Skip to main content
Cutaway Security
Cutaway Security

Services

Cutaway Security specializes in scoping and leading cybersecurity engagements for industrial and operational technology environments. Every engagement is tailored to your operational constraints, safety requirements, and business objectives.

Security Assessments
#

Comprehensive evaluations of your ICS/OT environment, delivered with respect for continuous operations and operational safety. Engagements are aligned with industry standards including ISA/IEC 62443, NIST CSF, and the SANS ICS Five Critical Controls. We specialize in scoping and leading these engagements – ensuring they produce findings that feed directly into your vulnerability management and risk analysis programs.

Architecture Reviews

Evaluation of network segmentation, data flow, trust boundaries, and defensive posture. We identify gaps and recommend improvements aligned with your business needs and operational realities.

Penetration Testing

Authorized offensive testing conducted with careful scope, continuous coordination, and respect for operational safety. Includes assumed breach assessments, M&A analysis, and ICS-specific techniques.

Maturity Assessments

Structured evaluation of your security program to identify gaps, measure progress, and prioritize strategic improvements. We bring the perspective and time your team needs.

Bench Testing

Hands-on analysis of specific devices, firmware, and protocols in a controlled lab environment. Draws from the methodologies taught in SANS ICS613.

Security Research
#

We conduct targeted research into device capabilities and the protocols used in industrial environments – both open standards and proprietary implementations. This research serves two purposes:

  • Discovering vulnerabilities and documenting detection methods. Findings feed directly back into assessment engagements, training, and the broader ICS/OT community.
  • Developing specialized open-source tools that help operational teams solve real problems. Our tools are designed to save cost, reduce manual effort, and improve visibility. All projects are freely available on our GitHub organization.

See our Projects page for the full catalog.

Training
#

Knowledge starts with exposure to information and consistent application over time. We participate in SANS, ControlThings.io, and ICS Village training programs to educate and empower your team. We also provide specialized training to meet your team’s information security goals.

ICS410

SANS ICS/SCADA Security Essentials course resources and supplementary materials.

Workshops

Hands-on workshops on OT OSINT and industrial AI programming, delivered at SANS Summits and ICS Village.

Publications

Press, presentations, slide decks, and white papers from Cutaway Security engagements.

There are no articles to list here yet.