OT/ICS Incident Response & Forensics

Industrial control systems present unique challenges in cybersecurity incidents.

OT/ICS devices are used in every industrial and critical infrastructure setting imaginable.

From manufacturing, food and beverage production, water treatment, traffic lists, and environmental safety and controls, to name just a few. When a cybersecurity incident occurs in an OT/ICS environment, life safety is often on the line.

Unfortunately, when an incident occurs, there are often conditions such as:
  • Lack of device/process control documentation
  • Lack of OT/ICS engineer knowledge of cybersecurity incident response protocols
  • Embedded/proprietary OS, often unpatched
  • Lack of network layout knowledge
  • Difficulties acquiring forensic images and other supporting evidence
  • Unclear cause vs. effect pathology

Variety is the spice of life...and a key characteristic of application security testing skills and services.

Rule4 performs a variety of application security testing services, usually based on the Open Source Security Testing Methodology Manual (OSSTMM) and the OWASP methodologies. We bring a wide array of unique skills and certifications to the table, and whether we’re testing an end-user application, API, or microservice, we analyze everything from the business logic to browser-resident code, from subsystems to databases.

We can help!

Let us help solve some of the unique challenges you’ll face in ICS incident response.