Zero Footprint on OT
Personnel-layer security testing that never requires a foothold in your control-system network — because there's nothing there to configure in the first place.
The catch-22 of testing near OT
NERC CIP-004-6 requires documented personnel-risk training and access-management evidence — but a testing tool that needs any kind of network reach toward control-system assets to do its job introduces exactly the kind of exposure CIP is meant to reduce. The safest testing surface is the one that was never near OT to begin with.
Nothing to configure on the OT side
PhishArmory tests inboxes and human decision-making — full stop. There is no agent to install on a workstation with HMI access, no credential that reaches a SCADA historian, and no code path that queries anything on your OT network. Non-disruptive by construction, not by careful configuration.
Traceable at the IT/OT boundary
Pretext domains are a stable, named pool your team manages once — not disposable, rotating infrastructure. That makes simulation traffic cleanly identifiable at the mail layer, which is exactly the evidence a NERC auditor wants to see distinguishing test traffic from a real intrusion attempt.
Administrative & Cryptographic Hardening
Independent of the OT-isolation story above: every operator account requires TOTP multi-factor authentication to sign in, and every stored credential — including those MFA secrets themselves — is protected under host-isolated envelope encryption, a per-secret data key wrapped by a master key that never leaves this host's environment. Baseline platform protections, not something you have to configure per engagement.
What this maps to on your compliance calendar
Architectural controls, not certifications — this is the evidence our platform contributes to a program you already run.
| Framework | What we contribute |
|---|---|
| NERC CIP-004-6 (R2, personnel risk assessment & training) |
Per-employee campaign results and completion records give your compliance team the documented personnel-training evidence R2 asks for, without any testing footprint on OT/ICS assets. |
| CIP-003 (security management controls) | An append-only, tamper-resistant log of every campaign action supports the security-awareness-program documentation reviewers expect alongside your broader CIP-003 controls. |