Our services

OT security that
speaks industrial

Three service lines built specifically for production environments. Every engagement is scoped around your uptime requirements, your risk exposure, and your actual environment — not a standard IT security template.

Service 01
Asset visibility
OT asset management & inventory

You cannot defend what you haven't discovered. Most OT environments have grown organically over years — PLCs added, HMIs upgraded, historian servers never decommissioned. The result is a network nobody fully understands.

We deploy OT-safe passive and selective active discovery to build a complete, verified inventory of every device on your production network. No guessing. No spreadsheets from 2019.

Complete asset register: device type, vendor, firmware version, IP/MAC, and communication patterns
Network topology map showing OT/IT boundaries and internet-exposed assets
Identification of legacy devices, unmanaged endpoints, and rogue connections
CMDB-ready export compatible with your existing asset management tooling
Onsite deliveryZero production impact1–5 days typical
Protocols & platforms covered
  • Modbus, Profinet, EtherNet/IP, DNP3, OPC-UA
  • Siemens S7, Allen-Bradley, Schneider, ABB, Honeywell
  • Historians: OSIsoft PI, Ignition, Wonderware
  • HMI/SCADA: WinCC, FactoryTalk, iFIX
  • Safety instrumented systems (SIS/SIL-rated)
Frameworks aligned
  • IEC 62443-2-1 (IACS security management)
  • NIST SP 800-82 (OT security guide)
  • CISA ICS-CERT asset visibility guidance
Service 02
Vulnerability management
OT risk assessment & remediation planning

OT vulnerability management is fundamentally different from IT. You cannot simply patch a PLC running 15-year-old firmware because a scanner flagged a CVE. The risk of a failed update often exceeds the risk of the vulnerability itself.

We assess every finding in the context of your production environment — what can be patched, what requires compensating controls, what needs network isolation, and what requires a documented risk acceptance decision.

Prioritised risk register: each finding scored by exploitability, production impact, and proximity to safety systems
Remediation options per finding: patch, compensating control, isolation, or risk acceptance — with tradeoffs
Quick-win list: findings addressable in under one day with zero production impact
Technical report for your OT team plus executive summary for management
Onsite + remote optionsNo active scanning by default2–10 days typical
Assessment scope
  • CVE cross-reference for all discovered assets
  • Configuration review: hardening gaps, default credentials
  • Network segmentation: OT/IT boundary analysis
  • Remote access: VPN, jump servers, vendor connections
  • Patch status across all patchable devices
Deliverable format
  • Executive summary (1 page) for management
  • Technical report with full findings for OT team
  • Remediation tracker (Excel/CSV) for follow-up
Service 03
Professional services
Security testing, training & OT-SOC advisory

Beyond assessment, Sec4OT provides hands-on services for organisations that need to test their defences, train their people, and build detection capability in OT environments.

Live-hack simulation — Controlled attack demonstration on a digital twin. Shows your team exactly what an attacker could do and how it would appear in your monitoring tooling
Digital twin security lab — Mirror your production environment for testing without production risk. Ideal for patch testing, change validation, and red team exercises
OT security testing — Structured pen testing aligned to IEC 62443 zone/conduit model, with explicit scope agreed with your production manager before any test begins
Security awareness training — Operator-focused training in Dutch or English, built for SCADA operators, field engineers, and maintenance technicians — not the IT helpdesk
OT-SOC advisory — Design and implementation guidance for an Operational SOC — detection use cases, playbook development, and OT-specific incident response procedures
Dutch & EnglishOnsite deliveryScoped per engagement
Training audiences
  • SCADA operators & control room staff
  • Field engineers & maintenance technicians
  • OT/IT convergence teams
  • Plant managers & HSE officers
  • Executive & board level (tabletop exercises)
MITRE ATT&CK for ICS
  • All testing mapped to ATT&CK for ICS matrix
  • Findings linked to real-world threat actors
  • Detection gap analysis included

Scope your
engagement

Every engagement starts with a free intake call. Tell us about your environment and we’ll come back with a realistic scope, timeline, and price indication — usually within 24 hours.

info@sec4ot.nl
KvK: 89266692