Doing / Penetration testing

Our penetration tests are carefully conducted to check for cybersecurity flaws in your facility control systems, the medical devices you control or supply to others, and the IT systems controlling those devices.

Our objective is to discover cybersecurity defects that an attacker could exploit to get into a device or system and cause damage or loss. To do this, we use the same thought processes as attackers, seeing your assets from the outside as they do, instead of from the inside. We might take medical devices apart to see how an attacker could compromise the embedded hardware or software, or investigate how attackers could get into your facility security system via a compromised IT user account or even an employee pass card.

Our priority is also to ensure that our penetration tests do not have any negative impact on your organization. We confirm that we have your permission to conduct them before we start, and we make sure there are no undesirable side effects.

In consultation with you, we then translate our penetration test findings into directly actionable steps to protect your assets, patients, employees, and organizational reputation.

Our penetration tests are designed to help you understand and reduce risk before attackers arrive, confirm or comment on the effectiveness of cybersecurity measures already in place, and avoid possible regulatory fines by repairing defects ahead of time. We avoid any downtime while testing and help you prioritize actions by providing you with a report specific to your establishment.