SlideShare ist ein Scribd-Unternehmen logo
1 von 42
Downloaden Sie, um offline zu lesen
Securing ICS/SCADA systems
Agenda
Positive Technologies Company overview
ICS/SCADA security myths
Positive Research on SCADA Security
MaxPatrol for SCADA
Positive Services for SCADA
Questions?
Positive Technologies
Company overview
About Positive Technologies
10+ Years of experience
300+ Employees
Offices
• London, UK
• Moscow, Russia
• Seoul, Korea
• Tunis, Tunisia
• Rome, Italy
1000+ Customers & Partners globally
Partnerships with major software vendors
Positive Technologies Focus
MaxPatrol - Vulnerability & Compliance Management
System
Positive Services – a unique team of experts in
practical security
Positive Research – one of the biggest research
centers in Europe
Positive Hack Days – the annual information security
international Forum
Positive Services
We conduct more than 20 large-scale penetration
tests each year
We perform a consistently high volume of web
application security assessments
Security assessment
• Penetration testing
• Infrastructure analysis
• Custom applications assessment
Security management processes
• KPI development
• Technical standards and compliance
• Audit & IT security risks of business processes
Positive Research Center
One of the biggest security research labs in Europe
• 100+ new 0-day vulnerabilities discovered per year
• Our research is used by key industry bodies
We help global IT players to secure their products
We are involved in the development of industry
standards
Our portal Securitylab.ru – a leading Eastern
European security portal
Positive Hack Days Forum 2012
1,500 Participants
6 Tracks
10 Workshops
8 Challenges
Hacking CTF Contest
Keynote by Bruce Schneier
Telecoms &
hi-tech
Our Customers
Government
agencies
Banking & Finance
Our Customers
Industrial enterprises
Energia Space Corporation
Tactical missiles corp.
Sukhoi (aircraft building enterprise)
Magnitogorsk Iron & Steel Nizhnekamsk (Petrochemicals) AEP (Nuclear Technologies)
ICS/SCADA Security Myths
Why should we care about SCADA security?
SCADA network is isolated and is not connected to
other networks, all the more so to Internet
MES/SCADA/PLC is based on custom platforms, and
attackers can’t hack it
HMI has limited functionality and does not allow to
mount attack
…
PT security assessment experience
100% of tested SCADA networks are exposed to
Internet/Corporate network
Network equipment/firewalls misconfiguration
MES/OPC/ERP integration gateways
HMI external devices (Phones/Modems/USB Flash) abuse
VPN/Dialup remote access
90% of tested SCADA can be hacked with Metasploit
Standard platforms (Windows, Linux, QNX, BusyBox, Solaris…)
Standard protocols (RCP, CIFS/SMB, Telnet, HTTP…)
Standard bugs (patch management, passwords, firewalling,
application vulnerabilities)
PT security assessment experience
70% of HMI/Engineering stations are also used as
desktops
Kiosk mode bypass
(Secret) Internet access
games/”keygens”/trojans and other useful software
Overall SCADA security level = Internet security in
the beginning of XXI century
VS
Positive Research on
ICS/SCADA Security
Activities in 2012
SCADA Security in Numbers – research on
ICS/SCADA attack surface
SCADA applications security assessment – deep
analysis of different automation systems
Security Hardening guides development – security
configuration guides and benchmark checklists for
SCADA
Community collaboration
SCADA Security in Numbers
Deep technical analysis of ICS/SCADA attack surface
(2005 – August 2012)
Statistics of Vulnerabilities and Exploits
• Vulnerabilities in PLC/SACDA/MES systems
• Risks and exploits
• Vulnerability management effectiveness
• Attack vectors and impact
SCADA in the Internet
• Analysis of SCADA systems exposed to the Internet
• Distribution by vendor
• Security level
N of Vulnerabilities/Year
Risk level by vendor
Risk level (%)
N of Exploits/Year
% of Exploits
SCADA applications security assessment
Deep technical analysis of different automation
systems
• Siemens automation solutions
 SIMATIC WINCC
 S7 PLCs
 TIA Portal
• Wonderware InTouch
• …
Methodologies
• BlackBox Penetration testing/fuzzing
• Web Application code review
• Firmware reversing and static analysis
• Forensic analysis
SCADA applications security assessment: Results
>50 vulnerabilities detected
• Client-side (XSS, CSRF etc)
• SQL/XPath injections
• Arbitrary file reading
• Username/passwords disclosure
• Weak encryption
• Hardcoded crypto keys
• …
Results
• Partially fixed by vendors
• Assessment and fixing roadmap with Siemens Product CERT
50 is a quarter of currently known SCADA
vulnerabilities!
Security Hardening guides development
Technical guides for built-in and external security
features
Useful for configuration management and security
assessment
First public release - Siemens SIMATIC WinCC
• To be:
• TIA Portal
• HMI Kiosk Mode
• Intouch
Community collaboration
Collaboration with Siemens Product CERT and other
vendors
Reports on security conferences
MaxPatrol for SCADA
MaxPatrol in Figures
checks of known vulnerabilities
systems to work across
configuration parameters
new 0-day vulnerabilities per year
30,000+
1,000+
5,000+
100+
MaxPatrol – An All-in-One Solution
MaxPatrol Highlights
Password Policy Audit
Malware Detection Integrity Monitoring
Sensitive Data Detection
Agentless & low-privileged
Assessment
Web-Application Security
Our approach
Defense in Depth strategy
 Network Layer
 OS and DBMS
 SCADA/HMI/PLCs
 MES/ERP
Compliance management support
Network Layer
Vulnerabilities checks of different platforms
• Cisco, Juniper, Check Point, Arbor, Huawei, Nortel, Alcatel
Configuration analysis
• Authentication checks
• ACLs analysis
• Special checks of industrial protocols configuration (Cisco
Connected Grid, etc)
OS and DBMS
Exhaustive vulnerability and configuration analysis
Operating Systems: Windows, Mac OS X, Linux, IBM AIX, HP-
UX and Oracle Solaris
Databases: Microsoft SQL, Oracle, IBM DB2, PostgreSQL,
MySQL and Sybase
Offline USB/CD Scanner
• Useful for HMI/SCADA audits
• Not require network connections
• Full-featured reporting with MaxPatrol Server
SCADA/HMI/PLC
Support of automation protocols
• ModBus/S7/DNP3/OPC
Vulnerabilities checks of PLC/SCADA/MES
Predefined (Safe mode) assessment for SCADA
Configuration check of SCADA
HMI Kiosk mode checks
Mobile/Wireless/Internet access
Software whitelist/blacklist
Antivirus/HIPS checks
MES/ERP
Best among vulnerability and compliance
assessment of ERP system
Support of SAP Netweaver and Oracle EBS
• Complete analysis on OS/DBMS/Application levels
• Black box and White box vulnerability checks
• SAP Notes and OEBS patches checks
• Configuration analysis
• SAP Security Guide compliances
NERC Critical Infrastructure Protection Compliance
CIP-002-1: Critical Cyber Asset Identification
• Hardware and software discovery, network and
system asset inventory
CIP-003-1: Security Management Controls
• Built-in configuration compliance checklists,
automated vulnerability assessment
CIP-005-1 Electronic Security Perimeter(s)
• Control network security via network scan
configuration checks
NERC Critical Infrastructure Protection Compliance
CIP-007-1 Systems Security Management
• Automated assessment of security controls
(antivirus, SIEM, Firewall, etc.)
CIP-008-1 Incident Reporting and Response
Planning
• Control of risky configurations and compromise
detection
Key Features: Flexibility & Integration
Asset Management
Help Desk Ticketing
Risk Management
Patch Management
SIM/SIEM
IPS and WAF Penetration Testing
NAC/NAP
Positive Services for
SCADA
Positive Services
ICS Infrastructure Security Audit
Complex assessment of technical and
organizational security means. From PLC to
ERP. From Pentest to Checklists.
SCADA application security assessment
Deep technical inspection of SCADA security
on Network/OS/Database and Application
levels.
Security policy and configuration checklist
development
Vulnerability and compliance management
process implementation
Resume
Positive Technologies approach
Research: to understand vulnerabilities and to find
new
Audit: to discover risks and select
countermeasures
Automate: vulnerability and compliance
management with MaxPatrol
Control: security process efficiency
Consolidate: vendors, researchers and customers
to create safe ICS/SCADA infrastructure and
solutions
Thanks!
Question?
EMEA@ptsecurity.com

Weitere ähnliche Inhalte

Was ist angesagt?

DEF CON 23 - NSM 101 for ICS
DEF CON 23 - NSM 101 for ICSDEF CON 23 - NSM 101 for ICS
DEF CON 23 - NSM 101 for ICSChris Sistrunk
 
DTS Solution - SCADA Security Solutions
DTS Solution - SCADA Security SolutionsDTS Solution - SCADA Security Solutions
DTS Solution - SCADA Security SolutionsShah Sheikh
 
SCADA Security Presentation
SCADA Security PresentationSCADA Security Presentation
SCADA Security PresentationFilip Maertens
 
SCADA deep inside: protocols and security mechanisms
SCADA deep inside: protocols and security mechanismsSCADA deep inside: protocols and security mechanisms
SCADA deep inside: protocols and security mechanismsAleksandr Timorin
 
Industrial protocols for pentesters
Industrial protocols for pentestersIndustrial protocols for pentesters
Industrial protocols for pentestersPositive Hack Days
 
ICS Security 101 by Sandeep Singh
ICS Security 101 by Sandeep SinghICS Security 101 by Sandeep Singh
ICS Security 101 by Sandeep SinghOWASP Delhi
 
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...PECB
 
RSAC 2016: How to Get into ICS Security
RSAC 2016: How to Get into ICS SecurityRSAC 2016: How to Get into ICS Security
RSAC 2016: How to Get into ICS SecurityChris Sistrunk
 
Guide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_securityGuide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_securityDeepakraj Sahu
 
Security testing in critical systems
Security testing in critical systemsSecurity testing in critical systems
Security testing in critical systemsPeter Wood
 
Industrial Control System Security Overview
Industrial Control System Security OverviewIndustrial Control System Security Overview
Industrial Control System Security Overviewpgmaynard
 
BruCON 2015 - Pentesting ICS 101
BruCON 2015 - Pentesting ICS 101BruCON 2015 - Pentesting ICS 101
BruCON 2015 - Pentesting ICS 101Wavestone
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkMarcoAfzali
 
Man in the middle attacks on IEC 60870-5-104
Man in the middle attacks on IEC 60870-5-104Man in the middle attacks on IEC 60870-5-104
Man in the middle attacks on IEC 60870-5-104pgmaynard
 
Cyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCommunity Protection Forum
 

Was ist angesagt? (20)

CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2CSIRS ICS BCS 2.2
CSIRS ICS BCS 2.2
 
DEF CON 23 - NSM 101 for ICS
DEF CON 23 - NSM 101 for ICSDEF CON 23 - NSM 101 for ICS
DEF CON 23 - NSM 101 for ICS
 
DTS Solution - SCADA Security Solutions
DTS Solution - SCADA Security SolutionsDTS Solution - SCADA Security Solutions
DTS Solution - SCADA Security Solutions
 
SCADA Security Presentation
SCADA Security PresentationSCADA Security Presentation
SCADA Security Presentation
 
SCADA Security
SCADA SecuritySCADA Security
SCADA Security
 
SCADA deep inside: protocols and security mechanisms
SCADA deep inside: protocols and security mechanismsSCADA deep inside: protocols and security mechanisms
SCADA deep inside: protocols and security mechanisms
 
Improving SCADA Security
Improving SCADA SecurityImproving SCADA Security
Improving SCADA Security
 
Industrial protocols for pentesters
Industrial protocols for pentestersIndustrial protocols for pentesters
Industrial protocols for pentesters
 
ICS Security 101 by Sandeep Singh
ICS Security 101 by Sandeep SinghICS Security 101 by Sandeep Singh
ICS Security 101 by Sandeep Singh
 
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
Vulnerability Assessment and Penetration Testing in online SCADA ICS Environm...
 
RSAC 2016: How to Get into ICS Security
RSAC 2016: How to Get into ICS SecurityRSAC 2016: How to Get into ICS Security
RSAC 2016: How to Get into ICS Security
 
Guide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_securityGuide scada and_industrial_control_systems_security
Guide scada and_industrial_control_systems_security
 
SCADA Security in CDIC 2009
SCADA Security in CDIC 2009SCADA Security in CDIC 2009
SCADA Security in CDIC 2009
 
Security testing in critical systems
Security testing in critical systemsSecurity testing in critical systems
Security testing in critical systems
 
Industrial Control System Security Overview
Industrial Control System Security OverviewIndustrial Control System Security Overview
Industrial Control System Security Overview
 
BruCON 2015 - Pentesting ICS 101
BruCON 2015 - Pentesting ICS 101BruCON 2015 - Pentesting ICS 101
BruCON 2015 - Pentesting ICS 101
 
Nist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing FrameworkNist 800 82 ICS Security Auditing Framework
Nist 800 82 ICS Security Auditing Framework
 
IT vs. OT: ICS Cyber Security in TSOs
IT vs. OT: ICS Cyber Security in TSOsIT vs. OT: ICS Cyber Security in TSOs
IT vs. OT: ICS Cyber Security in TSOs
 
Man in the middle attacks on IEC 60870-5-104
Man in the middle attacks on IEC 60870-5-104Man in the middle attacks on IEC 60870-5-104
Man in the middle attacks on IEC 60870-5-104
 
Cyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT ApproachCyber Security: Differences between Industrial Control Systems and ICT Approach
Cyber Security: Differences between Industrial Control Systems and ICT Approach
 

Andere mochten auch

SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016 SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016 Derek Harp
 
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security   01   Ics Scada Cyber Security Solutions and Challenges...Dubai Cyber Security   01   Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...Ahmed Al Enizi
 
Scada Security & Penetration Testing
Scada Security & Penetration TestingScada Security & Penetration Testing
Scada Security & Penetration TestingAhmed Sherif
 
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...Shah Sheikh
 
Автоматизация нагрузочного тестирования в связке JMeter + TeamСity + Grafana ...
Автоматизация нагрузочного тестирования в связке JMeter + TeamСity + Grafana ...Автоматизация нагрузочного тестирования в связке JMeter + TeamСity + Grafana ...
Автоматизация нагрузочного тестирования в связке JMeter + TeamСity + Grafana ...Positive Hack Days
 
Building a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsBuilding a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsShah Sheikh
 
Современные российские средства защиты информации
Современные российские средства защиты информацииСовременные российские средства защиты информации
Современные российские средства защиты информацииDialogueScience
 
2016 10 pt kz качалин
2016 10 pt kz качалин2016 10 pt kz качалин
2016 10 pt kz качалинDiana Frolova
 
Биография сетевого периметра в картинках
Биография сетевого периметра в картинкахБиография сетевого периметра в картинках
Биография сетевого периметра в картинкахNamik Heydarov
 
The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...
The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...
The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...Byres Security Inc.
 
Overcoming Cyber Attacks
Overcoming Cyber AttacksOvercoming Cyber Attacks
Overcoming Cyber AttacksInuit AB
 
BlackHat Europe 2010: SCADA and ICS for Security Experts
BlackHat Europe 2010: SCADA and ICS for Security ExpertsBlackHat Europe 2010: SCADA and ICS for Security Experts
BlackHat Europe 2010: SCADA and ICS for Security ExpertsJames Arlen
 
120213 cateura grenoble em smart grid toward which business models
120213 cateura grenoble em smart grid toward which business models120213 cateura grenoble em smart grid toward which business models
120213 cateura grenoble em smart grid toward which business modelsOlivier CATEURA, PhD
 
SSDL: один день из жизни разработчика
SSDL: один день из жизни разработчикаSSDL: один день из жизни разработчика
SSDL: один день из жизни разработчикаPositive Hack Days
 
Как увидеть невидимые инциденты
Как увидеть невидимые инцидентыКак увидеть невидимые инциденты
Как увидеть невидимые инцидентыPositive Hack Days
 
Positive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days. Pavlov. Network Infrastructure Security AssessmentPositive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days. Pavlov. Network Infrastructure Security AssessmentPositive Hack Days
 
Fingerprinting and Attacking a Healthcare Infrastructure
Fingerprinting and Attacking a Healthcare InfrastructureFingerprinting and Attacking a Healthcare Infrastructure
Fingerprinting and Attacking a Healthcare InfrastructurePositive Hack Days
 
Аспекты деятельности инсайдеров на предприятии
Аспекты деятельности инсайдеров на предприятииАспекты деятельности инсайдеров на предприятии
Аспекты деятельности инсайдеров на предприятииPositive Hack Days
 
Восток — дело тонкое, или Уязвимости медицинского и индустриального ПО
Восток — дело тонкое, или Уязвимости медицинского и индустриального ПОВосток — дело тонкое, или Уязвимости медицинского и индустриального ПО
Восток — дело тонкое, или Уязвимости медицинского и индустриального ПОPositive Hack Days
 

Andere mochten auch (20)

SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016 SANS ICS Security Survey Report 2016
SANS ICS Security Survey Report 2016
 
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security   01   Ics Scada Cyber Security Solutions and Challenges...Dubai Cyber Security   01   Ics Scada Cyber Security Solutions and Challenges...
Dubai Cyber Security 01 Ics Scada Cyber Security Solutions and Challenges...
 
Scada Security & Penetration Testing
Scada Security & Penetration TestingScada Security & Penetration Testing
Scada Security & Penetration Testing
 
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
National Oil Company Conference 2014 - Evolving Cyber Security - A Wake Up Ca...
 
Автоматизация нагрузочного тестирования в связке JMeter + TeamСity + Grafana ...
Автоматизация нагрузочного тестирования в связке JMeter + TeamСity + Grafana ...Автоматизация нагрузочного тестирования в связке JMeter + TeamСity + Grafana ...
Автоматизация нагрузочного тестирования в связке JMeter + TeamСity + Grafana ...
 
Building a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS EnvironmentsBuilding a Cyber Security Operations Center for SCADA/ICS Environments
Building a Cyber Security Operations Center for SCADA/ICS Environments
 
Современные российские средства защиты информации
Современные российские средства защиты информацииСовременные российские средства защиты информации
Современные российские средства защиты информации
 
2016 10 pt kz качалин
2016 10 pt kz качалин2016 10 pt kz качалин
2016 10 pt kz качалин
 
Биография сетевого периметра в картинках
Биография сетевого периметра в картинкахБиография сетевого периметра в картинках
Биография сетевого периметра в картинках
 
The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...
The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...
The Tofino Industrial Security Solution - 7 Steps To Securing Your Industrial...
 
Overcoming Cyber Attacks
Overcoming Cyber AttacksOvercoming Cyber Attacks
Overcoming Cyber Attacks
 
BlackHat Europe 2010: SCADA and ICS for Security Experts
BlackHat Europe 2010: SCADA and ICS for Security ExpertsBlackHat Europe 2010: SCADA and ICS for Security Experts
BlackHat Europe 2010: SCADA and ICS for Security Experts
 
120213 cateura grenoble em smart grid toward which business models
120213 cateura grenoble em smart grid toward which business models120213 cateura grenoble em smart grid toward which business models
120213 cateura grenoble em smart grid toward which business models
 
SSDL: один день из жизни разработчика
SSDL: один день из жизни разработчикаSSDL: один день из жизни разработчика
SSDL: один день из жизни разработчика
 
Как увидеть невидимые инциденты
Как увидеть невидимые инцидентыКак увидеть невидимые инциденты
Как увидеть невидимые инциденты
 
Positive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days. Pavlov. Network Infrastructure Security AssessmentPositive Hack Days. Pavlov. Network Infrastructure Security Assessment
Positive Hack Days. Pavlov. Network Infrastructure Security Assessment
 
Why IT Security Is Fucked Up
Why IT Security Is Fucked UpWhy IT Security Is Fucked Up
Why IT Security Is Fucked Up
 
Fingerprinting and Attacking a Healthcare Infrastructure
Fingerprinting and Attacking a Healthcare InfrastructureFingerprinting and Attacking a Healthcare Infrastructure
Fingerprinting and Attacking a Healthcare Infrastructure
 
Аспекты деятельности инсайдеров на предприятии
Аспекты деятельности инсайдеров на предприятииАспекты деятельности инсайдеров на предприятии
Аспекты деятельности инсайдеров на предприятии
 
Восток — дело тонкое, или Уязвимости медицинского и индустриального ПО
Восток — дело тонкое, или Уязвимости медицинского и индустриального ПОВосток — дело тонкое, или Уязвимости медицинского и индустриального ПО
Восток — дело тонкое, или Уязвимости медицинского и индустриального ПО
 

Ähnlich wie PT-DTS SCADA Security using MaxPatrol

Nozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-SheetNozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-SheetNozomi Networks
 
Azure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure CloudAzure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure CloudPaulo Renato
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonPatricia M Watson
 
Secure IOT Gateway
Secure IOT GatewaySecure IOT Gateway
Secure IOT GatewayLF Events
 
Robust Cyber Security for Power Utilities
Robust Cyber Security for Power UtilitiesRobust Cyber Security for Power Utilities
Robust Cyber Security for Power UtilitiesNir Cohen
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessMicrosoft Tech Community
 
Scada Strangelove - 29c3
Scada Strangelove - 29c3Scada Strangelove - 29c3
Scada Strangelove - 29c3qqlan
 
Securing control systems v0.4
Securing control systems v0.4Securing control systems v0.4
Securing control systems v0.4CrispnCrunch
 
Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015Scalar Decisions
 
5 Steps to Reduce Your Window of Vulnerability
5 Steps to Reduce Your Window of Vulnerability5 Steps to Reduce Your Window of Vulnerability
5 Steps to Reduce Your Window of VulnerabilitySkybox Security
 
Week 09_Cyber security u.pdf
Week 09_Cyber security u.pdfWeek 09_Cyber security u.pdf
Week 09_Cyber security u.pdfdhanywahyudi17
 
OpManager-Overview-30-9-14.pdf
OpManager-Overview-30-9-14.pdfOpManager-Overview-30-9-14.pdf
OpManager-Overview-30-9-14.pdfssusera181ef
 
Encapsulating Complexity in IoT Solutions
Encapsulating Complexity in IoT SolutionsEncapsulating Complexity in IoT Solutions
Encapsulating Complexity in IoT SolutionsEurotech
 
Managed Security Services from Symantec
Managed Security Services from SymantecManaged Security Services from Symantec
Managed Security Services from SymantecArrow ECS UK
 
CONFidence 2015: SCADA and mobile: security assessment of the applications th...
CONFidence 2015: SCADA and mobile: security assessment of the applications th...CONFidence 2015: SCADA and mobile: security assessment of the applications th...
CONFidence 2015: SCADA and mobile: security assessment of the applications th...PROIDEA
 
CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...
CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...
CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...TI Safe
 
Is your MQTT broker IoT ready?
Is your MQTT broker IoT ready?Is your MQTT broker IoT ready?
Is your MQTT broker IoT ready?Eurotech
 
Cloud monitoring - An essential Platform Service
Cloud monitoring  - An essential Platform ServiceCloud monitoring  - An essential Platform Service
Cloud monitoring - An essential Platform ServiceSoumitra Bhattacharyya
 
Subscribed 2015: Architecture, Security, Scalability
Subscribed 2015: Architecture, Security, ScalabilitySubscribed 2015: Architecture, Security, Scalability
Subscribed 2015: Architecture, Security, ScalabilityZuora, Inc.
 

Ähnlich wie PT-DTS SCADA Security using MaxPatrol (20)

Nozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-SheetNozomi Networks SCADAguardian - Data-Sheet
Nozomi Networks SCADAguardian - Data-Sheet
 
Azure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure CloudAzure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure Cloud
 
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia WatsonSCADA Cyber Sec | ISACA 2013 | Patricia Watson
SCADA Cyber Sec | ISACA 2013 | Patricia Watson
 
Secure IOT Gateway
Secure IOT GatewaySecure IOT Gateway
Secure IOT Gateway
 
Robust Cyber Security for Power Utilities
Robust Cyber Security for Power UtilitiesRobust Cyber Security for Power Utilities
Robust Cyber Security for Power Utilities
 
Removing Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment SuccessRemoving Security Roadblocks to IoT Deployment Success
Removing Security Roadblocks to IoT Deployment Success
 
Scada Strangelove - 29c3
Scada Strangelove - 29c3Scada Strangelove - 29c3
Scada Strangelove - 29c3
 
Securing control systems v0.4
Securing control systems v0.4Securing control systems v0.4
Securing control systems v0.4
 
Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015Scalar Security Roadshow April 2015
Scalar Security Roadshow April 2015
 
5 Steps to Reduce Your Window of Vulnerability
5 Steps to Reduce Your Window of Vulnerability5 Steps to Reduce Your Window of Vulnerability
5 Steps to Reduce Your Window of Vulnerability
 
Week 09_Cyber security u.pdf
Week 09_Cyber security u.pdfWeek 09_Cyber security u.pdf
Week 09_Cyber security u.pdf
 
OpManager-Overview-30-9-14.pdf
OpManager-Overview-30-9-14.pdfOpManager-Overview-30-9-14.pdf
OpManager-Overview-30-9-14.pdf
 
Encapsulating Complexity in IoT Solutions
Encapsulating Complexity in IoT SolutionsEncapsulating Complexity in IoT Solutions
Encapsulating Complexity in IoT Solutions
 
Managed Security Services from Symantec
Managed Security Services from SymantecManaged Security Services from Symantec
Managed Security Services from Symantec
 
CONFidence 2015: SCADA and mobile: security assessment of the applications th...
CONFidence 2015: SCADA and mobile: security assessment of the applications th...CONFidence 2015: SCADA and mobile: security assessment of the applications th...
CONFidence 2015: SCADA and mobile: security assessment of the applications th...
 
TRUSTSeminar.ppt
TRUSTSeminar.pptTRUSTSeminar.ppt
TRUSTSeminar.ppt
 
CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...
CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...
CLASS 2018 - Palestra de Shad Harris (Senior Subject Matter Expert on Securit...
 
Is your MQTT broker IoT ready?
Is your MQTT broker IoT ready?Is your MQTT broker IoT ready?
Is your MQTT broker IoT ready?
 
Cloud monitoring - An essential Platform Service
Cloud monitoring  - An essential Platform ServiceCloud monitoring  - An essential Platform Service
Cloud monitoring - An essential Platform Service
 
Subscribed 2015: Architecture, Security, Scalability
Subscribed 2015: Architecture, Security, ScalabilitySubscribed 2015: Architecture, Security, Scalability
Subscribed 2015: Architecture, Security, Scalability
 

Mehr von Shah Sheikh

ISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber ResilienceISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber ResilienceShah Sheikh
 
DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company PresentationShah Sheikh
 
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Shah Sheikh
 
DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company PresentationShah Sheikh
 
DTS Solution - Red Team - Penetration Testing
DTS Solution - Red Team - Penetration TestingDTS Solution - Red Team - Penetration Testing
DTS Solution - Red Team - Penetration TestingShah Sheikh
 
DTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioDTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioShah Sheikh
 
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....Shah Sheikh
 
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...Shah Sheikh
 
Yehia Mamdouh @ DTS Solution - The Gentleman Thief
Yehia Mamdouh @ DTS Solution - The Gentleman ThiefYehia Mamdouh @ DTS Solution - The Gentleman Thief
Yehia Mamdouh @ DTS Solution - The Gentleman ThiefShah Sheikh
 
DefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
DefCamp - Mohamed Bedewi - Building a Weaponized HoneypotDefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
DefCamp - Mohamed Bedewi - Building a Weaponized HoneypotShah Sheikh
 
BalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed Bedewi
BalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed BedewiBalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed Bedewi
BalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed BedewiShah Sheikh
 
DTS Solution - Hacking ATM Machines - The Italian Job Way
DTS Solution - Hacking ATM Machines - The Italian Job WayDTS Solution - Hacking ATM Machines - The Italian Job Way
DTS Solution - Hacking ATM Machines - The Italian Job WayShah Sheikh
 
Shah Sheikh / ISACA UAE - Deep Dive on Evasive Malware
Shah Sheikh / ISACA UAE - Deep Dive on Evasive MalwareShah Sheikh / ISACA UAE - Deep Dive on Evasive Malware
Shah Sheikh / ISACA UAE - Deep Dive on Evasive MalwareShah Sheikh
 
DTS Solution - Outsourcing Outlook Dubai 2015
DTS Solution - Outsourcing Outlook Dubai 2015DTS Solution - Outsourcing Outlook Dubai 2015
DTS Solution - Outsourcing Outlook Dubai 2015Shah Sheikh
 
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionGISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionShah Sheikh
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...Shah Sheikh
 
DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting Shah Sheikh
 
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah SheikhISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah SheikhShah Sheikh
 
DTS Solution - Penetration Testing Services v1.0
DTS Solution - Penetration Testing Services v1.0DTS Solution - Penetration Testing Services v1.0
DTS Solution - Penetration Testing Services v1.0Shah Sheikh
 
DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0Shah Sheikh
 

Mehr von Shah Sheikh (20)

ISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber ResilienceISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
ISACA 2019 Amman Chapter - Shah Sheikh - Cyber Resilience
 
DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company Presentation
 
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
Cyber Security 101 - Back to Basics (HP Secure Print Event 2018)
 
DTS Solution - Company Presentation
DTS Solution - Company PresentationDTS Solution - Company Presentation
DTS Solution - Company Presentation
 
DTS Solution - Red Team - Penetration Testing
DTS Solution - Red Team - Penetration TestingDTS Solution - Red Team - Penetration Testing
DTS Solution - Red Team - Penetration Testing
 
DTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services PortfolioDTS Solution - Cyber Security Services Portfolio
DTS Solution - Cyber Security Services Portfolio
 
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
DTS Solution - Yehia Mamdouh - Release your pet worm on your infrastructure....
 
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
DTS Solution - Crypto Flow Segmentation addressing NESA IAF and ISO27001 comp...
 
Yehia Mamdouh @ DTS Solution - The Gentleman Thief
Yehia Mamdouh @ DTS Solution - The Gentleman ThiefYehia Mamdouh @ DTS Solution - The Gentleman Thief
Yehia Mamdouh @ DTS Solution - The Gentleman Thief
 
DefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
DefCamp - Mohamed Bedewi - Building a Weaponized HoneypotDefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
DefCamp - Mohamed Bedewi - Building a Weaponized Honeypot
 
BalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed Bedewi
BalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed BedewiBalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed Bedewi
BalCcon 2015 - DTS Solution - Attacking the Unknown by Mohamed Bedewi
 
DTS Solution - Hacking ATM Machines - The Italian Job Way
DTS Solution - Hacking ATM Machines - The Italian Job WayDTS Solution - Hacking ATM Machines - The Italian Job Way
DTS Solution - Hacking ATM Machines - The Italian Job Way
 
Shah Sheikh / ISACA UAE - Deep Dive on Evasive Malware
Shah Sheikh / ISACA UAE - Deep Dive on Evasive MalwareShah Sheikh / ISACA UAE - Deep Dive on Evasive Malware
Shah Sheikh / ISACA UAE - Deep Dive on Evasive Malware
 
DTS Solution - Outsourcing Outlook Dubai 2015
DTS Solution - Outsourcing Outlook Dubai 2015DTS Solution - Outsourcing Outlook Dubai 2015
DTS Solution - Outsourcing Outlook Dubai 2015
 
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS SolutionGISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
GISEC 2015 Your Network in the Eyes of a Hacker - DTS Solution
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
 
DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting DTS Solution - Wireless Security Protocols / PenTesting
DTS Solution - Wireless Security Protocols / PenTesting
 
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah SheikhISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
ISACA Journal Publication - Does your Cloud have a Secure Lining? Shah Sheikh
 
DTS Solution - Penetration Testing Services v1.0
DTS Solution - Penetration Testing Services v1.0DTS Solution - Penetration Testing Services v1.0
DTS Solution - Penetration Testing Services v1.0
 
DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0DTS Solution - Software Defined Security v1.0
DTS Solution - Software Defined Security v1.0
 

Kürzlich hochgeladen

Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxGDSC PJATK
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1DianaGray10
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-pyJamie (Taka) Wang
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.YounusS2
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 

Kürzlich hochgeladen (20)

Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
Cybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptxCybersecurity Workshop #1.pptx
Cybersecurity Workshop #1.pptx
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1UiPath Platform: The Backend Engine Powering Your Automation - Session 1
UiPath Platform: The Backend Engine Powering Your Automation - Session 1
 
20230202 - Introduction to tis-py
20230202 - Introduction to tis-py20230202 - Introduction to tis-py
20230202 - Introduction to tis-py
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.Basic Building Blocks of Internet of Things.
Basic Building Blocks of Internet of Things.
 
20150722 - AGV
20150722 - AGV20150722 - AGV
20150722 - AGV
 
20230104 - machine vision
20230104 - machine vision20230104 - machine vision
20230104 - machine vision
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 

PT-DTS SCADA Security using MaxPatrol

  • 2. Agenda Positive Technologies Company overview ICS/SCADA security myths Positive Research on SCADA Security MaxPatrol for SCADA Positive Services for SCADA Questions?
  • 4. About Positive Technologies 10+ Years of experience 300+ Employees Offices • London, UK • Moscow, Russia • Seoul, Korea • Tunis, Tunisia • Rome, Italy 1000+ Customers & Partners globally Partnerships with major software vendors
  • 5. Positive Technologies Focus MaxPatrol - Vulnerability & Compliance Management System Positive Services – a unique team of experts in practical security Positive Research – one of the biggest research centers in Europe Positive Hack Days – the annual information security international Forum
  • 6. Positive Services We conduct more than 20 large-scale penetration tests each year We perform a consistently high volume of web application security assessments Security assessment • Penetration testing • Infrastructure analysis • Custom applications assessment Security management processes • KPI development • Technical standards and compliance • Audit & IT security risks of business processes
  • 7. Positive Research Center One of the biggest security research labs in Europe • 100+ new 0-day vulnerabilities discovered per year • Our research is used by key industry bodies We help global IT players to secure their products We are involved in the development of industry standards Our portal Securitylab.ru – a leading Eastern European security portal
  • 8. Positive Hack Days Forum 2012 1,500 Participants 6 Tracks 10 Workshops 8 Challenges Hacking CTF Contest Keynote by Bruce Schneier
  • 10. Our Customers Industrial enterprises Energia Space Corporation Tactical missiles corp. Sukhoi (aircraft building enterprise) Magnitogorsk Iron & Steel Nizhnekamsk (Petrochemicals) AEP (Nuclear Technologies)
  • 12. Why should we care about SCADA security? SCADA network is isolated and is not connected to other networks, all the more so to Internet MES/SCADA/PLC is based on custom platforms, and attackers can’t hack it HMI has limited functionality and does not allow to mount attack …
  • 13. PT security assessment experience 100% of tested SCADA networks are exposed to Internet/Corporate network Network equipment/firewalls misconfiguration MES/OPC/ERP integration gateways HMI external devices (Phones/Modems/USB Flash) abuse VPN/Dialup remote access 90% of tested SCADA can be hacked with Metasploit Standard platforms (Windows, Linux, QNX, BusyBox, Solaris…) Standard protocols (RCP, CIFS/SMB, Telnet, HTTP…) Standard bugs (patch management, passwords, firewalling, application vulnerabilities)
  • 14. PT security assessment experience 70% of HMI/Engineering stations are also used as desktops Kiosk mode bypass (Secret) Internet access games/”keygens”/trojans and other useful software Overall SCADA security level = Internet security in the beginning of XXI century VS
  • 16. Activities in 2012 SCADA Security in Numbers – research on ICS/SCADA attack surface SCADA applications security assessment – deep analysis of different automation systems Security Hardening guides development – security configuration guides and benchmark checklists for SCADA Community collaboration
  • 17. SCADA Security in Numbers Deep technical analysis of ICS/SCADA attack surface (2005 – August 2012) Statistics of Vulnerabilities and Exploits • Vulnerabilities in PLC/SACDA/MES systems • Risks and exploits • Vulnerability management effectiveness • Attack vectors and impact SCADA in the Internet • Analysis of SCADA systems exposed to the Internet • Distribution by vendor • Security level
  • 19. Risk level by vendor
  • 23. SCADA applications security assessment Deep technical analysis of different automation systems • Siemens automation solutions  SIMATIC WINCC  S7 PLCs  TIA Portal • Wonderware InTouch • … Methodologies • BlackBox Penetration testing/fuzzing • Web Application code review • Firmware reversing and static analysis • Forensic analysis
  • 24. SCADA applications security assessment: Results >50 vulnerabilities detected • Client-side (XSS, CSRF etc) • SQL/XPath injections • Arbitrary file reading • Username/passwords disclosure • Weak encryption • Hardcoded crypto keys • … Results • Partially fixed by vendors • Assessment and fixing roadmap with Siemens Product CERT 50 is a quarter of currently known SCADA vulnerabilities!
  • 25. Security Hardening guides development Technical guides for built-in and external security features Useful for configuration management and security assessment First public release - Siemens SIMATIC WinCC • To be: • TIA Portal • HMI Kiosk Mode • Intouch
  • 26. Community collaboration Collaboration with Siemens Product CERT and other vendors Reports on security conferences
  • 28. MaxPatrol in Figures checks of known vulnerabilities systems to work across configuration parameters new 0-day vulnerabilities per year 30,000+ 1,000+ 5,000+ 100+
  • 29. MaxPatrol – An All-in-One Solution
  • 30. MaxPatrol Highlights Password Policy Audit Malware Detection Integrity Monitoring Sensitive Data Detection Agentless & low-privileged Assessment Web-Application Security
  • 31. Our approach Defense in Depth strategy  Network Layer  OS and DBMS  SCADA/HMI/PLCs  MES/ERP Compliance management support
  • 32. Network Layer Vulnerabilities checks of different platforms • Cisco, Juniper, Check Point, Arbor, Huawei, Nortel, Alcatel Configuration analysis • Authentication checks • ACLs analysis • Special checks of industrial protocols configuration (Cisco Connected Grid, etc)
  • 33. OS and DBMS Exhaustive vulnerability and configuration analysis Operating Systems: Windows, Mac OS X, Linux, IBM AIX, HP- UX and Oracle Solaris Databases: Microsoft SQL, Oracle, IBM DB2, PostgreSQL, MySQL and Sybase Offline USB/CD Scanner • Useful for HMI/SCADA audits • Not require network connections • Full-featured reporting with MaxPatrol Server
  • 34. SCADA/HMI/PLC Support of automation protocols • ModBus/S7/DNP3/OPC Vulnerabilities checks of PLC/SCADA/MES Predefined (Safe mode) assessment for SCADA Configuration check of SCADA HMI Kiosk mode checks Mobile/Wireless/Internet access Software whitelist/blacklist Antivirus/HIPS checks
  • 35. MES/ERP Best among vulnerability and compliance assessment of ERP system Support of SAP Netweaver and Oracle EBS • Complete analysis on OS/DBMS/Application levels • Black box and White box vulnerability checks • SAP Notes and OEBS patches checks • Configuration analysis • SAP Security Guide compliances
  • 36. NERC Critical Infrastructure Protection Compliance CIP-002-1: Critical Cyber Asset Identification • Hardware and software discovery, network and system asset inventory CIP-003-1: Security Management Controls • Built-in configuration compliance checklists, automated vulnerability assessment CIP-005-1 Electronic Security Perimeter(s) • Control network security via network scan configuration checks
  • 37. NERC Critical Infrastructure Protection Compliance CIP-007-1 Systems Security Management • Automated assessment of security controls (antivirus, SIEM, Firewall, etc.) CIP-008-1 Incident Reporting and Response Planning • Control of risky configurations and compromise detection
  • 38. Key Features: Flexibility & Integration Asset Management Help Desk Ticketing Risk Management Patch Management SIM/SIEM IPS and WAF Penetration Testing NAC/NAP
  • 40. Positive Services ICS Infrastructure Security Audit Complex assessment of technical and organizational security means. From PLC to ERP. From Pentest to Checklists. SCADA application security assessment Deep technical inspection of SCADA security on Network/OS/Database and Application levels. Security policy and configuration checklist development Vulnerability and compliance management process implementation
  • 41. Resume Positive Technologies approach Research: to understand vulnerabilities and to find new Audit: to discover risks and select countermeasures Automate: vulnerability and compliance management with MaxPatrol Control: security process efficiency Consolidate: vendors, researchers and customers to create safe ICS/SCADA infrastructure and solutions