EU CRA
Testing obligations covered
Repeatable, documented methodology for Cyber Resilience Act product security requirements.
0
Disruption to live operations
Protocol-aware, operationally safe by design. Network testing and device testing. Neither touches what is running.
∞
Novel exploits generated
OneIQ generates exploits for unknown vulnerabilities. No other OT testing tool does this.
OT Security Teams
Pen test your OT environment without disrupting operations. Validate vulnerabilities with working exploits, not theoretical findings. Test both network infrastructure and device firmware. Track findings across assessment cycles. Get expert validation when you need it.
OT Device Manufacturers
Meet EU Cyber Resilience Act testing obligations before your devices ship. Device-level testing. Firmware analysis. Repeatable across product lines. CRA-compliant reporting is built-in.
Incident Response Teams
When a vulnerability surfaces in your environment, validate it immediately. Generate exploits for novel flaws. Test remediation effectiveness. Document findings with evidence.
Network and infrastructure testing
Industrial networks run protocols and devices that standard pen-testing tools weren't built for. Modbus, DNP3, EtherNet/IP, Profinet. And they can't afford disruption. OThello tests OT network infrastructure without touching live operations. It can identify vulnerabilities in deployed network topology, PLCs, HMIs, and engineering workstations.
Device and firmware testing
Industrial devices, PLCs, RTUs, IEDs, embedded controllers, ship with firmware that attackers target directly. Device-level vulnerabilities often surface during deployment, not at the network layer. OThello performs device and firmware testing at the component level, without requiring a live connection to operational systems.
Passive network reconnaissance
Maps the OT network topology without active probing. Identifies devices, protocols in use, zone boundaries, and communication patterns. No disruptive traffic generated, reconnaissance happens through passive observation and existing network telemetry.
AI-recommended test cases
OneIQ generates a prioritized list of test cases based on the discovered topology, device types, and protocols. Recommendations are specific to your environment and ranked by relevance and potential impact.
Protocol-aware vulnerability scanning
Scans for known vulnerabilities across OT-specific protocols: Modbus, DNP3, EtherNet/IP, Profinet, BACnet, and others. Safe by design, understands protocol behaviour and avoids commands or traffic that could cause device malfunction.
AI-generated exploits for unknown vulnerabilities
When OThello identifies a vulnerability with no publicly available exploit, OneIQ generates one. This capability is unique to OThello. It allows you to validate theoretical vulnerabilities with working proof-of-concept code.
Safe exploit simulation
Runs exploits in a contained simulation environment before attempting them on real devices. Validates that the exploit works, that it targets the intended flaw, and that it won't cause unintended side effects.
Actionable findings report
Generates an audit ready and prioritised vulnerability report with affected assets, severity ratings, remediation steps, and evidence. For EU CRA compliance, the report includes device-level findings documented in accordance with regulatory standards.
Device and firmware testing
Performs device-level testing on industrial controllers, embedded systems, and firmware images. Identifies vulnerabilities at the device layer, configuration weaknesses, outdated firmware versions, insecure default settings, and embedded software flaws. It can test devices in pre-production or offline environments.
On-demand Expert review
When your team wants a second opinion on findings, OThello's security experts are available to review results, validate exploits, and provide additional context.
