Yanbu is the Kingdom's Red Sea outlet - refineries, tank farms and terminals where product is measured, scheduled and loaded onto ships bound for Europe and beyond. CyberFortify runs manual network and IT testing plus safe, boundary-focused OT assessment for operators here, aligned to the NCA OTCC and ECC, IEC 62443 and the Saudi PDPL. Delivered in Yanbu's time zone with on-site engagements. Fixed price, audit-ready reporting, free remediation retest.
// 01 Why Yanbu operators need penetration testing
Yanbu's significance is geographic. Crude and product arrive across the country by pipeline and leave through terminals on the Red Sea, bypassing the Gulf entirely - which makes this coastline a strategic export route rather than simply another industrial address. The systems that matter here therefore extend past the refinery fence: tank-farm monitoring, metering and custody transfer, loading schedules, and the external interfaces that connect operators to shipping agents, customers and inspectors.
That widens the question a test must answer. Process safety is the floor - the control systems running refining units deserve the same caution as any live plant. But Yanbu adds export continuity and export data: an attacker who disrupts a loading programme delays cargoes with contractual consequences, and one who manipulates metering or custody-transfer records alters what the world believes was shipped. Scanners cannot examine any of this safely, and they cannot follow the route from a phished corporate mailbox to a scheduling system. A penetration test can, and does.
// 02 Compliance and regulatory drivers in Yanbu
Yanbu's operators sit under an industrial control set, with export and marine interfaces adding their own expectations. These are the obligations CyberFortify most often maps evidence against for organisations in the city.
NCA Operational Technology Cybersecurity Controls (OTCC)
The national baseline for industrial and OT environments - segmentation, secure remote access, hardening and technical assurance over control systems. We evidence those controls without endangering a running unit.
IEC 62443
The global standard for industrial automation security frames our OT work through zones, conduits and security levels - so findings land in the language your process-control engineers and assessors already use.
Metering & custody-transfer data
Where quantities and quality are recorded digitally, that data is commercially binding. We test whether the systems producing and transmitting metering and custody-transfer records could be manipulated or observed by an outsider.
NCA ECC & critical-sector expectations
As operators of strategically significant export infrastructure, Yanbu's refiners and terminals fall under the ECC and the heightened assurance expected of essential services, including periodic testing of the enterprise estate.
Shipping & contractor interfaces
Agents, inspectors and EPC contractors hold connections into terminal and plant environments. Those interfaces are only as safe as the least-tested party holding a key, and we test them from your side of the boundary.
// 03 Penetration testing services for Yanbu
Yanbu engagements centre on the IT/OT boundary and the export interface, with supporting tests across the enterprise surface. Which service leads depends on the operation - refiners and terminals prioritise segmentation and remote-access testing, while contractors and shared services add web, cloud and API work.
Network pen testing
External perimeter, internal Active Directory, IT/OT segmentation and vendor remote-access testing - the core assessment for a Yanbu operator.
API pen testing
Testing of scheduling, metering-data and shipping-agent integrations - authorisation flaws and over-trusting connections across the export interface.
Red teaming
Goal-based simulation asking the decisive question: would an intrusion be detected before it reached scheduling, metering or the process network?
Web application pen testing
Manual testing of operations portals, contractor platforms and corporate applications against the OWASP Top 10 and business-logic abuse.
Cloud pen testing
Configuration-aware testing of the analytics, historian and enterprise workloads operators increasingly run in cloud.
Mobile app pen testing
iOS and Android testing for the field, permit-to-work and workforce apps used across Yanbu's operations.
// 04 How we deliver to Yanbu
Yanbu keeps our exact clock - Arabia Standard Time, UTC+3 - so findings are discussed the moment they land. IT-side testing runs remotely from our secure environment; anything touching the plant or terminal is scheduled tightly with your operations, HSE and OT teams around turnaround windows, change control and the loading programme.
What runs remotely
External perimeter, web, cloud and API testing delivered from our secure environment during Yanbu business hours, with Arabic- or English-language read-outs and immediate escalation of anything critical.
What we do on-site
Internal network, DMZ, wireless, segmentation and OT-boundary review at your Yanbu facility, coordinated with operations so no live process or loading operation is ever touched outside agreed conditions.
Every engagement opens with a free 30-minute scoping call. For OT work, safety constraints, permitted techniques and escalation paths are fixed in writing before anything starts - alongside the fixed-price quote and a free remediation retest.
// 05 Industries we secure in Yanbu
Yanbu's economy is refining, export and the marine infrastructure that carries it. CyberFortify tests across the sectors that define the city's risk profile:
// 06 Our methodology
Every Yanbu engagement follows the same disciplined, audit-defensible process CyberFortify runs worldwide, with OT safety built into each step. IT testing is grounded in the Penetration Testing Execution Standard (PTES) and NIST SP 800-115, with exploitation mapped to the relevant MITRE ATT&CK tactics, including the ATT&CK for ICS knowledge base; OT work follows the IEC 62443 zone-and-conduit model and stays non-disruptive. As a CREST Accreditation Pathway firm, we lead with manual testing and never turn automation loose on live control systems.
Scoping & safety agreement
Targets, IT/OT boundaries, terminal interfaces, permitted techniques, safety constraints and escalation paths agreed in writing before testing begins.
Fixed quote in 1hReconnaissance & threat modelling
Attack surface mapped and prioritised against the paths that could threaten Yanbu's process safety or its export continuity.
ATT&CK for ICSControlled exploitation
Weaknesses exploited on the IT side and validated at the OT and terminal boundary under agreed, safe conditions - the process is never the target.
Process-firstReporting & free retest
Executive summary, CVSS-scored technical report and OTCC and IEC 62443 mapping - followed by a free retest once fixes ship.
Audit-ready// 07 Why CyberFortify for Yanbu
An IT-only scan vendor
A team that treats a refinery and export terminal like an office network - unsafe near OT, blind to metering and scheduling systems, and delivering findings an OTCC or IEC 62443 assessor cannot use.
CyberFortify in the Gulf
A Gulf-based, CREST-pathway team that respects the plant and understands the export interface. Real manual exploitation on the IT side, safe boundary validation on the OT side, findings mapped to NCA OTCC and IEC 62443, fixed pricing and a free remediation retest.
Yanbu engagements typically combine network and segmentation testing with an API assessment of the interfaces that connect the terminal to its shipping and customer ecosystem.
// 08 Frequently asked questions
Do you test export terminals and marine loading systems in Yanbu?
Yes, and this is where Yanbu's distinctive risk sits. Terminal operations depend on tank-farm monitoring, metering, scheduling and marine-loading systems, plus the interfaces to shipping agents and customers. We validate the exposure and segmentation of that layer and actively test the enterprise and scheduling systems around it - never interfering with a loading operation in progress.
How is testing in Yanbu different from testing a refinery elsewhere?
Yanbu is where product leaves the country, so the risk is not only process safety but export continuity and data. Alongside the usual refinery control-system concerns, we look hard at metering and custody-transfer data, scheduling systems, and the external interfaces to shipping and customers - the places where an attacker could disrupt an export programme or manipulate what is recorded as shipped.
Do you align with NCA OTCC and Royal Commission expectations?
Yes. Operators in Yanbu Industrial City work under Royal Commission oversight and, for cybersecurity, the NCA Operational Technology Cybersecurity Controls and IEC 62443. We test and evidence the segmentation, secure remote access and technical-assurance expectations those frameworks set, formatted to fit your existing OT security governance.
Is it safe to test while the plant is running?
Yes, because production is never the target. We lead with passive analysis and architecture review on the OT side, run active testing on the IT and business estate and on non-production segments, and agree every permitted technique with your operations and safety teams in writing before we begin. Nothing that could touch a live process happens outside controlled, agreed conditions.
How fast can we get a quote for a Yanbu engagement?
After a free 30-minute scoping call - which for OT work includes agreeing safety and change-control constraints - we return a fixed-price quote, usually within one hour and always within one business day. Every engagement includes a free remediation retest once fixes ship.