Various embodiments described herein relate to an asset discovery engine with a deep vulnerabilities scanner with respect to assets in an industrial network. In an embodiment, a request to perform an asset vulnerability assessment of one or more assets within a network is received, the request comprising an asset descriptor describing the one or more assets. In response to the request, aggregated asset property data associated with the one or more assets is obtained based on the asset descriptor. Furthermore, the asset vulnerability assessment is performed based on the aggregated asset property data and asset vulnerability signature data stored in an asset vulnerability signature repository. In response to determining that the asset vulnerability assessment satisfies a defined criterion, one or more actions associated with the network are performed.