NetSPI adds IoT penetration testing to its suite of offensive security services

Dec. 8, 2021
Led by IoT security expert Larry Trowell, the IoT pentesting services focus on securing ATMs, automotive, medical devices, operational technology, and other embedded systems.

Minneapolis, Minnesota -- December 8, 2021 -- NetSPI, a leader in enterprise penetration testing and attack surface management, today announced the launch of its IoT penetration testing services, which will be added to its existing suite of penetration, adversary simulation, and attack surface management capabilities. With the stark growth of IoT adoption over the past few years, pentesting is now a critical asset for companies to understand and assess the overall strength and accountability of their internet-connected systems against sophisticated and targeted cyber attacks.

NetSPI’s new IoT testing services encompass the following capabilities: 

  • ATM Penetration Testing. Identify the security issues and common vulnerabilities on relevant ATM systems and provide actionable recommendations for improving the overall security posture. Learn more about ATM pentesting.
  • ·Automotive Penetration Testing. Identify security issues on relevant vehicles and provide recommendations to improve the current systems – at any stage of automotive development. Learn more about automotive pentesting.
  • Medical Device Penetration Testing. Through a combination of threat modeling and penetration testing, determine possible medical device security risks and identify whether devices meet or exceed the current standards and recommendations by the FDA Premarket Cybersecurity Guidelines. Learn more about medical device pentesting.
  • Operational Technology (OT) Architecture and Security Review. Identify industrial control system (ICS) vulnerabilities with a focus on the OT processes in a Defense in Depth strategy. NetSPI will investigate the configuration and architecture of the systems and help address issues with asset inventory, network configuration, and segmentation. Learn more about OT architecture and security review.
  • Embedded Penetration Testing. Identify embedded system vulnerabilities in a multitiered penetration test across multiple disciplines. Look for security gaps at all stages of embedded development that may affect each layer of the device. Learn more about embedded pentesting.
“IoT has become part of our daily lives, but these devices and systems are often overlooked from a security perspective. Tapping into our innovation-driven culture and our best-in-class technologies, NetSPI’s IoT pentesting team is uniquely qualified to find and help fix the most critical security gaps in these systems," said Aaron Shilts, President and CEO at NetSPI. "Our team is currently gearing up for game-changing IoT pentesting projects in 2022. We were selected to test smart city technologies and ATM networks for some of the most transformative organizations in the world. NetSPI is thrilled to be a prominent player in future-proofing IoT security worldwide."

To keep up with the growth of IoT and assist with the complexity in this space, NetSPI has brought on one of the foremost IoT security experts, Larry Trowell, as Principal Consultant to provide additional leadership, guidance, and accountability within the IoT security practice. 

“IoT pentesting has become an important part of security strategy and business processes – especially given the increased connectedness in both personal and professional lives,” said Trowell. “There is currently a gap in the market to effectively monitor and assess the risks of these devices. NetSPI’s new offering allows our team to devote its resources and ensure the security of all embedded devices for our customers.”

To learn more about NetSPI and its IoT security capabilities, visit www.netspi.com.

About NetSPI

NetSPI is the leader in enterprise security testing and attack surface management, partnering with nine of the top 10 U.S. banks, three of the world’s five largest healthcare companies, the largest global cloud providers, and many of the Fortune® 500. NetSPI offers Penetration Testing as a Service (PTaaS) through its Resolve™ penetration testing and vulnerability management platform. Its experts perform deep dive manual penetration testing of application, network, and cloud attack surfaces, historically testing over 1 million assets to find 4 million unique vulnerabilities. NetSPI is headquartered in Minneapolis, MN and is a portfolio company of private equity firms Sunstone Partners, KKR, and Ten Eleven Ventures. Follow us on Facebook, Twitter, and LinkedIn.