SlideShare ist ein Scribd-Unternehmen logo

[CLASS 2014] Palestra Técnica - Alexandre Euclides

TI Safe
TI Safe

Título da Palestra: Tensão construtiva: O relacionamento Fornecedor / Pesquisador

Technologie
1 von 20
Downloaden Sie, um offline zu lesen
© Siemens Industry, Inc. 2014 All rights reserved. Answers for industry. Constructive Tension: The Vendor/Researcher Relationship CLASS 2014 - 1st SCADA Security Conference LATAM
© Siemens Industry, Inc. 2014 All rights reserved. Page 2 2014-Nov-05 H. Brian/ I DF RD SEC • Introduction • Background of Siemens Industrial Security • Goals of ICS Vulnerability Disclosure • Siemens Disclosure Policy • Other Vendors Disclosure Policies • Researchers Disclosure Policies • Areas of Agreement • Ideas for Improved Cooperation • Conclusions • Q&A Agenda
© Siemens Industry, Inc. 2014 All rights reserved. Page 3 2014-Nov-05 H. Brian/ I DF RD SEC Personal Introduction Who Am I? Harry Brian Siemens Industry Digital Factory, R&D Responsible for Product and Solutions Security, North America PLC, HMI, Drives Previously: Product and Project Management, System Test Founder and general partner of Paragon Control Systems B.S. Computer Science - North Carolina State University Several SANS certifications
© Siemens Industry, Inc. 2014 All rights reserved. Page 4 2014-Nov-05 H. Brian/ I DF RD SEC Product Security Responsibilities Digital Factory PLC Drives HMI Networking SCADA
© Siemens Industry, Inc. 2014 All rights reserved. Page 5 2014-Nov-05 H. Brian/ I DF RD SEC Johnson City, TN USA Product Development S7-200 WinAC PLCSim S7-1200
© Siemens Industry, Inc. 2014 All rights reserved. Page 6 2014-Nov-05 H. Brian/ I DF RD SEC Industry Security Network Product and Solution Security Office Security System Architecture Research & Development CS Value Services System Test Customer Support Consulting, System functions Interface to Office-IT Security Lab International Hubs Process Improvement Secure PC / HMI Hardware Integrity Security Requirements Security Marketing & Comm Standards, Regulations, internal Assessment  Central Office – HQ Nuremburg  Security Experts from all organizations  Full-time and Part-time Security  Product and Process Experts  Close to customer Requirements
© Siemens Industry, Inc. 2014 All rights reserved. Page 7 2014-Nov-05 H. Brian/ I DF RD SEC Singapore Brazil Russia China France India North America UK HQ Siemens Regional Security Hubs  Monitor the Regional Security Environment  Respond to reports of SIMATIC Security Incidents  Interface to External Security Researchers  Interface to Regional CERT  Coordinate / Resolve customer questions R&D Engineering Support  Train RD staff in Product Security Awareness  Security Lab Activities  Duplication, Resolution of Vulnerabilities
© Siemens Industry, Inc. 2014 All rights reserved. Page 8 2014-Nov-05 H. Brian/ I DF RD SEC The Problem • Public disclosure of security information inspires vendors to be truthful about flaws, repair vulnerabilities and build more secure products. • Disclosure and peer review advances the state of the art in security. • Researchers can figure out where new technologies need to be developed • Information can help policymakers understand where problems tend to occur. One of the most contentious debates in the ICS security field involves the publication of security vulnerabilities. • Vulnerability information can give attackers the information they need to exploit a security hole in a system and cause harm. • Release of proof-of-concept code allows “script-kiddies” launch attacks without knowledge of consequences. • End-users and Owner/Operators in many cases cannot shut down operations to apply patches, so would be vulnerable to attack. • ICS vendor design and test cycle is lengthy.
© Siemens Industry, Inc. 2014 All rights reserved. Page 9 2014-Nov-05 H. Brian/ I DF RD SEC ICS Owner/Operator “Window of Exposure” Discovery Exploit Disclosure Window of Exposure Patch Available Window of Exposure (Organization) Patch Applied Source: https://www.honeywellprocess.com/library/news-and-events/presentations/HUGAP-IndustrialCyberSecurity.pdf
© Siemens Industry, Inc. 2014 All rights reserved. Page 10 2014-Nov-05 H. Brian/ I DF RD SEC Siemens Disclosure Policy Siemens discloses product security vulnerabilities that have been adequately fixed within our products and solutions through security advisories containing detailed information about the issues. Report Analysis Handling Disclosure
© Siemens Industry, Inc. 2014 All rights reserved. Page 11 2014-Nov-05 H. Brian/ I DF RD SEC Siemens Security Advisories August 14th, 2014 Update for Simatic S7-1500 Siemens provides firmware version Simatic S7-1500 V1.6 which fixes one vulnerability. The update is recommended to all users. We thank Arnaud Ebalard from Agence Nationale de la Sécurité des Systèmes d’Information (ANSSI) for his information. --------------------------------------------------------------------------- July 23rd, 2014 Update for Simatic WinCC Siemens provides product release Simatic WinCC V7.3 which fixes several vulnerabilities. We thank Sergey Gordeychik, Alexander Tlyapov, Dmitry Nagibin, and Gleb Gritsai from Positive Technologies for their information
© Siemens Industry, Inc. 2014 All rights reserved. Page 12 2014-Nov-05 H. Brian/ I DF RD SEC • “With public disclosure, you widen the circle of critical and innovative eyes, and a third party might be able to mitigate where the vendor cannot” • “The industrial sector should realize that security researchers are not against vendors.” • “Security researchers are donating significant time and expertise that would otherwise cost vendors thousands of dollars.” • “Good disclosure programs have: Respect, Optional Anonymity, Legal Impunity, Security, Responsiveness, and Openness.” • “ICS vendors should work with independent security researchers to promote responsible disclosure.” Thoughts from Researchers
© Siemens Industry, Inc. 2014 All rights reserved. Page 13 2014-Nov-05 H. Brian/ I DF RD SEC Uncoordinated Disclosure Potential for Problems
© Siemens Industry, Inc. 2014 All rights reserved. Page 14 2014-Nov-05 H. Brian/ I DF RD SEC Who is ICS CERT?  Part of the Department of Homeland Security  Respond to and analyze control systems related incidents  Conduct vulnerability and malware analysis  Provide situational awareness in the form of actionable intelligence  Coordinate the responsible disclosure of vulnerabilities/mitigations  Share and coordinate vulnerability information and threat analysis through informational products and alerts http://www.us-cert.gov/control_systems/ics-cert/ ICS CERT - Industrial Control Systems Cyber Emergency Response Team ICS-CERT Advisories Advisories provide timely information about current security issues, vulnerabilities, and exploits. Advisories by Vendor •ICSA-14-269-01 : Bash Command Injection Vulnerability •ICSA-14-261-01 : Advantech WebAccess Vulnerabilities •ICSA-14-260-01 : Yokogawa CENTUM and Exaopc Vulnerability •ICSA-14-259-01 : Schneider Electric SCADA Expert ClearSCADA Vulnerabilities •ICSA-14-254-01 : Schneider Electric VAMPSET Buffer Overflow •ICSA-14-224-01 : Ecava Integraxor SCADA Server Vulnerabilities •ICSA-14-247-01 : Sensys Networks Traffic Sensor Vulnerabilities •ICSA-14-238-01 : CG Automation Improper Input Validation •ICSA-14-238-02 : Schneider Electric Wonderware Vulnerabilities •ICSA-14-198-03C : Siemens OpenSSL Vulnerabilities (Update C) •ICSA-14-226-01 : Siemens SIMATIC S7-1500 CPU Denial of Service •ICSA-14-196-01 : SubSTATION Server Telegyr 8979 Master Vulnerabilities
© Siemens Industry, Inc. 2014 All rights reserved. Page 15 2014-Nov-05 H. Brian/ I DF RD SEC ICS-CERT Responsible Disclosure 1. ICS-CERT will attempt to coordinate all reported vulnerabilities with the affected vendor. a. Type and schedule of disclosure will be determined based on the factors involved. 2. The name and contact information of the reporter will be forwarded to the affected vendors unless otherwise requested by the reporter. a. ICS-CERT will advise the reporter of significant changes in the status of any vulnerability reported to the extent possible without revealing information provided in confidence by the vendor. b. Affected vendors will be apprised of any publication plans, and alternate publication schedules will be negotiated with affected vendors as required. 3. UPDATE! In cases where a vendor is unresponsive, or will not establish a reasonable timeframe for remediation, ICS-CERT may disclose vulnerabilities 45 days after the initial contact is made, regardless of the existence or availability of patches or workarounds from affected vendors. 4. Goal: Balance the need of the control system community to be informed of security vulnerabilities with the vendors' need for time to respond effectively. a. The final determination of the type and schedule of publication will be based on the best interests of the community overall.
© Siemens Industry, Inc. 2014 All rights reserved. Page 16 2014-Nov-05 H. Brian/ I DF RD SEC ICS-CERT Sample Advisory Contents Advisory (ICSA-14-205-02) Siemens SIMATIC WinCC Vulnerabilities Original release date: July 24, 2014 • OVERVIEW • AFFECTED PRODUCTS • IMPACT • BACKGROUND • VULNERABILITY DETAILS • EXPLOITABILITY • EXISTENCE OF EXPLOIT • DIFFICULTY • MITIGATION
© Siemens Industry, Inc. 2014 All rights reserved. Page 17 2014-Nov-05 H. Brian/ I DF RD SEC Coordinated vs UnCoordinated Disclosure
© Siemens Industry, Inc. 2014 All rights reserved. Page 18 2014-Nov-05 H. Brian/ I DF RD SEC ICS-CERT Security Incident Occurs Siemens CERT Incident Response Flow Chart - How are patches, CERT Alerts, TAs, and Customer Facing Information Created? Hotline Incidents are generally reported to one of these organizations Initial Review and Classification as Security Incident Siemens CERT, System Test, RD, CS 1, Regional Security Hub are typically involved in this step Form Response Team Develop Transparent Explanation of Problem Propose Solutions to AS Management Coordinate Approved Solutions Response team formed based upon technical nature of event. Typically includes Head of Security Hub, Region Security Hub Lead, Siemens CERT, RD Manager, System Test Manager, Hotline, HQ Media Relations, and other technical experts as required A A RQ’s Generated Bug Fixes System Test - Siemens - CERT - Researcher Patch Available The Transparent Explanation of the Problem is the source for several other important deliverables ICS-CERT Advised ICS-CERT Alert (Private Portal) TA Issued ICS-CERT Alert (Public Portal) R&D Siemens CERT S&S Web Posting Holding Statement S&S Web Posting (update) HQ AS Mkt / PM / MR Create Region Media Message - Issue Statements -- Respond to Press -- Twitter Create Region Mkt. Message - Customer Letters -- Presentations -- Customer Spokespersons Region MR Region Mkt.
© Siemens Industry, Inc. 2014 All rights reserved. Page 19 2014-Nov-05 H. Brian/ I DF RD SEC Personal Introduction Thank You! – Muito Obrigado! Questions?
© Siemens Industry, Inc. 2014 All rights reserved. Page 20 2014-Nov-05 H. Brian/ I DF RD SEC Harry Brian Product and Solution Security Siemens Industry, Inc One Internet Plaza Johnson City, TN 37604 Phone: +1 (423) 262-2292 E-mail: harry.brian@siemens.com Contact page Answers for industry.

Empfohlen

Protect Against Security Breaches by Securing Endpoints with Multi-Factor Aut...
Protect Against Security Breaches by Securing Endpoints with Multi-Factor Aut...Protect Against Security Breaches by Securing Endpoints with Multi-Factor Aut...
Protect Against Security Breaches by Securing Endpoints with Multi-Factor Aut...CA Technologies
 
Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security Digital Bond
 
Security architecture proposal template
Security architecture proposal templateSecurity architecture proposal template
Security architecture proposal templateMoti Sagey מוטי שגיא
 
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...Digital Bond
 
Waterfall Security Solutions Overview Q1 2012
Waterfall Security Solutions Overview Q1 2012Waterfall Security Solutions Overview Q1 2012
Waterfall Security Solutions Overview Q1 2012henkpieper
 
Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...
Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...
Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...Digital Bond
 
Honeywell Vindicator® Corporate Brochure
Honeywell Vindicator® Corporate BrochureHoneywell Vindicator® Corporate Brochure
Honeywell Vindicator® Corporate Brochuredp3b58
 
SmartTV Security
SmartTV SecuritySmartTV Security
SmartTV SecurityUlisses Albuquerque
 

Empfohlen

Protect Against Security Breaches by Securing Endpoints with Multi-Factor Aut...
Protect Against Security Breaches by Securing Endpoints with Multi-Factor Aut...Protect Against Security Breaches by Securing Endpoints with Multi-Factor Aut...
Protect Against Security Breaches by Securing Endpoints with Multi-Factor Aut...CA Technologies
 
Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security Digital Bond
 
Security architecture proposal template
Security architecture proposal templateSecurity architecture proposal template
Security architecture proposal templateMoti Sagey מוטי שגיא
 
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...Digital Bond
 
Waterfall Security Solutions Overview Q1 2012
Waterfall Security Solutions Overview Q1 2012Waterfall Security Solutions Overview Q1 2012
Waterfall Security Solutions Overview Q1 2012henkpieper
 
Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...
Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...
Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...Digital Bond
 
Honeywell Vindicator® Corporate Brochure
Honeywell Vindicator® Corporate BrochureHoneywell Vindicator® Corporate Brochure
Honeywell Vindicator® Corporate Brochuredp3b58
 
SmartTV Security
SmartTV SecuritySmartTV Security
SmartTV SecurityUlisses Albuquerque
 
Better Do What They Told Ya
Better Do What They Told YaBetter Do What They Told Ya
Better Do What They Told Yaurma
 
MT 70 The New Era of Incident Response Planning
MT 70 The New Era of Incident Response PlanningMT 70 The New Era of Incident Response Planning
MT 70 The New Era of Incident Response PlanningDell EMC World
 
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Digital Bond
 
CompTIA CAS-002 VCE Outline
CompTIA CAS-002 VCE OutlineCompTIA CAS-002 VCE Outline
CompTIA CAS-002 VCE OutlineExamcollection
 
Security and Communication Systems Integration
Security and Communication Systems Integration Security and Communication Systems Integration
Security and Communication Systems Integration Chris Cavallo
 
MT 69 Tripwire Defense: Advanced Endpoint Detection by a Thousand Tripwires
MT 69 Tripwire Defense: Advanced Endpoint Detection by a Thousand Tripwires MT 69 Tripwire Defense: Advanced Endpoint Detection by a Thousand Tripwires
MT 69 Tripwire Defense: Advanced Endpoint Detection by a Thousand Tripwires Dell EMC World
 
Top Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for ApplicationsTop Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for ApplicationsDenim Group
 
Securing the Future of Safety and Security of Embedded Software
Securing the Future of Safety and Security of Embedded SoftwareSecuring the Future of Safety and Security of Embedded Software
Securing the Future of Safety and Security of Embedded SoftwareAdaCore
 
Spark / Ada for Safe and Secure Firmware Development
Spark / Ada for Safe and Secure Firmware DevelopmentSpark / Ada for Safe and Secure Firmware Development
Spark / Ada for Safe and Secure Firmware DevelopmentAdaCore
 
Big Bear Package Details
Big Bear Package DetailsBig Bear Package Details
Big Bear Package DetailsCharles_Scholz
 
Vulnerability Management In An Application Security World: AppSecDC
Vulnerability Management In An Application Security World: AppSecDCVulnerability Management In An Application Security World: AppSecDC
Vulnerability Management In An Application Security World: AppSecDCDenim Group
 
Why Check Point - Top 4
Why Check Point - Top 4Why Check Point - Top 4
Why Check Point - Top 4Moti Sagey מוטי שגיא
 
Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...
Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...
Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...Digital Bond
 
HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소GE코리아
 
Mind the gap_cpx2022_moti_sagey_final
Mind the gap_cpx2022_moti_sagey_finalMind the gap_cpx2022_moti_sagey_final
Mind the gap_cpx2022_moti_sagey_finalMoti Sagey מוטי שגיא
 
Making Network Security Relevant
Making Network Security RelevantMaking Network Security Relevant
Making Network Security RelevantHP Enterprise Italia
 
Software-Defined Segmentation Done Easily, Quickly and Right
Software-Defined Segmentation Done Easily, Quickly and RightSoftware-Defined Segmentation Done Easily, Quickly and Right
Software-Defined Segmentation Done Easily, Quickly and RightSBWebinars
 
NGFW RFP TEMPLATE - TEST PLAN
NGFW RFP TEMPLATE - TEST PLANNGFW RFP TEMPLATE - TEST PLAN
NGFW RFP TEMPLATE - TEST PLANMoti Sagey מוטי שגיא
 
Safety Instrumentation
Safety Instrumentation Safety Instrumentation
Safety Instrumentation Living Online
 
Key Resources - z/Assure Sales Presentation
Key Resources - z/Assure Sales PresentationKey Resources - z/Assure Sales Presentation
Key Resources - z/Assure Sales Presentationrfragola
 
[CLASS 2014] Palestra Técnica - Marcelo Branquinho e Jan Seidl
[CLASS 2014] Palestra Técnica - Marcelo Branquinho e Jan Seidl[CLASS 2014] Palestra Técnica - Marcelo Branquinho e Jan Seidl
[CLASS 2014] Palestra Técnica - Marcelo Branquinho e Jan SeidlTI Safe
 
Palestra de Marcelo Branquinho no Congresso Rio Automação
Palestra de Marcelo Branquinho no Congresso Rio AutomaçãoPalestra de Marcelo Branquinho no Congresso Rio Automação
Palestra de Marcelo Branquinho no Congresso Rio AutomaçãoTI Safe
 

Weitere ähnliche Inhalte

Was ist angesagt?

Better Do What They Told Ya
Better Do What They Told YaBetter Do What They Told Ya
Better Do What They Told Yaurma
 
MT 70 The New Era of Incident Response Planning
MT 70 The New Era of Incident Response PlanningMT 70 The New Era of Incident Response Planning
MT 70 The New Era of Incident Response PlanningDell EMC World
 
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Digital Bond
 
CompTIA CAS-002 VCE Outline
CompTIA CAS-002 VCE OutlineCompTIA CAS-002 VCE Outline
CompTIA CAS-002 VCE OutlineExamcollection
 
Security and Communication Systems Integration
Security and Communication Systems Integration Security and Communication Systems Integration
Security and Communication Systems Integration Chris Cavallo
 
MT 69 Tripwire Defense: Advanced Endpoint Detection by a Thousand Tripwires
MT 69 Tripwire Defense: Advanced Endpoint Detection by a Thousand Tripwires MT 69 Tripwire Defense: Advanced Endpoint Detection by a Thousand Tripwires
MT 69 Tripwire Defense: Advanced Endpoint Detection by a Thousand Tripwires Dell EMC World
 
Top Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for ApplicationsTop Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for ApplicationsDenim Group
 
Securing the Future of Safety and Security of Embedded Software
Securing the Future of Safety and Security of Embedded SoftwareSecuring the Future of Safety and Security of Embedded Software
Securing the Future of Safety and Security of Embedded SoftwareAdaCore
 
Spark / Ada for Safe and Secure Firmware Development
Spark / Ada for Safe and Secure Firmware DevelopmentSpark / Ada for Safe and Secure Firmware Development
Spark / Ada for Safe and Secure Firmware DevelopmentAdaCore
 
Big Bear Package Details
Big Bear Package DetailsBig Bear Package Details
Big Bear Package DetailsCharles_Scholz
 
Vulnerability Management In An Application Security World: AppSecDC
Vulnerability Management In An Application Security World: AppSecDCVulnerability Management In An Application Security World: AppSecDC
Vulnerability Management In An Application Security World: AppSecDCDenim Group
 
Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...
Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...
Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...Digital Bond
 
HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소GE코리아
 
Software-Defined Segmentation Done Easily, Quickly and Right
Software-Defined Segmentation Done Easily, Quickly and RightSoftware-Defined Segmentation Done Easily, Quickly and Right
Software-Defined Segmentation Done Easily, Quickly and RightSBWebinars
 
Safety Instrumentation
Safety Instrumentation Safety Instrumentation
Safety Instrumentation Living Online
 
Key Resources - z/Assure Sales Presentation
Key Resources - z/Assure Sales PresentationKey Resources - z/Assure Sales Presentation
Key Resources - z/Assure Sales Presentationrfragola
 

Was ist angesagt? (20)

Better Do What They Told Ya
Better Do What They Told YaBetter Do What They Told Ya
Better Do What They Told Ya
 
MT 70 The New Era of Incident Response Planning
MT 70 The New Era of Incident Response PlanningMT 70 The New Era of Incident Response Planning
MT 70 The New Era of Incident Response Planning
 
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...
 
CompTIA CAS-002 VCE Outline
CompTIA CAS-002 VCE OutlineCompTIA CAS-002 VCE Outline
CompTIA CAS-002 VCE Outline
 
Security and Communication Systems Integration
Security and Communication Systems Integration Security and Communication Systems Integration
Security and Communication Systems Integration
 
MT 69 Tripwire Defense: Advanced Endpoint Detection by a Thousand Tripwires
MT 69 Tripwire Defense: Advanced Endpoint Detection by a Thousand Tripwires MT 69 Tripwire Defense: Advanced Endpoint Detection by a Thousand Tripwires
MT 69 Tripwire Defense: Advanced Endpoint Detection by a Thousand Tripwires
 
Top Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for ApplicationsTop Strategies to Capture Security Intelligence for Applications
Top Strategies to Capture Security Intelligence for Applications
 
Securing the Future of Safety and Security of Embedded Software
Securing the Future of Safety and Security of Embedded SoftwareSecuring the Future of Safety and Security of Embedded Software
Securing the Future of Safety and Security of Embedded Software
 
Spark / Ada for Safe and Secure Firmware Development
Spark / Ada for Safe and Secure Firmware DevelopmentSpark / Ada for Safe and Secure Firmware Development
Spark / Ada for Safe and Secure Firmware Development
 
Big Bear Package Details
Big Bear Package DetailsBig Bear Package Details
Big Bear Package Details
 
Vulnerability Management In An Application Security World: AppSecDC
Vulnerability Management In An Application Security World: AppSecDCVulnerability Management In An Application Security World: AppSecDC
Vulnerability Management In An Application Security World: AppSecDC
 
Why Check Point - Top 4
Why Check Point - Top 4Why Check Point - Top 4
Why Check Point - Top 4
 
Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...
Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...
Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...
 
HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소HMI/SCADA 리스크 감소
HMI/SCADA 리스크 감소
 
Mind the gap_cpx2022_moti_sagey_final
Mind the gap_cpx2022_moti_sagey_finalMind the gap_cpx2022_moti_sagey_final
Mind the gap_cpx2022_moti_sagey_final
 
Making Network Security Relevant
Making Network Security RelevantMaking Network Security Relevant
Making Network Security Relevant
 
Software-Defined Segmentation Done Easily, Quickly and Right
Software-Defined Segmentation Done Easily, Quickly and RightSoftware-Defined Segmentation Done Easily, Quickly and Right
Software-Defined Segmentation Done Easily, Quickly and Right
 
NGFW RFP TEMPLATE - TEST PLAN
NGFW RFP TEMPLATE - TEST PLANNGFW RFP TEMPLATE - TEST PLAN
NGFW RFP TEMPLATE - TEST PLAN
 
Safety Instrumentation
Safety Instrumentation Safety Instrumentation
Safety Instrumentation
 
Key Resources - z/Assure Sales Presentation
Key Resources - z/Assure Sales PresentationKey Resources - z/Assure Sales Presentation
Key Resources - z/Assure Sales Presentation
 

Andere mochten auch

[CLASS 2014] Palestra Técnica - Marcelo Branquinho e Jan Seidl
[CLASS 2014] Palestra Técnica - Marcelo Branquinho e Jan Seidl[CLASS 2014] Palestra Técnica - Marcelo Branquinho e Jan Seidl
[CLASS 2014] Palestra Técnica - Marcelo Branquinho e Jan SeidlTI Safe
 
Palestra de Marcelo Branquinho no Congresso Rio Automação
Palestra de Marcelo Branquinho no Congresso Rio AutomaçãoPalestra de Marcelo Branquinho no Congresso Rio Automação
Palestra de Marcelo Branquinho no Congresso Rio AutomaçãoTI Safe
 
Apresentação Técnica - Estratégias de Segurança para Redes Industriais e SCADA
Apresentação Técnica - Estratégias de Segurança para Redes Industriais e SCADAApresentação Técnica - Estratégias de Segurança para Redes Industriais e SCADA
Apresentação Técnica - Estratégias de Segurança para Redes Industriais e SCADATI Safe
 
Apresentação Técnica - Evento ISA Campinas
Apresentação Técnica - Evento ISA CampinasApresentação Técnica - Evento ISA Campinas
Apresentação Técnica - Evento ISA CampinasTI Safe
 
Digital Forensics: The next 10 years
Digital Forensics: The next 10 yearsDigital Forensics: The next 10 years
Digital Forensics: The next 10 yearsAl Imran, CISA
 
Let's cleanup your website
Let's cleanup your websiteLet's cleanup your website
Let's cleanup your websiteJane Sheeba
 
Тайская кухня - рецепты и интересная информация
Тайская кухня - рецепты и интересная информацияТайская кухня - рецепты и интересная информация
Тайская кухня - рецепты и интересная информацияBonduelle
 
Aweber vs get response
Aweber vs get responseAweber vs get response
Aweber vs get responseJane Sheeba
 
Как приготовить суши
Как приготовить сушиКак приготовить суши
Как приготовить сушиBonduelle
 
Lola by Anna Premiere
Lola by Anna PremiereLola by Anna Premiere
Lola by Anna Premierelolabyanna
 
Family Floater Health Guard Policy Wordings
Family Floater Health Guard Policy WordingsFamily Floater Health Guard Policy Wordings
Family Floater Health Guard Policy WordingsBerkshire Insurance
 

Andere mochten auch (14)

[CLASS 2014] Palestra Técnica - Marcelo Branquinho e Jan Seidl
[CLASS 2014] Palestra Técnica - Marcelo Branquinho e Jan Seidl[CLASS 2014] Palestra Técnica - Marcelo Branquinho e Jan Seidl
[CLASS 2014] Palestra Técnica - Marcelo Branquinho e Jan Seidl
 
Palestra de Marcelo Branquinho no Congresso Rio Automação
Palestra de Marcelo Branquinho no Congresso Rio AutomaçãoPalestra de Marcelo Branquinho no Congresso Rio Automação
Palestra de Marcelo Branquinho no Congresso Rio Automação
 
Apresentação Técnica - Estratégias de Segurança para Redes Industriais e SCADA
Apresentação Técnica - Estratégias de Segurança para Redes Industriais e SCADAApresentação Técnica - Estratégias de Segurança para Redes Industriais e SCADA
Apresentação Técnica - Estratégias de Segurança para Redes Industriais e SCADA
 
Apresentação Técnica - Evento ISA Campinas
Apresentação Técnica - Evento ISA CampinasApresentação Técnica - Evento ISA Campinas
Apresentação Técnica - Evento ISA Campinas
 
Digital Forensics: The next 10 years
Digital Forensics: The next 10 yearsDigital Forensics: The next 10 years
Digital Forensics: The next 10 years
 
11U bio ani 04
11U bio ani 0411U bio ani 04
11U bio ani 04
 
Let's cleanup your website
Let's cleanup your websiteLet's cleanup your website
Let's cleanup your website
 
Тайская кухня - рецепты и интересная информация
Тайская кухня - рецепты и интересная информацияТайская кухня - рецепты и интересная информация
Тайская кухня - рецепты и интересная информация
 
Aweber vs get response
Aweber vs get responseAweber vs get response
Aweber vs get response
 
Lecture
LectureLecture
Lecture
 
Как приготовить суши
Как приготовить сушиКак приготовить суши
Как приготовить суши
 
11u bio 07
11u bio 0711u bio 07
11u bio 07
 
Lola by Anna Premiere
Lola by Anna PremiereLola by Anna Premiere
Lola by Anna Premiere
 
Family Floater Health Guard Policy Wordings
Family Floater Health Guard Policy WordingsFamily Floater Health Guard Policy Wordings
Family Floater Health Guard Policy Wordings
 

Ähnlich wie [CLASS 2014] Palestra Técnica - Alexandre Euclides

Scalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Decisions
 
[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver Narr[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver NarrTI Safe
 
The Savvy Security Leader: Using Guerrilla Tactics to ID Security Program Res...
The Savvy Security Leader: Using Guerrilla Tactics to ID Security Program Res...The Savvy Security Leader: Using Guerrilla Tactics to ID Security Program Res...
The Savvy Security Leader: Using Guerrilla Tactics to ID Security Program Res...Denim Group
 
CLASS 2016 - Palestra Vitor Eduardo Lace Maganha
CLASS 2016 - Palestra Vitor Eduardo Lace MaganhaCLASS 2016 - Palestra Vitor Eduardo Lace Maganha
CLASS 2016 - Palestra Vitor Eduardo Lace MaganhaTI Safe
 
Industry 4.0 and security
Industry 4.0 and securityIndustry 4.0 and security
Industry 4.0 and securityDenis Jakuzza
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Decisions
 
Gettozero stealth industrial
Gettozero stealth industrialGettozero stealth industrial
Gettozero stealth industrialSherid444
 
Brian Isle: The Internet of Things: Manufacturing Panacea - or - Hacker's Dream?
Brian Isle: The Internet of Things: Manufacturing Panacea - or - Hacker's Dream?Brian Isle: The Internet of Things: Manufacturing Panacea - or - Hacker's Dream?
Brian Isle: The Internet of Things: Manufacturing Panacea - or - Hacker's Dream?360mnbsu
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldDigital Bond
 
Scalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Decisions
 
Scalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Decisions
 
Info sec for startups
Info sec for startupsInfo sec for startups
Info sec for startupsKesava Reddy
 
Cyber security: A roadmap to secure solutions
Cyber security: A roadmap to secure solutionsCyber security: A roadmap to secure solutions
Cyber security: A roadmap to secure solutionsSchneider Electric
 
«Product Security Incident Response Team (PSIRT) - Изнутри Cisco PSIRT», Алек...
«Product Security Incident Response Team (PSIRT) - Изнутри Cisco PSIRT», Алек...«Product Security Incident Response Team (PSIRT) - Изнутри Cisco PSIRT», Алек...
«Product Security Incident Response Team (PSIRT) - Изнутри Cisco PSIRT», Алек...Mail.ru Group
 
CIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile WorldCIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile WorldiMIS
 
CIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile WorldCIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile WorldiMIS
 
Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)
Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)
Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)Tripwire
 
Securing Your Digital Transformation: Cybersecurity and You
Securing Your Digital Transformation: Cybersecurity and YouSecuring Your Digital Transformation: Cybersecurity and You
Securing Your Digital Transformation: Cybersecurity and YouSAP Ariba
 

Ähnlich wie [CLASS 2014] Palestra Técnica - Alexandre Euclides (20)

Scalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto PresentationScalar Security Roadshow - Toronto Presentation
Scalar Security Roadshow - Toronto Presentation
 
[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver Narr[CLASS 2014] Palestra Técnica - Oliver Narr
[CLASS 2014] Palestra Técnica - Oliver Narr
 
The Savvy Security Leader: Using Guerrilla Tactics to ID Security Program Res...
The Savvy Security Leader: Using Guerrilla Tactics to ID Security Program Res...The Savvy Security Leader: Using Guerrilla Tactics to ID Security Program Res...
The Savvy Security Leader: Using Guerrilla Tactics to ID Security Program Res...
 
CLASS 2016 - Palestra Vitor Eduardo Lace Maganha
CLASS 2016 - Palestra Vitor Eduardo Lace MaganhaCLASS 2016 - Palestra Vitor Eduardo Lace Maganha
CLASS 2016 - Palestra Vitor Eduardo Lace Maganha
 
Industry 4.0 and security
Industry 4.0 and securityIndustry 4.0 and security
Industry 4.0 and security
 
IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future IBM Relay 2015: Securing the Future
IBM Relay 2015: Securing the Future
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver Presentation
 
Gettozero stealth industrial
Gettozero stealth industrialGettozero stealth industrial
Gettozero stealth industrial
 
Brian Isle: The Internet of Things: Manufacturing Panacea - or - Hacker's Dream?
Brian Isle: The Internet of Things: Manufacturing Panacea - or - Hacker's Dream?Brian Isle: The Internet of Things: Manufacturing Panacea - or - Hacker's Dream?
Brian Isle: The Internet of Things: Manufacturing Panacea - or - Hacker's Dream?
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The Field
 
Scalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary Presentation
 
Scalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa PresentationScalar Security Roadshow - Ottawa Presentation
Scalar Security Roadshow - Ottawa Presentation
 
Info sec for startups
Info sec for startupsInfo sec for startups
Info sec for startups
 
Cyber security: A roadmap to secure solutions
Cyber security: A roadmap to secure solutionsCyber security: A roadmap to secure solutions
Cyber security: A roadmap to secure solutions
 
«Product Security Incident Response Team (PSIRT) - Изнутри Cisco PSIRT», Алек...
«Product Security Incident Response Team (PSIRT) - Изнутри Cisco PSIRT», Алек...«Product Security Incident Response Team (PSIRT) - Изнутри Cisco PSIRT», Алек...
«Product Security Incident Response Team (PSIRT) - Изнутри Cisco PSIRT», Алек...
 
Web Application Security: Beyond PEN Testing
Web Application Security: Beyond PEN TestingWeb Application Security: Beyond PEN Testing
Web Application Security: Beyond PEN Testing
 
CIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile WorldCIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile World
 
CIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile WorldCIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile World
 
Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)
Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)
Industrial Cyber Security: What You Don't Know Might Hurt You (And Others...)
 
Securing Your Digital Transformation: Cybersecurity and You
Securing Your Digital Transformation: Cybersecurity and YouSecuring Your Digital Transformation: Cybersecurity and You
Securing Your Digital Transformation: Cybersecurity and You
 

Mehr von TI Safe

CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...TI Safe
 
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...TI Safe
 
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor... CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...TI Safe
 
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...TI Safe
 
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...TI Safe
 
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...TI Safe
 
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...TI Safe
 
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...TI Safe
 
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...TI Safe
 
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...TI Safe
 
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...TI Safe
 
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...TI Safe
 
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...TI Safe
 
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...TI Safe
 
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...TI Safe
 
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...TI Safe
 
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...TI Safe
 
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...TI Safe
 
Retrospectiva
RetrospectivaRetrospectiva
RetrospectivaTI Safe
 
Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1TI Safe
 

Mehr von TI Safe (20)

CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
CLASS 2022 - Luiz Fernando Roth e Matheus Tourinho - Ataques Cibernéticos a A...
 
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
CLASS 2022 - Júlio Omori (COPEL) e Tânia Marques (consultora independente) - ...
 
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor... CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
CLASS 2022 - Rodrigo Riella (Lactec) e Claudio Hermeling (TI Safe) - A impor...
 
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
CLASS 2022 - Thiago Branquinho (TI Safe) - Como implementar e certificar um S...
 
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
CLASS 2022 - Sergio Sevileanu (Siemens) e Felipe Coelho (Claroty) - Habilitan...
 
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
CLASS 2022 - Eduardo Valério (Ternium) - Uma década de cibersegurança em OT, ...
 
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
CLASS 2022 - Felipe Jordão (Palo Alto Networks) - Boas práticas de operações ...
 
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
CLASS 2022 - Abilio Franco e Bryan Rivera (Thales) - Privacidade de dados e c...
 
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
CLASS 2022 - Roberto Engler Jr. (IBM) - Gestão e monitoramento de alto nível ...
 
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
CLASS 2022 - Maiko Oliveira (Microsoft) - Convergência TO E TI, proteção tota...
 
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
Vitor Sena e Daniel Quintão (Gerdau) - Projeto, implantação, gestão e monitor...
 
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
CLASS 2022 - Marty Edwards (Tenable) - O perigo crescente de ransomware crimi...
 
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
CLASS 2022 - Júlio Cezar de Oliveira (Hitachi Energy) - Cibersegurança na era...
 
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
CLASS 2022 - Denis Sousa, Abner Bueno e Eduardo Pontes (Norte Energia) - Anál...
 
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
CLASS 2022 - Nycholas Szucko (Nozomi Networks) - Antifragilidade Cibernética ...
 
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
CLASS 2022 - Gustavo Merighi (Energisa) e Alessandro Moretti (Thales) - O Des...
 
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
CLASS 2022 - Marcelo Branquinho (TI Safe) - Ameaças Modernas e Ataques às red...
 
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
Webinar cci por que nao se deve contratar so cs de ti hibridos para proteg...
 
Retrospectiva
RetrospectivaRetrospectiva
Retrospectiva
 
Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1Pacote TI Safe ONS Ready v1
Pacote TI Safe ONS Ready v1
 

Kürzlich hochgeladen

Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 

Kürzlich hochgeladen (20)

Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 

[CLASS 2014] Palestra Técnica - Alexandre Euclides

  • 1. © Siemens Industry, Inc. 2014 All rights reserved. Answers for industry. Constructive Tension: The Vendor/Researcher Relationship CLASS 2014 - 1st SCADA Security Conference LATAM
  • 2. © Siemens Industry, Inc. 2014 All rights reserved. Page 2 2014-Nov-05 H. Brian/ I DF RD SEC • Introduction • Background of Siemens Industrial Security • Goals of ICS Vulnerability Disclosure • Siemens Disclosure Policy • Other Vendors Disclosure Policies • Researchers Disclosure Policies • Areas of Agreement • Ideas for Improved Cooperation • Conclusions • Q&A Agenda
  • 3. © Siemens Industry, Inc. 2014 All rights reserved. Page 3 2014-Nov-05 H. Brian/ I DF RD SEC Personal Introduction Who Am I? Harry Brian Siemens Industry Digital Factory, R&D Responsible for Product and Solutions Security, North America PLC, HMI, Drives Previously: Product and Project Management, System Test Founder and general partner of Paragon Control Systems B.S. Computer Science - North Carolina State University Several SANS certifications
  • 4. © Siemens Industry, Inc. 2014 All rights reserved. Page 4 2014-Nov-05 H. Brian/ I DF RD SEC Product Security Responsibilities Digital Factory PLC Drives HMI Networking SCADA
  • 5. © Siemens Industry, Inc. 2014 All rights reserved. Page 5 2014-Nov-05 H. Brian/ I DF RD SEC Johnson City, TN USA Product Development S7-200 WinAC PLCSim S7-1200
  • 6. © Siemens Industry, Inc. 2014 All rights reserved. Page 6 2014-Nov-05 H. Brian/ I DF RD SEC Industry Security Network Product and Solution Security Office Security System Architecture Research & Development CS Value Services System Test Customer Support Consulting, System functions Interface to Office-IT Security Lab International Hubs Process Improvement Secure PC / HMI Hardware Integrity Security Requirements Security Marketing & Comm Standards, Regulations, internal Assessment  Central Office – HQ Nuremburg  Security Experts from all organizations  Full-time and Part-time Security  Product and Process Experts  Close to customer Requirements
  • 7. © Siemens Industry, Inc. 2014 All rights reserved. Page 7 2014-Nov-05 H. Brian/ I DF RD SEC Singapore Brazil Russia China France India North America UK HQ Siemens Regional Security Hubs  Monitor the Regional Security Environment  Respond to reports of SIMATIC Security Incidents  Interface to External Security Researchers  Interface to Regional CERT  Coordinate / Resolve customer questions R&D Engineering Support  Train RD staff in Product Security Awareness  Security Lab Activities  Duplication, Resolution of Vulnerabilities
  • 8. © Siemens Industry, Inc. 2014 All rights reserved. Page 8 2014-Nov-05 H. Brian/ I DF RD SEC The Problem • Public disclosure of security information inspires vendors to be truthful about flaws, repair vulnerabilities and build more secure products. • Disclosure and peer review advances the state of the art in security. • Researchers can figure out where new technologies need to be developed • Information can help policymakers understand where problems tend to occur. One of the most contentious debates in the ICS security field involves the publication of security vulnerabilities. • Vulnerability information can give attackers the information they need to exploit a security hole in a system and cause harm. • Release of proof-of-concept code allows “script-kiddies” launch attacks without knowledge of consequences. • End-users and Owner/Operators in many cases cannot shut down operations to apply patches, so would be vulnerable to attack. • ICS vendor design and test cycle is lengthy.
  • 9. © Siemens Industry, Inc. 2014 All rights reserved. Page 9 2014-Nov-05 H. Brian/ I DF RD SEC ICS Owner/Operator “Window of Exposure” Discovery Exploit Disclosure Window of Exposure Patch Available Window of Exposure (Organization) Patch Applied Source: https://www.honeywellprocess.com/library/news-and-events/presentations/HUGAP-IndustrialCyberSecurity.pdf
  • 10. © Siemens Industry, Inc. 2014 All rights reserved. Page 10 2014-Nov-05 H. Brian/ I DF RD SEC Siemens Disclosure Policy Siemens discloses product security vulnerabilities that have been adequately fixed within our products and solutions through security advisories containing detailed information about the issues. Report Analysis Handling Disclosure
  • 11. © Siemens Industry, Inc. 2014 All rights reserved. Page 11 2014-Nov-05 H. Brian/ I DF RD SEC Siemens Security Advisories August 14th, 2014 Update for Simatic S7-1500 Siemens provides firmware version Simatic S7-1500 V1.6 which fixes one vulnerability. The update is recommended to all users. We thank Arnaud Ebalard from Agence Nationale de la Sécurité des Systèmes d’Information (ANSSI) for his information. --------------------------------------------------------------------------- July 23rd, 2014 Update for Simatic WinCC Siemens provides product release Simatic WinCC V7.3 which fixes several vulnerabilities. We thank Sergey Gordeychik, Alexander Tlyapov, Dmitry Nagibin, and Gleb Gritsai from Positive Technologies for their information
  • 12. © Siemens Industry, Inc. 2014 All rights reserved. Page 12 2014-Nov-05 H. Brian/ I DF RD SEC • “With public disclosure, you widen the circle of critical and innovative eyes, and a third party might be able to mitigate where the vendor cannot” • “The industrial sector should realize that security researchers are not against vendors.” • “Security researchers are donating significant time and expertise that would otherwise cost vendors thousands of dollars.” • “Good disclosure programs have: Respect, Optional Anonymity, Legal Impunity, Security, Responsiveness, and Openness.” • “ICS vendors should work with independent security researchers to promote responsible disclosure.” Thoughts from Researchers
  • 13. © Siemens Industry, Inc. 2014 All rights reserved. Page 13 2014-Nov-05 H. Brian/ I DF RD SEC Uncoordinated Disclosure Potential for Problems
  • 14. © Siemens Industry, Inc. 2014 All rights reserved. Page 14 2014-Nov-05 H. Brian/ I DF RD SEC Who is ICS CERT?  Part of the Department of Homeland Security  Respond to and analyze control systems related incidents  Conduct vulnerability and malware analysis  Provide situational awareness in the form of actionable intelligence  Coordinate the responsible disclosure of vulnerabilities/mitigations  Share and coordinate vulnerability information and threat analysis through informational products and alerts http://www.us-cert.gov/control_systems/ics-cert/ ICS CERT - Industrial Control Systems Cyber Emergency Response Team ICS-CERT Advisories Advisories provide timely information about current security issues, vulnerabilities, and exploits. Advisories by Vendor •ICSA-14-269-01 : Bash Command Injection Vulnerability •ICSA-14-261-01 : Advantech WebAccess Vulnerabilities •ICSA-14-260-01 : Yokogawa CENTUM and Exaopc Vulnerability •ICSA-14-259-01 : Schneider Electric SCADA Expert ClearSCADA Vulnerabilities •ICSA-14-254-01 : Schneider Electric VAMPSET Buffer Overflow •ICSA-14-224-01 : Ecava Integraxor SCADA Server Vulnerabilities •ICSA-14-247-01 : Sensys Networks Traffic Sensor Vulnerabilities •ICSA-14-238-01 : CG Automation Improper Input Validation •ICSA-14-238-02 : Schneider Electric Wonderware Vulnerabilities •ICSA-14-198-03C : Siemens OpenSSL Vulnerabilities (Update C) •ICSA-14-226-01 : Siemens SIMATIC S7-1500 CPU Denial of Service •ICSA-14-196-01 : SubSTATION Server Telegyr 8979 Master Vulnerabilities
  • 15. © Siemens Industry, Inc. 2014 All rights reserved. Page 15 2014-Nov-05 H. Brian/ I DF RD SEC ICS-CERT Responsible Disclosure 1. ICS-CERT will attempt to coordinate all reported vulnerabilities with the affected vendor. a. Type and schedule of disclosure will be determined based on the factors involved. 2. The name and contact information of the reporter will be forwarded to the affected vendors unless otherwise requested by the reporter. a. ICS-CERT will advise the reporter of significant changes in the status of any vulnerability reported to the extent possible without revealing information provided in confidence by the vendor. b. Affected vendors will be apprised of any publication plans, and alternate publication schedules will be negotiated with affected vendors as required. 3. UPDATE! In cases where a vendor is unresponsive, or will not establish a reasonable timeframe for remediation, ICS-CERT may disclose vulnerabilities 45 days after the initial contact is made, regardless of the existence or availability of patches or workarounds from affected vendors. 4. Goal: Balance the need of the control system community to be informed of security vulnerabilities with the vendors' need for time to respond effectively. a. The final determination of the type and schedule of publication will be based on the best interests of the community overall.
  • 16. © Siemens Industry, Inc. 2014 All rights reserved. Page 16 2014-Nov-05 H. Brian/ I DF RD SEC ICS-CERT Sample Advisory Contents Advisory (ICSA-14-205-02) Siemens SIMATIC WinCC Vulnerabilities Original release date: July 24, 2014 • OVERVIEW • AFFECTED PRODUCTS • IMPACT • BACKGROUND • VULNERABILITY DETAILS • EXPLOITABILITY • EXISTENCE OF EXPLOIT • DIFFICULTY • MITIGATION
  • 17. © Siemens Industry, Inc. 2014 All rights reserved. Page 17 2014-Nov-05 H. Brian/ I DF RD SEC Coordinated vs UnCoordinated Disclosure
  • 18. © Siemens Industry, Inc. 2014 All rights reserved. Page 18 2014-Nov-05 H. Brian/ I DF RD SEC ICS-CERT Security Incident Occurs Siemens CERT Incident Response Flow Chart - How are patches, CERT Alerts, TAs, and Customer Facing Information Created? Hotline Incidents are generally reported to one of these organizations Initial Review and Classification as Security Incident Siemens CERT, System Test, RD, CS 1, Regional Security Hub are typically involved in this step Form Response Team Develop Transparent Explanation of Problem Propose Solutions to AS Management Coordinate Approved Solutions Response team formed based upon technical nature of event. Typically includes Head of Security Hub, Region Security Hub Lead, Siemens CERT, RD Manager, System Test Manager, Hotline, HQ Media Relations, and other technical experts as required A A RQ’s Generated Bug Fixes System Test - Siemens - CERT - Researcher Patch Available The Transparent Explanation of the Problem is the source for several other important deliverables ICS-CERT Advised ICS-CERT Alert (Private Portal) TA Issued ICS-CERT Alert (Public Portal) R&D Siemens CERT S&S Web Posting Holding Statement S&S Web Posting (update) HQ AS Mkt / PM / MR Create Region Media Message - Issue Statements -- Respond to Press -- Twitter Create Region Mkt. Message - Customer Letters -- Presentations -- Customer Spokespersons Region MR Region Mkt.
  • 19. © Siemens Industry, Inc. 2014 All rights reserved. Page 19 2014-Nov-05 H. Brian/ I DF RD SEC Personal Introduction Thank You! – Muito Obrigado! Questions?
  • 20. © Siemens Industry, Inc. 2014 All rights reserved. Page 20 2014-Nov-05 H. Brian/ I DF RD SEC Harry Brian Product and Solution Security Siemens Industry, Inc One Internet Plaza Johnson City, TN 37604 Phone: +1 (423) 262-2292 E-mail: harry.brian@siemens.com Contact page Answers for industry.