- Lack of device/process control documentation
- Lack of OT/ICS engineer knowledge of cybersecurity incident response protocols
- Embedded/proprietary OS, often unpatched
- Lack of network layout knowledge
- Difficulties acquiring forensic images and other supporting evidence
- Unclear cause vs. effect pathology
OT/ICS Incident Response & Forensics
Industrial control systems present unique challenges in cybersecurity incidents.
OT/ICS devices are used in every industrial and critical infrastructure setting imaginable.
From manufacturing, food and beverage production, water treatment, traffic lists, and environmental safety and controls, to name just a few. When a cybersecurity incident occurs in an OT/ICS environment, life safety is often on the line.
Unfortunately, when an incident occurs, there are often conditions such as:
Variety is the spice of life...and a key characteristic of application security testing skills and services.
Rule4 performs a variety of application security testing services, usually based on the Open Source Security Testing Methodology Manual (OSSTMM) and the OWASP methodologies. We bring a wide array of unique skills and certifications to the table, and whether we’re testing an end-user application, API, or microservice, we analyze everything from the business logic to browser-resident code, from subsystems to databases.
We can help!
Let us help solve some of the unique challenges you’ll face in ICS incident response.