ICS penetration testing services

Our services include penetration testing, vulnerability assessment of control systems and network health verification.

Penetration testing services

Our ICS penetration testing services enable you to find weaknesses in your network perimeter. The penetration testing commences by scanning the network to determine what types of hardware are connected and the operating systems being used. Then we search for unpatched vulnerabilities in those devices and attempt to exploit those vulnerabilities to gain access to the network. The penetration testing services are supported by our ethical hackers group, who have a background in IT and engineering, and certification according Certified Ethical Hacker (CEH), GXPN, GPEN, Global Industrial Cyber Security Professional (GICSP).

Securing control systems, preventing cyber security breaches

A common design principle is to ensure that programmable logic controllers (PLCs) and the network infrastructure that is used to connect them, operate in a secure environment (i.e. sealed from malicious attackers). In practice, ICS are often inadvertently connected to other networks, which can allow remote access through open networks or the Internet. Our ICS penetration testing services will identify such weaknesses, consider the possible impacts and then suggest corrective actions.

The competence of DNV within ICS and IT architectures is unmatched when examining critical parts of control system networks. Our ICS penetration tests aim to reveal vulnerabilities, regardless of whether they can only be exploited by: a highly skilled malicious attacker; a determined hacker; a disgruntled employee; or even a hardware/software failure. Our cyber security approach is based on recognized standards and recommendations, such as ISO 27000 series, IEC 62443, NIST 800 framework, among others.

Our ICS penetration testing services:

  • ICS penetration testing and testing of network segregation
  • Stress and robustness testing
  • Phishing campaigns
  • Screening running services, patches and firmware
  • Authentication weaknesses
  • Portable media security
  • Known and unknown vulnerabilities
  • Traffic anomalies
  • Degradation of networked equipment
  • Software quality
  Cyber security services

Cyber security services

Get an overview of the cyber security services

  WEBINAR

WEBINAR

How to test operational environments for cyber vulnerabilites without disrupting operations

Related articles

  The seven phases of a cyber attack

The seven phases of a cyber attack

In the cyber security industry, we are seeing a change in the way that hacks are performed

  When hackers hack, fight back - with these six steps

When hackers hack, fight back - with these six steps

Six steps to prepare yourself

  Can we secure the cyber-physical domain?

Can we secure the cyber-physical domain?

Powered by digitalization

  Ethical hacking

Ethical hacking

The white hats in DNV cyber security services

Industry specific services

 

Maritime industry

Maritime cyber security services and solutions

 

Oil and gas industry

Information risk management

 

Energy industry

Cyber security in energy

Related info

 

Cyber security and network resilience

Download the flier

How can we help you with cyber security?

Contact us