Situation
A multinational industrial organization was required to conduct regular network penetration testing across its global estate, spanning hundreds of network segments and business units, which included numerous OT and IT environments. Previous assessments relied heavily on vulnerability scanning due to the sheer size of the environment, limiting confidence in the true exploitability of identified issues.
At a glance
Organisation: Multinational industrial enterprise
Sector: Industrial & Manufacturing
Situation: Global annual penetration testing programme
Challenges: Validate security posture across hundreds OT and IT networks
Solution: A hybrid approach combining Horizon3.ai’s NodeZero automation with expert led network penetration testing
Results: Efficient testing at scale and improved visibility into OT/IT risk
Challenges
Manual penetration testing could not be scaled efficiently across the entire estate. Security teams were forced to prioritize which findings to validate without proof or context, leaving uncertainty around real-world impact. This approach also limited the ability to pivot into operational technology environments, where risk tolerance and testing windows were tightly constrained.
Solution
The client chose NCC Group’s test plan because it incorporated autonomous testing elements for scale while also prioritizing manual testing for sensitive areas such as OT control planes. NCC Group applied its hybrid methodology incorporating Horizon3.ai’s AI-native proactive security platform, NodeZero to efficiently scale penetration testing across the client’s global networks. NodeZero is an AI-powered solution that automates discovery and exploitation of common attack paths, producing reliable proof-of-concept results rather than theoretical risk.
Consultants then focused on chaining exploits, lateral movement, and targeted testing of higher-risk environments, including operational technology networks. This combination of human-led testing enhanced with automation produced fewer but far more meaningful findings, and replaced broad, semi-validated scan outputs. NCC Group’s hybrid approach better reflected how a real attacker could move through the estate.
Benefits
NCC Group’s new testing methodology produced unprecedented findings that provided the client with greater depth than they had ever received in 20 years of testing. This included findings and risk profiles within their IT/OT environments that had gone previously undiscovered due to the breadth of the test scope.
Using these tests, the client was able to effectively map risk across over 100,000 assets globally to increase their cyber resilience and prioritize key vulnerabilities that posed the greatest risk to their estate.
NCC Group’s global team of over 500 security specialists allowed simultaneous collaboration with the client across their international offices. This led to a truly comprehensive security assessment with multiple client stakeholders working in unison across the world.
The programme also exceeded budget expectations and created a more scalable model for future tests of the client’s estate.
- Validated risk: Findings backed by real exploitation, not assumptions.
- Improved coverage: Hundreds of network segments tested consistently.
- OT visibility: Increased focus on operational technology exposure.
- Global collaboration: Breaking of international silos and worldwide scale.
Key takeaways
- Validated vulnerability scans alone do not represent true business risk.
- Hybrid penetration testing enables scale without losing adversarial realism.
- Automation delivers scale, but expert insight delivers impact.