Topic Hub · Data Centers
Building Management Systems (BMS), DCIM, and the OT layer that keeps a data center cool and powered are increasingly the soft underbelly of an otherwise well-defended facility. The articles below cover BMS attack surface, hyperscale segmentation, vendor remote access, and the IT-to-OT boundary.
Related service
OT Penetration TestingSpecialized OT pentesting for data center BMS, DCIM, and the IT-to-OT boundary.
Field Reports & Research (18)
Field Report
Building Management Systems control critical data center infrastructure: power, cooling, access, and environmental systems.
Read field report →
Field Report
Building management systems — chillers, ATSes, CRACs, lighting — routinely sit on flat networks with default credentials and vendor-remote access.
Read field report →
Field Report
Multi-tenant colocation requires strict security boundaries between tenants. Implement physical separation, access control
Read field report →
Field Report
Pacific Northwest hydropower facilities are critical infrastructure. Secure hydropower SCADA systems and dam operations from evolving cyber and physic
Read field report →
Field Report
The Portland-Hillsboro area hosts a significant cluster of data centers. Understand the market, shared infrastructure risks, and competitive security
Read field report →
Field Report
National resilience playbooks treat electricity as a generic utility input. In the Pacific Northwest, that abstraction is misleading.
Read field report →
Field Report
Most SOC 2 scopes stop at the corporate perimeter. For data centers and manufacturers, that leaves the most operationally consequential systems outsid
Read field report →
Field Report
Effective mantrap architecture prevents unauthorized access while maintaining operational flow. Learn mantrap principles, dimensions
Read field report →
Field Report
Cryptominers compromise industrial networks for computing power. We explain how to detect them and quantify the operational and security costs.
Read field report →
Field Report
AI-powered video analytics detect anomalies in industrial environments: unauthorized access, equipment tampering, unsafe conditions.
Read field report →
Field Report
DNP3 is the standard protocol for utility SCADA systems. Learn DNP3 architecture, authentication extensions, and security best practices for power and
Read field report →
Field Report
Detecting control protocol anomalies is powerful but noisy. We explain baselining approaches and behavioral detection methods that scale without…
Read field report →
Field Report
Unidirectional gateways enforce one-way data flow at the hardware level. They are powerful but expensive and operationally complex.
Read field report →
Field Report
Unmanned aircraft provide attackers with aerial surveillance of facilities. We examine the threat and how to detect reconnaissance drones before mappi
Read field report →
Field Report
Edge computing nodes bring compute capability closer to production systems. Learn how to secure edge infrastructure without creating security sprawl.
Read field report →
Field Report
Loading docks present unique security challenges: high personnel traffic, vehicle access, and limited visibility.
Read field report →
Field Report
The ICS matrix gives plant teams a common vocabulary for attacker behavior. We walk through how to map it to real facilities without turning it into a
Read field report →
Field Report
Attackers can inject malicious firmware into control devices, creating persistence that survives reboots and factory resets.
Read field report →
Need this expertise applied to your facility?