably support the need to process enormous amounts of data.
Strategy
Search that Delivers
Less is more when trying to find the results of an asset and it’s vulnerabilities. There are billions of possible results when searching for assets and vulnerabilities and they are specific for each user.

By digging deep into the datasets and understanding the relationships between assets and vulnerabilities we built a powerful, fast search that delivers relevant results and peace of mind to the utilities based on their individual needs.
Manage, Report and Remediate
Utilities need to know which assets are vulnerable, report on the state of their assets and make a plan for remediation. The Advanced Vulnerability Grading Tool gives them the environment they need to evaluate, manage up/down and resolve their vulnerabilities all in service of keeping the lights on.
Key Takeaways
  • Normalizing data makes it usable
  • Identifying relevant assets and vulnerabilities requires intelligent search
  • Mitigation of security vulnerabilities is an increasingly urgent matter for utilities
Get in touch
Have ideas or questions? Let’s talk. We’d love to help.
Contact YoJonesy