THE BASICS OF ADVANCED ICS SECURITY

Price:

From €990

Duration:

3-5 days

Level:

Basic / Advanced

Trainer

Vladimir Daschenko

Vladimir Daschenko is a VP of Threat Intelligence at DeNexus. He has 10+ years of offensive and defensive security experience in different roles: penetration tester, vulnerability researcher and security analyst.
Vladimir started his career at the Federal Space Agency in Russia as a security engineer. He was also leading Kaspersky ICS CERT Vulnerability Research team and doing various projects on ICS/IoT/Automotive security. You might see his name mentioned in security advisories or ‘Halls of Fame’ by different world known vendors, such as Siemens, Schneider Electric, Rockwell Automation, Gemalto, BMW, etc.

About the training

ICS (Industrial Control Systems), OT (Operational Technology) and PCS (Process Control Systems) are all areas where security was traditionally underrated. The appearance of Stuxnet in 2010 was the tipping point in changing the perception of the industry, traditionally slow in implementing changes.

This training provides all the pillars for ICS/OT/PCS security.

Students will:
Understand security features and weaknesses of popular industrial protocols, frameworks, devices and software.
Get a solid understanding of MITRE ATT&CK TTPs (techniques, tactics and procedures) of known ICS-focused APT (Advanced Persistent Threat) actors.
Analyze real attack scenarios used in different industrial sectors.
Develop prevention, detection and mitigation strategies.

The goal of the training is obtaining a solid understanding of ICS/OT/PCS security, being able to assess the security level of setups in their working environments and to detect and mitigate any potential weak spots that an attacker might abuse.

This training can be extended to its Advanced version. The Advanced version includes tailored vulnerability research on popular ICS/OT/PCS solutions. Hands-on sessions include reverse engineering and fuzzing.

Duration: 3 days (+2 extra days for Advanced version)
Level: Basic (Medium for Advanced version)

Who should attend?
Managers, C-levels and decision makers.
Security officers and IT administrators working in industrial environments.
Red and Blue-teams in industrial environments..

Prerequisites:
Basic knowledge of ICS-related systems.
Basic knowledge of attack patterns.
For Advanced version, basic knowledge of Reverse Engineering and Fuzzing.

Hardware & Software Requirements:
Students are required to bring their own laptops (with VirtualBox for the Advanced version)

Key Takeaways:
Understand ICS attacks and techniques used against industrial environments.
Discover non-typical attack patterns.
Develop mitigation strategies for different typical setups.
Enhance your skills in ICS vulnerability research.