NERC Compliance Programs and Solutions
Secure north american bulk power systems from harmful attacks with our NERC compliance programs and solutions
The North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) exists to improve the reliability of the critical bulk power SCADA systems that create and transport electricity around the continent, and the goal of a NERC compliance program is to ensure that the bulk electric system in North America is reliable, adequate and secure. It's not enough to just plan for natural disasters or accidents-the bulk power system now must be planned, designed, built and operated in a manner that also takes into account modern threats to security, including attacks from cyber criminals. NERC compliance programs are required to help prevent these attacks.
It's crucial to keep the bulk power system safe from threats, which is why any bulk power system owner or operator must adhere to NERC compliance standards.
Conducting penetration tests and vulnerability scans for your NERC compliance program
Both Nexpose and Metasploit can help you prepare for your NERC compliance testing, both by scanning your critical systems for vulnerabilities, misconfigurations and malware and by conducting penetration tests to verify how well your systems would resist a real-life attack.
Automated asset discovery and identification
With Nexpose, you can easily and automatically inventory all the assets within your electronic security perimeter, as defined by NERC compliance guidelines. Nexpose will continually discover all physical and virtual assets in your infrastructure and help you group those assets into organizational categories for easier scanning and reporting.
Providing professional consulting services for your NERC compliance program
If you need extra help in defining your electronic security perimeter or in evaluating your NERC compliance program, our professional services team can help with consultations as well as internal and external penetration testing and vulnerability scanning.