The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) exists to improve the reliability of the critical bulk power SCADA systems that create and transport electricity around the continent, and the goal of a NERC compliance program is to ensure that the bulk electric system in North America is reliable, adequate and secure. It's not enough to just plan for natural disasters or accidents-the bulk power system now must be planned, designed, built and operated in a manner that also takes into account modern threats to security, including attacks from cyber criminals. NERC compliance programs are required to help prevent these attacks.
It's crucial to keep the bulk power system safe from threats, which is why any bulk power system owner or operator must adhere to NERC compliance standards.
Which regulations matter to you?
We'll help you determine which regulations your organization needs to meet.
Contact UsHow Rapid7 helps get you NERC compliant
Conducting penetration tests and vulnerability scans for your NERC compliance program
Both InsightVM and Metasploit can help you prepare for your NERC compliance testing, both by scanning your critical systems for vulnerabilities, misconfigurations and malware and by conducting penetration tests to verify how well your systems would resist a real-life attack. Our NERC compliance solutions automatically discover all assets within your infrastructure
Automated asset discovery and identification
With InsightVM, you can easily and automatically inventory all the assets within your electronic security perimeter, as defined by NERC compliance guidelines. InsightVM will continually discover all physical and virtual assets in your infrastructure and help you group those assets into organizational categories for easier scanning and reporting.
Download InsightVM - Free Trial
Providing professional consulting services for your NERC compliance program
If you need extra help in defining your electronic security perimeter or in evaluating your NERC compliance program, our professional services team can help with consultations as well as internal and external penetration testing and vulnerability scanning.