LMNTRIX
Linkedin LMNTRIX
Crunchbase LMNTRIX
Facebook LMNTRIX

Industrial Control Assessment

INDUSTRIAL CONTROLS ASSESSMENT

The LMNTRIX ICS Security Assessment is designed to use non-invasive methods to provide an assessment of an industrial facility’s overall cyber security posture. This assessment is specifically designed to meet the needs of organizations concerned about the operational risk associated with aggressive probing, scanning, software agents, or other more aggressive security evaluation techniques. The LMNTRIX ICS Security Assessment combines a remote workshop-based ICS architecture review with detailed technical analysis of firewall configurations and active production ICS network traffic.

The LMNTRIX ICS specialists speak the language of Operational Technology (OT) and work directly with the engineers responsible for OT to adapt cyber security best practices appropriately for the ICS environment. We also work with IT security leaders to equip them with the domain knowledge and credibility required to engage their OT teams in effective cyber security discussions.

OUR APPROACH

The LMNTRIX ICS Security Assessment includes a combination of ICS staff interviews combined with an active network assessment using virtual sensors deployed within client network. Our approach includes the following services:

  1. Network segmentation review
  2. Security device configuration review
  3. Threat detection by tapping into the production ICS network
  4. Vulnerability assessment
  5. Final Report & Presentation

 

OT ASSET INVENTORY

LMNTRIX leverages unmatched OT protocol coverage and Passive, Active, and AppDB scanning capabilities to deliver complete OT visibility and asset management controls. Asset identification includes:

  1. Asset visibility: All devices on OT networks, including serial networks, as well as extensive attributes about each device
  2. Network Visibility: All OT network sessions and their bandwidth, actions taken, changes made, and other relevant details
  3. Process visibility: All OT operations and the code section and tag values of all processes related to OT assets
  4. Review of the existing architecture diagrams, dataflows and designs
  5. Inventory and evaluation of OT protocols that are in use
  6. Review any existing security standards for hardware and software deployment

 

THREAT MODELLING & CONTROLS PRIORITIZATION

Working closely with the client IT and OT teams we model and visually identify possible attacks on control systems to assist in prioritizing ICS control investments.

 

NETWORK SEGMENTATION REVIEW

This review includes the efficacy of the configuration and rule-sets of network security devices, such as firewalls. We review existing network segmentation and automatically map and virtually segment OT networks into Virtual Zones, which are logical groups of assets that communicate with one other under normal circumstances. Network segmentation review includes:

  1. Cross-zone violations
  2. Unintended connectivity from the ICS to the Internet or business network
  3. Dual-homed devices
  4. ICS protocols traversing the ICS firewall
  5. Anomalous computer-to-computer connections
  6. Customers without existing physical or logical segmentation can use Virtual Zones as a cost-effective alternative
  7. Customers seeking to implement physical or logical segmentation can accelerate such initiatives by using Virtual Zones as the blueprint

 

THREAT DETECTION

LMNTRIX uses multiple threat detection techniques over a period of two weeks to provide full monitoring coverage of OT security and integrity events. Detection methods include:

  • Anomaly Detection, which identifies changes in communication patterns
  • Security Behaviors, which identifies adversary techniques used in attacks against IT and OT networks
  • Known Threats, which identifies IoCs
  • Operational Behaviors, which identifies OT operations such as firmware upgrades
  • Custom Rules, which identifies user-defined events

 

VULNERABILITY ASSESSMENT

LMNTRIX uses a non-intrusive method of comparing each asset in an OT environment to an extensive database of insecure protocols, configurations, and other vulnerabilities tracked by LMNTRIX, as well as to the latest CVE data. This allows us to identify, prioritize, and remediate vulnerabilities for clients to address. The vulnerability assessment includes:

  • Full-Match Vulnerabilities: The complete OT visibility provided by LMNTRIX facilitates easy and accurate identification of full-match vulnerabilities
  • Attack Vector Mapping: This assessment identifies and analyzes all vulnerabilities and risks in an OT environment to calculate the most likely scenarios in which an attacker could compromise the environment
  • Risk-Based Prioritization: All vulnerabilities are scored based on the unique risk they pose, enabling more efficient and effective prioritization

 

WE HELP YOU:

  • Non-invasive assessment to reduce operational risks
  • Identify and inventory all OT assets
  • Identify and mitigate complex security vulnerabilities before an attacker exploits them
  • Analyze real-time threats and suspicious activity
  • Review network segmentations and propose any recommendations
  • Actionable recommendations based on the risks and concerns specific to your industrial process

 

WHAT YOU GET:

  • ICS Assessment Report
  • Presentation of our findings to the technical and executive stakeholders
Download our datasheet

download now

READY TO GET STARTED ?

Our security experts are standing by to help you with an incident or answer questions about our
consulting and managed detection and response services.

Privacy Statement | Terms of Use