Penetration testing, vulnerability assessment, and audit services
OKIOK's vulnerability assessment, penetration testing, and audit services for the the Energy sector and Smart Grid initiatives are performed according to our proprietary methodology, that allows us to find vulnerabilities that usually go undetected.
Our methodology is aligned with industry standard practices, including ISSAF, NIST-SP800, OSSTMM and OWASP. These are enhanced by using state of the art, proprietary attack methods that are the result of research conducted through academic and commercial activities at OKIOK.
Typical penetration testing and vulnerability assessment activities
Project initiation and technical information gathering
Identification of theoretical attack scenarios from analysis of information provided
Vulnerability assessment from theoretical attack scenarios
Selection of attack scenarios to be carried out
Vulnerability assessment from applying actual attack scenarios
Detailed reporting, and delivery of support material for further audits and risk mitigation
Detailed remediation plan addressing the issues raised during the assessment process
Vulnerability assessment and audit teams draw from the following profiles
Governance Group on Interventions Lead
Quality Assurance Lead
Project Manager
Senior Auditor
Technical Team Leader
Embedded Protocols Specialist
WAN & IAM Security Specialist
Vulnerability Testing Specialists
Certifications
OKIOK ensures that its specialists maintain adequate information security certifications such as:
