As industrial control systems become ever more interconnected, it’s key to ensure their cyber resilience. Penetration testing, also known as pen testing or ethical hacking, can provide valuable insights into the vulnerabilities of an organization’s IT and OT infrastructure. Our team of OT cyber security professionals will analyze network environments to discover potential vulnerabilities and attempt to exploit those vulnerabilities just like a malicious actor would, but without disrupting your operations.
Red Trident’s OT and ICS penetration tests are custom-tailored to each organization. We assess specific aspects including critical systems, networks, and/or applications. By leveraging real-world advanced persistent threats (APTs) tactics, techniques, and procedures, Red Trident can bridge the gap between the IT and OT teams of your organization. Rather than each department working separately, this approach produces a holistic view of your ICS security posture and reduces conflicts often seen between these two departments.
We work directly with customers to tailor a penetration test specifically for their organization. We uncover potential misconfigurations and/or vulnerabilities without negatively impacting or disrupting processes.
Find Vulnerabilities Others Overlook
There are many penetration testing companies, but very few focus on ICS environments and OT security. The Red Trident Team has decades of experience across multiple ICS environments and verticals. We understand that production environments are sensitive and often very complex. We recognize that even potential small interruptions to the operation can have a profound impact on the outputs.
Red Trident’s Penetration Scoping Process
We understand that common mitigation controls, such as patching, might not be possible due to the sensitivities of solutions and technology commonly found within ICS environments. For reasons like this, our penetration testing process includes collaboration and working with your team to make sure we’re addressing your concerns and unique business environments.
What’s Included in the Penetration Test
Once testing is concluded, customers can expect to receive a report consisting of the following components:
Why Red Trident
We work with you and do our best to be your cybersecurity partner. We listen to your concerns and make sure that we’re aligned with your business priorities. We don’t just come in, sell a service, write a report and walk away. We’re here for you. We explain our findings, answer any questions you might have and work with you to help where needed.
Unlike most penetration testing companies, we have the expertise to offer remediation services, especially when it comes to critical infrastructure. And if you have your own team, that’s great! We’re happy to take a step back as your team handles the remediation (or parts of it). We can also provide training to your team if they need some assistance. We’re flexible.
Our team consists of leaders in the ICS field with decades of combined experience in the public sector, private sector, and military. We’ve presented at major security conferences such as DEF CON, BlackHat, various ISAC’s, SANS ICS Summits, etc. We also understand how to communicate in a way that is easy to understand so you don’t end up feeling overwhelmed or confused.
Where are the penetration tests conducted?
We can conduct penetration tests either onsite or remotely. We typically recommend remote but in rare cases that involve very complex environments, an onsite visit can be arranged, especially if you’re requesting a physical security or social engineering penetration test. Remote lets us do testing with less set-up time and is more cost effective, while still providing vital insight into the threat landscape of your organization.
How will this affect operations?
We work with you to develop rules of engagement such as respecting windows of time where testing should not be performed, not using tools that may result in high volume network traffic or could cause denial of service situations, etc. Our goal is to discover your vulnerabilities without negatively impacting your operations. We’re happy to work within whatever constraints you have.
Do you offer remediation services?
Yes, we offer many options. We can take care of remediation for you or work together with your team to handle components that are outside their expertise. We also offer training options if that’s something that you’re interested in.
What happens after the penetration test and remediation?
During remediation, you can send your test back over to the penetration testing firm for retesting, and receive a revised report to make sure all fixes have been implemented correctly. Security is an ongoing matter…we recommend you continue with maintaining security updates, regular scans and incorporate security best practices. It’s also great to schedule a date for your next pentest.
How often do you recommend pentesting?
The minimum recommended interval is once per year or after significant changes to infrastructure or business operations have been made. However, depending on the business criticality of the systems being tested, some businesses opt for quarterly or monthly testing. Organizations with high-security requirements may also be required to complete a pentest at specific intervals for compliance or when a merger or acquisition (M&A) is being considered.
Schedule a Call
Schedule a brief call to learn more about Red Trident’s penetration tests to see if it’s a good fit for you