Researcher Isiah Jones published a broader ‘Security Methodology’ initiative that consolidates projects such as ICSOTPentest, AIpentest 3.1, AI-driven OT security demonstrations, command-line scripts, testing templates, research papers, and ICS (industrial control system)-focused security resources into a public framework hosted through GitHub repositories. The project positions itself as a practical resource hub for penetration testing, assessment workflows, and applied security research spanning industrial systems, IoT, and AI-driven cybersecurity experimentation.
Among the efforts drawing attention are demonstrations and toolsets shared through LinkedIn, GitHub, YouTube, and other social media platforms associated with the @aicyberiot profile, including the ICSOTPentest toolkit and the AIpentest 3.1 cybersecurity demonstration focused on AI-assisted security testing. The program emphasizes an important connection between AI-assisted security analyses and OT security in general. A couple of the linked projects and demonstrations bring about AI-enabled detection, automation, and threat analysis for cyber-physical systems, reflecting growing industry interest in applying AI to industrial threat detection, security validation, and cyber-physical risk analysis.
Industrial Cyber reached out to Jones to discuss the story behind AIpentest 3.1, the specific challenges he set out to solve when developing the platform, and how he defines it today, whether as a standalone tool, a broader security framework, or something more expansive within the AI and industrial cybersecurity landscape.
“The AIpentest safety and security tool is a tool that covers testing use cases for AI across multiple frameworks and practices such as AI RMF, OASB, OWASP, and MITRE ATLAS,” according to Jones. “I was trying to address the broader testing needs of testing AI beyond just LLM, LMM prompts, and agentic network scanning-based attacks.”
On how the platform operates in practice and where it could have the greatest impact across OT and ICS environments, Jones said that “the AIpentest tool was not built specifically for ICS OT. It is built specifically for testing AI products and solutions. However, wherever AI is being used in ICS OT, the tool can be used to test those additional attack surfaces.”
Moving on to for whom AIpentest is designed in practice and whether organizations are adopting it to replace manual testing, augment red teams, or enable more continuous and repeatable security validation, Jones explained that AIpentest is for security professionals who execute safety and security test techniques against AI and ML models from LLM, LMM to agent API, MCP, and other attack surfaces. The tool stands on its own, but it can be extended and used with other existing manual and API based testing techniques.
Recognizing that ICSOTpentest was developed specifically for industrial environments, Jones also addressed how AIpentest and ICSOTpentest could operate together and whether the cybersecurity industry is moving toward a more unified model where AI, IT, and OT security testing increasingly converge.
“The ICSOTpentest tool is a separate standalone tool that tests native features of ICS, OT and IoT components, applications, systems and devices,” according to Jones. “It executes steps throughout 9 phases and outputs artifacts that are usually created manually. It can be used in conjunction with the AIpentest tool if AI is being used by the target environments and assets.”
In light of increasing availability of offensive security tools powered by AI, worries have been raised that availability of such systems could lower the barrier to sophisticated cyberthreats and attacks. Jones talked about how he uses offensive security responsibly and the limitations surrounding this topic.
“My tools come with copyright, software license agreements and disclaimers for responsible use,” he said. “They are not open source. They are paid for licensed commercial products with several thousand lines of code. It is the responsibility of the testing organization and individual consultants to use all tools responsibly and within the scope of the projects. Same as any other licensed commercial products on the market.”
Jones explained that some users had expressed concerns or uncertainty about signing software license agreements for unlimited perpetual use of his tools across individual and enterprise environments. To address that, he shared an example licensing agreement for his ICSOTpentest.py platform and said similar two-page agreements would accompany future releases, including updated versions of the AIpentest safety and security testing framework and other commercial tools he plans to offer.
He described the licensing approach as intentionally simple and direct, avoiding excessive legal complexity and corporate-style language. He also indicated that the purchasing procedure is meant to be simple, whereby individuals interested in using the service could contact him regarding the price, sign the contract, pay their money, and finally get the license and the documentation, including the software package. It appears from Jones’ explanation that the contract will only contain relevant clauses for the transaction.
Jones also detailed several architectural and usability improvements introduced in v3.1 of the AIpentest Safety and Security Framework, including expanded support for dynamically integrating custom personas, payloads, and modules into testing workflows. He said the update also brings network, cloud, container, and API assessment capabilities directly into the interactive menu, allowing users to move between prompt-based interactions and infrastructure scanning functions without switching terminals or exiting interactive sessions.
The initiative shows an increase in the correlation between AI-powered analysis in security and OT defense and protection. Several of the measures and demonstrations focus on AI-driven threat analysis and automation to detect issues in cyber-physical systems, mirroring the current momentum in the security industry towards applying machine learning techniques for detecting security incidents in OT security.
