Training & Certification
Request a Proposal
User Behavior Analytics
By Compliance Requirement
Find a Partner
About Our Research
Meet the Team
National Exposure Index
Quarterly Threat Report
Under the Hoodie
Events & Webcasts
Training & Certification
IT & Security Fundamentals
News & Press Releases
The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) exists to improve the reliability of the critical bulk power SCADA systems that create and transport electricity around the continent, and the goal of a NERC compliance program is to ensure that the bulk electric system in North America is reliable, adequate and secure. It's not enough to just plan for natural disasters or accidents-the bulk power system now must be planned, designed, built and operated in a manner that also takes into account modern threats to security, including attacks from cyber criminals. NERC compliance programs are required to help prevent these attacks.
It's crucial to keep the bulk power system safe from threats, which is why any bulk power system owner or operator must adhere to NERC compliance standards.
We'll help you determine which regulations your organization needs to meet.
Both InsightVM and Metasploit can help you prepare for your NERC compliance testing, both by scanning your critical systems for vulnerabilities, misconfigurations and malware and by conducting penetration tests to verify how well your systems would resist a real-life attack. Our NERC compliance solutions automatically discover all assets within your infrastructure
With InsightVM, you can easily and automatically inventory all the assets within your electronic security perimeter, as defined by NERC compliance guidelines. InsightVM will continually discover all physical and virtual assets in your infrastructure and help you group those assets into organizational categories for easier scanning and reporting.
Download InsightVM - Free Trial
If you need extra help in defining your electronic security perimeter or in evaluating your NERC compliance program, our professional services team can help with consultations as well as internal and external penetration testing and vulnerability scanning.
Contact our PSO professional services
Compliance should boost your security, not burden it. Rapid7's NERC compliance guide lays out the requirements of compliance, as well as the things you can do to not only meet those requirements, but improve your overall security in the process.
Need help with NERC? Download a suite of free resources to help you achieve compliance via audit preparation and sound vulnerability management practices that ensure your critical infrastructures are protected from intruders.