Security testing cyber lab

Vulnerability discovery

A wide range of industrial control and IoT devices can be tested, in order to expose vulnerabilities. Methods for vulnerability discovery provided by our cyber lab include:

• Penetration testing
• Fuzz testing
• White box / black box testing

Code analysis

Code analysis can be applied to industrial control and IoT devices, to ensure the appropriate sanitization. Applications we examine include:

• Control logic analysis (for industrial control devices)
• OWASP benchmarking

Vulnerability remediation

To countermeasure the vulnerability findings, we provide remidiation in the form of:

• Physical controls
• Architecture best practices

Our cyber testing team can examine a variety of hardware, software and protocols.

Hardware:

• Control devices: PLCs, RTUs, and DCUs
• Control network devices: I/O concentrators, control servers
• IoT: smart meters, smart domestic devices

Protocols:

• SCADA: Modbus, DNP3, IEC 60870, Profinet
• Wireless: Wi-Fi, Bluetooth, ZigBee

Software:

• SCADA software
• Web applications
• Mobile applications

Our consultants take a comprehensive approach to managing digital investigations. We leverage specialist skills, proven experience and advanced technology to deliver forensically sound results. Our digital investigations are carried out in our ISO/IEC 27001 certified laboratory, ensuring data security and client confidentiality are maintained at all times. 

Our eDiscovery and digital forensics security testing lab is controlled within a sandboxed network and used to conduct:  

• Malware analysis
• SCADA forensics
• Secure code development 
• Data collection from cloud based sources