OT Assessments & Penetration testing in Live environments

Industrial environments are increasingly attractive targets for adversaries due to their critical role in supporting essential business operations and national infrastructure. With regulations such as NIS2 raising the bar for cybersecurity, many organizations and in some regions, entire industries are now required to conduct periodic security testing of their operational technology (OT) environments. Because shutting down production systems is often too costly, impractical, or simply impossible, it is essential to understand how to conduct security assessments and penetration tests safely in live OT environments.

Requirements:

  • Understanding of cybersecurity architectural aspects in industrial environments
  • Knowledge of how remote access is implemented in industrial environments
  • Familiarity with industrial vendors' cybersecurity methods and operational practices
  • Understanding of assessing vulnerabilities in industrial environments
  • Knowledge of methods for detecting cybersecurity attacks in industrial environments
  • Understanding and familiarity of basic penetration testing technique

Who Should Attend?

This training is designed for OT engineers, IT personnel, and other technical staff who want to deepen their knowledge of live OT assessments and penetration testing and the ways industrial environments can be attacked.

Training Overview

The OT Assessment & Penetration Testing in Live Environments training equips engineering, operations, and security professionals with the mindset, methodologies, and techniques required to perform security testing in these fragile and mission-critical environments. A core element of the course is learning how to apply the appropriate methods, techniques, and safety precautions necessary to maintain system availability during testing. Participants also develop a deeper understanding of how to implement, refine, and build upon these skills to advance their OT security testing capabilities across live networks and systems.

Key Learning Areas:

  • Plan and execute safe, effective, and high-value OT security assessments and penetration tests, including both passive and active techniques.
  • Align OT assessments and penetration tests with organisational and operational security objectives.
  • Identify realistic OT attack scenarios targeting critical assets and components.
  • Engage and communicate with stakeholders to define expectations, goals, scope, and measurable outcomes for the assessment or penetration testing project.
  • Select appropriate testing methods for different OT zones, such as the IDMZ and lower Purdue levels, and understand the benefits of integrating the ICS Cyber Kill Chain into testing activities.
  • Evaluate tools and techniques for safety and effectiveness before applying them in a live OT environment.
  • Identify relevant targets and map applicable adversary Tactics, Techniques, and Procedures (TTPs).
  • Produce a comprehensive, actionable, and high-value OT assessment and penetration test report.

Contact us if you would like more information about the details of the training.

Introduction Training
Modules

Training

Explore our introductory training modules designed to kickstart your journey into the world of ethical hacking and industrial cybersecurity.

Blog 3

Introduction to industrial cybersecurity

Gain a solid foundation in industrial cybersecurity and its key elements. This training provides a high-level overview of industrial cybersecurity.

Learn More
Blog 3

Introduction to Industrial Hacking

This training provides a strong foundation in attack techniques and methods for industrial environments—all in a fun and engaging way!

Learn More
Blog 3

Industrial Cybersecurity architecture and vulnerabilities

Learn how to build a strong industrial cybersecurity architecture and gain in-depth knowledge on how to protect industrial environments effectively.

Learn More

Ready to Join the Fun?

Don't just learn - experience cybersecurity like never before! Step into the world of industrial cybersecurity, role-play as a part of the Ugly Duckling Hacking Group, and gain hands on skills in a creative and engaging way.

Find us

Call Us

Please send a e-mail.

Please send a e-mail

hackers@theuglyduckling.dk

Address

Myrholmen 35, 2760 Måløv, DK

Contact info

Keep In Touch

We prioritize responding to your inquiries promptly to ensure you receive the assistance you need in a timely manner

Full Name
Email
Type your Message...