Location · Penetration Testing in Yanbu, Saudi Arabia

Penetration testing in Yanbu - where the Kingdom's energy meets the Red Sea.

CyberFortify delivers manual, exploit-driven penetration testing to the refining, export-terminal and port operators of Yanbu - the industrial city on the Red Sea coast where crude arrives by pipeline and product leaves by ship. We test the enterprise estate and the boundary that protects the process, mapping every finding to the NCA Operational Technology controls and IEC 62443.

Aligned with: NCA OTCC · NCA ECC · IEC 62443 · PDPL · OWASP · PTES · NIST 800-115
OTCC
OT controls aligned
Export
Terminal-aware
Safe
Process-first testing
Free retest
Serving Yanbu: Refining & petrochemicals · export terminals & tank farms · marine loading & shipping interfaces · pipeline operations · the commercial & industrial port · utilities · EPC contractors · Red Sea tourism · the Royal Commission ecosystem Serving Yanbu: Refining & petrochemicals · export terminals & tank farms · marine loading & shipping interfaces · pipeline operations · the commercial & industrial port · utilities · EPC contractors · Red Sea tourism · the Royal Commission ecosystem
// Executive summary

Yanbu is the Kingdom's Red Sea outlet - refineries, tank farms and terminals where product is measured, scheduled and loaded onto ships bound for Europe and beyond. CyberFortify runs manual network and IT testing plus safe, boundary-focused OT assessment for operators here, aligned to the NCA OTCC and ECC, IEC 62443 and the Saudi PDPL. Delivered in Yanbu's time zone with on-site engagements. Fixed price, audit-ready reporting, free remediation retest.

// 01 Why Yanbu operators need penetration testing

Yanbu's significance is geographic. Crude and product arrive across the country by pipeline and leave through terminals on the Red Sea, bypassing the Gulf entirely - which makes this coastline a strategic export route rather than simply another industrial address. The systems that matter here therefore extend past the refinery fence: tank-farm monitoring, metering and custody transfer, loading schedules, and the external interfaces that connect operators to shipping agents, customers and inspectors.

That widens the question a test must answer. Process safety is the floor - the control systems running refining units deserve the same caution as any live plant. But Yanbu adds export continuity and export data: an attacker who disrupts a loading programme delays cargoes with contractual consequences, and one who manipulates metering or custody-transfer records alters what the world believes was shipped. Scanners cannot examine any of this safely, and they cannot follow the route from a phished corporate mailbox to a scheduling system. A penetration test can, and does.

// 02 Compliance and regulatory drivers in Yanbu

Yanbu's operators sit under an industrial control set, with export and marine interfaces adding their own expectations. These are the obligations CyberFortify most often maps evidence against for organisations in the city.

R.01 · Operational tech

NCA Operational Technology Cybersecurity Controls (OTCC)

The national baseline for industrial and OT environments - segmentation, secure remote access, hardening and technical assurance over control systems. We evidence those controls without endangering a running unit.

R.02 · Industrial standard

IEC 62443

The global standard for industrial automation security frames our OT work through zones, conduits and security levels - so findings land in the language your process-control engineers and assessors already use.

R.03 · Export integrity

Metering & custody-transfer data

Where quantities and quality are recorded digitally, that data is commercially binding. We test whether the systems producing and transmitting metering and custody-transfer records could be manipulated or observed by an outsider.

R.04 · Critical infrastructure

NCA ECC & critical-sector expectations

As operators of strategically significant export infrastructure, Yanbu's refiners and terminals fall under the ECC and the heightened assurance expected of essential services, including periodic testing of the enterprise estate.

R.05 · Marine & supply chain

Shipping & contractor interfaces

Agents, inspectors and EPC contractors hold connections into terminal and plant environments. Those interfaces are only as safe as the least-tested party holding a key, and we test them from your side of the boundary.

R.06 · Governance

ISO 27001 & NIST CSF

Operators and their service firms use ISO 27001:2022 (A.8.29) and the NIST Cybersecurity Framework to structure assurance, with independent testing supplying the technical evidence behind the documentation.

// 03 Penetration testing services for Yanbu

Yanbu engagements centre on the IT/OT boundary and the export interface, with supporting tests across the enterprise surface. Which service leads depends on the operation - refiners and terminals prioritise segmentation and remote-access testing, while contractors and shared services add web, cloud and API work.

A.02

Network pen testing

External perimeter, internal Active Directory, IT/OT segmentation and vendor remote-access testing - the core assessment for a Yanbu operator.

A.05

API pen testing

Testing of scheduling, metering-data and shipping-agent integrations - authorisation flaws and over-trusting connections across the export interface.

A.07

Red teaming

Goal-based simulation asking the decisive question: would an intrusion be detected before it reached scheduling, metering or the process network?

A.01

Web application pen testing

Manual testing of operations portals, contractor platforms and corporate applications against the OWASP Top 10 and business-logic abuse.

A.04

Cloud pen testing

Configuration-aware testing of the analytics, historian and enterprise workloads operators increasingly run in cloud.

A.03

Mobile app pen testing

iOS and Android testing for the field, permit-to-work and workforce apps used across Yanbu's operations.

// 04 How we deliver to Yanbu

Yanbu keeps our exact clock - Arabia Standard Time, UTC+3 - so findings are discussed the moment they land. IT-side testing runs remotely from our secure environment; anything touching the plant or terminal is scheduled tightly with your operations, HSE and OT teams around turnaround windows, change control and the loading programme.

What runs remotely

External perimeter, web, cloud and API testing delivered from our secure environment during Yanbu business hours, with Arabic- or English-language read-outs and immediate escalation of anything critical.

What we do on-site

Internal network, DMZ, wireless, segmentation and OT-boundary review at your Yanbu facility, coordinated with operations so no live process or loading operation is ever touched outside agreed conditions.

Every engagement opens with a free 30-minute scoping call. For OT work, safety constraints, permitted techniques and escalation paths are fixed in writing before anything starts - alongside the fixed-price quote and a free remediation retest.

// 05 Industries we secure in Yanbu

Yanbu's economy is refining, export and the marine infrastructure that carries it. CyberFortify tests across the sectors that define the city's risk profile:

Refining & petrochemicalsRefineries · downstream units · processing
Terminals & tank farmsStorage · metering · custody transfer
Marine & portLoading · shipping agents · port systems
Pipeline operationsReceipt · monitoring · scheduling
Utilities & contractorsPower & water · EPC · maintenance
Tourism & corporate servicesRed Sea tourism · operator HQs · enterprise IT

// 06 Our methodology

Every Yanbu engagement follows the same disciplined, audit-defensible process CyberFortify runs worldwide, with OT safety built into each step. IT testing is grounded in the Penetration Testing Execution Standard (PTES) and NIST SP 800-115, with exploitation mapped to the relevant MITRE ATT&CK tactics, including the ATT&CK for ICS knowledge base; OT work follows the IEC 62443 zone-and-conduit model and stays non-disruptive. As a CREST Accreditation Pathway firm, we lead with manual testing and never turn automation loose on live control systems.

01

Scoping & safety agreement

Targets, IT/OT boundaries, terminal interfaces, permitted techniques, safety constraints and escalation paths agreed in writing before testing begins.

Fixed quote in 1h
02

Reconnaissance & threat modelling

Attack surface mapped and prioritised against the paths that could threaten Yanbu's process safety or its export continuity.

ATT&CK for ICS
03

Controlled exploitation

Weaknesses exploited on the IT side and validated at the OT and terminal boundary under agreed, safe conditions - the process is never the target.

Process-first
04

Reporting & free retest

Executive summary, CVSS-scored technical report and OTCC and IEC 62443 mapping - followed by a free retest once fixes ship.

Audit-ready

// 07 Why CyberFortify for Yanbu

An IT-only scan vendor

A team that treats a refinery and export terminal like an office network - unsafe near OT, blind to metering and scheduling systems, and delivering findings an OTCC or IEC 62443 assessor cannot use.

CyberFortify in the Gulf

A Gulf-based, CREST-pathway team that respects the plant and understands the export interface. Real manual exploitation on the IT side, safe boundary validation on the OT side, findings mapped to NCA OTCC and IEC 62443, fixed pricing and a free remediation retest.

Yanbu engagements typically combine network and segmentation testing with an API assessment of the interfaces that connect the terminal to its shipping and customer ecosystem.

// 08 Frequently asked questions

Do you test export terminals and marine loading systems in Yanbu?

Yes, and this is where Yanbu's distinctive risk sits. Terminal operations depend on tank-farm monitoring, metering, scheduling and marine-loading systems, plus the interfaces to shipping agents and customers. We validate the exposure and segmentation of that layer and actively test the enterprise and scheduling systems around it - never interfering with a loading operation in progress.

How is testing in Yanbu different from testing a refinery elsewhere?

Yanbu is where product leaves the country, so the risk is not only process safety but export continuity and data. Alongside the usual refinery control-system concerns, we look hard at metering and custody-transfer data, scheduling systems, and the external interfaces to shipping and customers - the places where an attacker could disrupt an export programme or manipulate what is recorded as shipped.

Do you align with NCA OTCC and Royal Commission expectations?

Yes. Operators in Yanbu Industrial City work under Royal Commission oversight and, for cybersecurity, the NCA Operational Technology Cybersecurity Controls and IEC 62443. We test and evidence the segmentation, secure remote access and technical-assurance expectations those frameworks set, formatted to fit your existing OT security governance.

Is it safe to test while the plant is running?

Yes, because production is never the target. We lead with passive analysis and architecture review on the OT side, run active testing on the IT and business estate and on non-production segments, and agree every permitted technique with your operations and safety teams in writing before we begin. Nothing that could touch a live process happens outside controlled, agreed conditions.

How fast can we get a quote for a Yanbu engagement?

After a free 30-minute scoping call - which for OT work includes agreeing safety and change-control constraints - we return a fixed-price quote, usually within one hour and always within one business day. Every engagement includes a free remediation retest once fixes ship.

Ready for a pen test in Yanbu?

Book a free 30-minute scoping call. Our Gulf-based team will recommend the right model and quote a fixed-price engagement - usually within the hour.

Schedule scoping call → Contact CyberFortify →