ICS Pen Testing

New exploits and vulnerabilities are being discovered daily (Zero-Day exploits). Commercial Antivirus solutions cannot protect against zero-day exploits. Nor are commercial AV solutions designed to detect ICS threats. With every ICS network being different it is important to carry out vulnerability assessments regularly and apply vendor certified patches.

Even with air-gapped systems there is still a need for some vulnerability assessment. Over time these air-gaps can weaken and regular pen testing provides assurance the system is secure.

TES Cybersafe ICS Pen Testing

1.

Identify risks / implement quick wins

2.

ICS Baseline capture

3.

Red Teaming

4.

Develop risk reduction plan.

5.

Develop system hardening procedures.