About AID
AID, the Automation Information Directory, is a security intelligence platform built for engineers and teams who work with ICS, OT, IIoT, and critical OS environments. It aggregates CVEs, EPSS exploitation scores, CISA advisories, JVN bulletins, and Ubuntu security notices across 130+ brands into a single, searchable feed.
Security engineers and OT/ICS practitioners who need to track vulnerability exposure across industrial platforms: Siemens, Rockwell Automation, Schneider Electric, Honeywell, and dozens more.
AID also covers the OS platforms that run alongside industrial systems: Windows, Linux, macOS, Ubuntu, Red Hat, Debian, Android, and others. These are the same platforms running on engineering workstations, HMI terminals, historian servers, and cloud-connected gateways.
Instead of manually checking the NVD, CISA, JVN, and vendor bulletins across dozens of brands, AID brings it all into one place. EPSS scores surface the vulnerabilities most likely to be exploited, so you know where to focus. Set up brand watchlists, get email alerts, and stay on top of disclosures the moment they are published.
NIST NVD
The National Vulnerability Database, the US government's official CVE repository. AID syncs CVE data across all indexed ICS/OT vendors and OS platforms, automatically mapped to brand profiles.
CISA ICS Advisories
The Cybersecurity and Infrastructure Security Agency publishes ICS-specific advisories that often cover vulnerabilities before they appear in the NVD. AID ingests these automatically.
CISA Cyber Advisories
CISA also publishes broader cybersecurity advisories covering OS platforms, enterprise software, and cross-sector threats. AID pulls these alongside ICS advisories and maps them to relevant brands.
FIRST EPSS
The Exploit Prediction Scoring System, maintained by FIRST.org, estimates the probability that a CVE will be exploited in the wild. AID syncs EPSS scores to help you prioritise which vulnerabilities to patch first.
JVN (Japan)
The Japan Vulnerability Notes database, operated by JPCERT/CC and IPA, publishes advisories that frequently cover industrial and embedded system vulnerabilities ahead of other sources. AID ingests JVN bulletins automatically.
Ubuntu USN
Ubuntu Security Notices published by Canonical. USN advisories detail patched CVEs across Ubuntu LTS releases, covering the kernel, core packages, and services commonly found on engineering workstations and servers.
Data is refreshed on a continuous sync schedule. Coverage spans 130+ brands across industrial automation, SCADA, PLCs, HMIs, IIoT devices, and key OS platforms including Windows, Linux, macOS, and more.
AID includes a suite of free cyber investigation tools for security practitioners. All tools use passive lookups: no active scanning, no traffic sent to target systems.
AbuseIPDB Check
Crowd-sourced IP abuse confidence score from the last 90 days. Shows total reports, ISP, country, and usage type.
GreyNoise Lookup
Classifies an IP as a known internet scanner (noise) or a known-good service (RIOT). Uses live GreyNoise community data.
AlienVault OTX
Returns threat pulse count, malware families, and reputation data for an IP or domain from Open Threat Exchange.
URLhaus Malware Check
Checks a hostname or URL against the URLhaus database of active malware distribution sites.
IP Reputation Check
Open ports, known CVEs, hostnames, and threat tags via Shodan.
DNS, WHOIS, SSL, IP Geo
Domain record lookup, registration data, TLS certificate inspection, and geolocation.
Industrial systems are high-value targets, but keeping up with vulnerability disclosures across dozens of vendors is slow, fragmented, and manual. Most security teams either miss disclosures or spend hours aggregating what should be automatic.
AID was built to close that gap, giving practitioners a fast, reliable feed tuned specifically to the brands they care about, without the noise of a general-purpose CVE tool.