Penetration Testing

Penetration testing is conducted on a vessel in order to identify and exploit any vulnerabilities of the IT or OT infrastructure on board, monitor compliance, calculate the effectiveness of the existing security controls and estimate risk.

We offer three types of Penetration testing, Black Box, Grey Box and White Box:

Black Box penetration testing is performed having limited or no knowledge of the infrastructure on board and simulates an attacker from the internet.

Grey Box penetration test is also performed having limited knowledge of the infrastructure on board but simulates an attack from an “insider”, for example guests or unauthorized users from third parties that have access to vessel’s internal infrastructure.

The White Box approach is designed to provide a comprehensive security assessment with full knowledge and elevated privileges such as an internal user/crewmember inside the vessels internal network. This scenario can also simulate the scenario of an external attack from hackers who have managed to gain remote access to an internal asset.

For more information on the service and how it can be adjusted to your needs, please contact our sales team on