What if a patch cannot be applied to an legacy PLC?

The skill provides guidance on implementing and documenting compensating controls, such as network isolation, firewall rules, or virtual patching via IDS/IPS.

Can I use this for active incident response?

No, this skill is designed for proactive maintenance. For active cyber incidents, you should use a dedicated OT incident response skill.

How does this differ from IT patch management?

OT patch management prioritizes process safety and availability over speed, requiring rigorous vendor validation and staging to prevent industrial downtime or safety hazards.

Does this skill help with NERC CIP compliance?

Yes, it includes specialized workflows for the 35-day evaluation window and documentation requirements specified in NERC CIP-007-6.

OT Systems Patch Management

Name: OT Systems Patch Management
Author: mukul975

bymukul975

•

4,120

•

セキュリティとテスト

Implements a structured patch management program for OT and ICS environments to ensure security without disrupting critical industrial processes.

This skill provides a comprehensive framework for managing patches in Operational Technology (OT) and Industrial Control Systems (ICS) where uptime and safety are paramount. It guides users through the entire lifecycle—from identifying vulnerabilities via ICS-CERT advisories to risk-based prioritization, staging in test environments, and coordinating maintenance windows. By addressing vendor compatibility and offering strategies for compensating controls when systems cannot be patched, it helps organizations maintain compliance with standards like NERC CIP and IEC 62443 while minimizing operational risk.

主な機能

01Compliance tracking for NERC CIP and IEC 62443

02Compensating control documentation for unpatchable systems

03Maintenance window and rollback procedure coordination

04Risk-based prioritization for OT/ICS assets

054,120 GitHub stars

06Vendor compatibility and testing workflows

ユースケース

01Preparing for industrial security compliance audits

02Establishing a formal OT patch program for critical infrastructure

03Responding to high-severity ICS-CERT security advisories

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add mukul975/anthropic-cybersecurity-skills implementing-patch-management-for-ot-systems

For use in Claude.ai and ChatGPT

主な機能

01Compliance tracking for NERC CIP and IEC 62443

02Compensating control documentation for unpatchable systems

03Maintenance window and rollback procedure coordination

04Risk-based prioritization for OT/ICS assets

054,120 GitHub stars

06Vendor compatibility and testing workflows

ユースケース

01Preparing for industrial security compliance audits

02Establishing a formal OT patch program for critical infrastructure

03Responding to high-severity ICS-CERT security advisories

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add mukul975/anthropic-cybersecurity-skills implementing-patch-management-for-ot-systems

For use in Claude.ai and ChatGPT