Purple Teaming: What Not to Do in OT & IoT Testing to Avoid Halting the Factory or Sinking the Oil Rig
Umair Ahmed, a Senior Security Engineer at HelloFresh, shares insights on pen-testing operational and IoT systems, emphasizing the importance of preparation, threat modeling, stakeholder alignment, and execution. He highlights the need for careful examination of systems to mitigate risks and ensure compliance while providing best practices for effective testing. Post-engagement, thorough reporting and follow-ups are essential for continuous improvement and vulnerability management.