OT Audit


The OT pentest is performed in the majority of cases on an operational technology system that includes one or more PLCs and Human-Machine Interfaces (HMI).

The auditor is then placed in a controlled environment (test bench type, R&D laboratory) and will evaluate the security of industrial components by simulating attacks on the PLC and on the HMIs available according to the identified threat scenarios.

    OT penetration testing

    In which cases should you choose OT penetration testing?

    Carry out a pentest within a certification context (CE marking, FDA approval, others).

    Identify the vulnerabilities of OT components and their impacts in order to draw up an action plan.

    Mission organization

    An initiation meeting makes it possible to identify the needs and scope of the mission, as well as any constraints.

    A legal mandate between the different parties is published in order to supervise DSecBypasss audit service.

    The consultant in charge of the mission can be reached at any time during its execution and informs the customer in the event of a critical discovery.

    g

    Penetration test results

    The deliverables of the mission include a report as well as two optional restitutions.

    The report includes a summary of the results as well as the details of the identified vulnerabilities and recommendations.

    The technical restitution is an opportunity for the consultant to present his approach and his results in an interactive way, and to discuss with the client and his teams on the action plan. Managerial restitution makes it possible to address an executive audience.