Industrial Control Systems Healthcheck

Reduce security vulnerabilities in SCADA and ICS environments
During an Industrial Control Systems (ICS) Healthcheck, Mandiant experts draw on our knowledge of advanced threat actors, security breaches and ICS domains to evaluate how well your ICS security program and architecture are segmented, protected and monitored.

Industrial Control System Healthcheck Overview
Overview
The ICS Healthcheck helps your organization assess its cyber security posture without the operational risk associated with software-based agents, network scanning and other aggressive and invasive assessment techniques. Incorporating their understanding of operational technology (OT), Mandiant consultants deliver a workshop-based ICS architecture review and provide a detailed technical analysis of and recommendations for your security environment.
Our Approach
The ICS Healthcheck applies an ICS risk analysis and threat modeling methodology followed by technical data analysis.
Risk analysis and threat modeling
-
Document current network
Mandiant consultants inventory and review your existing architecture documentation, communications protocols and security polices, standards, and procedures to thoroughly understand of your ICS security environment. -
Develop threat model
Our experts work with your IT, operations and engineering staff to identify the high-likelihood and high-risk attack vectors and targets. -
Prioritize controls
Using the threat model, Mandiant professionals help your team select and prioritize security controls to address recognized anticipated threats.
Technical data analysis
-
Review network segmentation
Our consultants deploy a FireEye Network Forensics Platform device on your network and then analyze network packet capture files to determine the types of security risks you face. -
Review security device configuration
Mandiant experts determine how you have configured your network security devices and verify the efficacy of their rule sets.
What you get
- Threat model diagram
- ICS Healthcheck report
- Strategic and technical recommendations
Critical Infrastructure Solution Brief
Non-invasive protection across operational and information technology assets.
Six Subversive Security Concerns for Industrial Environments
Mitigate six hidden plant floor weaknesses that adversaries exploit to undermine operations. Read our step-by-step checklist.
Cyber Attacks on the Ukranian Grid: What You Should Know
This report details the use of the BlackEnergy3 distributed denial-of-service attack tool by the Sandworm team, along with best practice defenses.