Skip to main content
Assessment Services

Assessment Services

Evaluate and close gaps in your existing industrial cybersecurity program

Dragos offers a wide range of operational technology (OT) cybersecurity posture assessments, including Architecture Review, ICS Device and Application Vulnerability Assessment, ICS Network Vulnerability Assessment, and ICS Penetration Testing to help your industrial organization improve its cybersecurity defenses, reduce risk, and mitigate cybersecurity incidents. These assessments are typically the first step in our customers’ OT cybersecurity journey and provide a roadmap to a comprehensive strategy to reduce cyber risk and improve resiliency in their operations environment.

Benefits of Dragos Assessment Services

CONTACT US
Know if your critical assets are at risk icon
Know if your critical assets are at risk
Identify and close gaps in your security posture icon
Identify and close gaps in your security posture
Prevent attackers from exploiting your vulnerabilities icon
Prevent attackers from exploiting your vulnerabilities
Get actionable recommendations based on in-depth ICS threat intelligence and frontline expertise icon
Get actionable recommendations based on in-depth ICS threat intelligence and frontline expertise

Lessons Learned from the Front Lines

90% of Dragos Assessment Services customers had limited or poor visibility, and 88% had improper network segmentation, in their ICS environments.
Source: 2020 Year in Review
A cover photo for Dragos 2020 ICS Cybersecurity Year in Review.

Dragos Red Team: Real-World Findings

Executed the propagation of malicious logic file updates from one asset to the entire deployment.
Identified a Zero Day exploit to remotely execute arbitrary code as a read-only user on a Crown Jewel Human Machine Interface (HMI).
Discovered hard-coded credentials on an ICS that monitors Crown Jewels.

What We Offer

Architecture Review

Evaluate Your Existing Security Program 

  • Assesses your existing OT cybersecurity posture, including detection and protection capabilities; mapped to the MITRE ATT&CK for ICS framework or other industry standards.
  • Focuses on network architecture analysis, documentation review, and staff interviews to improve overall security of your ICS environment.
  • Provides tactical and strategic recommendations to mature your organization’s ICS security program.

ICS Device and Application Vulnerability Assessment

Identify Risks to Industrial Assets  

  • Identifies vulnerabilities in ICS hardware or software.
  • rovides visibility of risks to ICS environment.
  • Provides prioritized recommendations to mitigate risks.

ICS Network Vulnerability Assessment

Close Gaps In Network Defense 

  • Evaluates protection, detection, and response capabilities that currently exist in your ICS environment.
  • Identifies exploitable vulnerabilities in ICS environment.
  • Provides action items to strengthen OT cybersecurity posture.

ICS Penetration Testing

Prevent Severe Breaches 

  • Leverages real-world attacker tactics, techniques, and procedures (TTPs) gained from intelligence.
  • Identifies devices that could allow unauthorized access to critical ICS assets.
  • Dragos Red Team demonstrates how attackers can move through ICS environments..

Readiness Assessment

Build a Foundation of Best Practices 

  • Incident response plan document review.
  • Incident response C2M2 assessment.
  • Best practices recommendations.

Ready to Get Started?