SCADA Testing Services

Due to the criticality of the systems that are being tested, Nettitude recommends a highly consultative approach to SCADA pen testing.

Nettitude conduct SCADA penetration testing techniques using proven approaches and methodologies. Our team of consultants have strong SCADA experience and have some of the most rigorous industry certifications.

Looking for specialist SCADA penetration testing services?

What is SCADA?

Supervisory Control and Data Acquisition (SCADA) control systems are frequently deployed in industrial, infrastructure and facility based processing environments. They are commonly within power, manufacturing, water treatment, oil and gas provision companies, and frequently fall within the jurisdiction of the CPNI, (The Center for the Protection of the National Infrastructure) and Natural Environment Research Council (NERC).

SCADA Environments become Attack Threats

Traditionally SCADA environments were completely closed systems, using their own isolated equipment and networking protocols. More recently however, SCADA environments are becoming IP enabled and being interfaced to IP gateways. As a consequence, the risks to SCADA environments are growing and organisations are actively looking at Vulnerability Assessment and Penetration Testing against these resources.

Nettitude’s Approach to Testing SCADA Networks

During the scoping phases, Nettitude looks to gain access to information about the systems being tested, and reviews this with the client to understand any perceived risks. Throughout the consultation phase, Nettitude will identify which aspects of the environment should be tested and whether sampling is appropriate.

Nettitude conduct controlled port and vulnerability scans, and then validates all output to identify which vulnerabilities could impact the environment. These techniques utilise both manual and automated approaches, and are highly respectful to the sensitivity and criticality of the systems that are being tested. Nettitude continues by assessing the security configuration and management of the SCADA network environment, paying particular attention to user management, access control and application level security parameters.

Intelligent Cyber Security and Risk Management    0345 5200 085