Operational Technology (OT Security)

Before we travel to the facility we will prepare for the on site visit by conducting document reviews, a Network Architecture, and discussions with your team. The goal is to familiarize ourselves with your product and develop a plan of action in advance. This preparation ensures we can make the most of our time onsite.

After gathering information, the next step involves planning and setting penetration testing objectives, agreed upon by both the tester and client. The pentester must fully understand the OT system, including its mission-critical components, functionalities, and end users. Key tasks include reviewing system documentation, researching products and vendors, and identifying known vulnerabilities and default credentials.

We will conduct a cybersecurity assessment and penetration test at your facility. Our assessment will identify all communication points in the OT system—such as Ethernet, Fiber, WiFi, USB, Serial Port, and HDMI—along with associated vulnerabilities and their exploitation. We will promptly inform you of any critical findings. For a thorough evaluation, we recommend executing each exploit individually during the security testing of OT networks or devices. This method helps identify the root causes of any unexpected failures. If an issue arises, we will immediately halt testing and notify you. We will aim to exploit all components within the OT network, including network infrastructure, host operating systems, PLCs, HMIs, and workstations, following standard practices in traditional network penetration testing.

The reporting phase aims to deliver, rank, and prioritize findings while generating a clear and actionable report for project stakeholders, complete with supporting evidence. Presenting the findings in person is the most effective way to communicate the results. We consider this phase crucial and take great care to ensure that we thoroughly convey the value of our services and findings. Once we complete the report, we will send it to you and review it through a web call

We produce clear and concise reports outlining the vulnerabilities identified, followed by in-depth discussions with your engineering team regarding each vulnerability's nature, impact, threat level, and recommendations for remediation. Our technical experts collaborate with the client’s engineering team to analyze the report and the associated bugs, detailing their impact scenarios. We engage in thorough discussions on strategies to eliminate vulnerabilities and strengthen the OT infrastructure.

The purpose of this assessment was to re-test all findings from the first round of penetration testing. During this re-testing, we provide updates on whether vulnerabilities are fixed, not fixed, or out of scope. The aim of this re-testing is to ensure that no vulnerabilities remain after the patching process, preventing attackers from exploiting any flaws in the application that could compromise your organization's security. The results from this round of re-testing will help the organization improve the security features of the medical devices. Significant findings from the assessment were communicated to management during or after the assessment, depending on the nature and risk level of each finding.