Penetration Testing (PT), as the method to validate ranked vulnerabilities against the audited systems, can be executed by using several tools such as Metasploit, or using certain techniques in partial approaches such as NMap, SET, password cracking, wifi cracking, or even manual custom testing.
We offer PT to validate certain system vulnerabilities in ICS environment. Specific precautions for performing PT in ICS environment will be based on a case per case (based on initial assessment regarding system architecture, complexity, criticality, safety exposure, emergency preparedness, system capability, and some other consideration) prior to executing the PT under the life ICS environment. By default the PT in ICS environment is not performed in the life system, due to the risk exposure and business concern – seek the other alternative to reflect the audited system.