ICS (Industrial Control Systems), OT (Operational Technology) and PCS (Process Control Systems) are all areas where security was traditionally underrated. The appearance of Stuxnet in 2010 was the tipping point in changing the perception of the industry, traditionally slow in implementing changes.

This training provides all the pillars for ICS/OT/PCS security.

Students will:
Understand security features and weaknesses of popular industrial protocols, frameworks, devices and software.
Get a solid understanding of MITRE ATT&CK TTPs (techniques, tactics and procedures) of known ICS-focused APT (Advanced Persistent Threat) actors.
Analyze real attack scenarios used in different industrial sectors.
Develop prevention, detection and mitigation strategies.

The goal of the training is obtaining a solid understanding of ICS/OT/PCS security, being able to assess the security level of setups in their working environments and to detect and mitigate any potential weak spots that an attacker might abuse.

This training can be extended to its Advanced version. The Advanced version includes tailored vulnerability research on popular ICS/OT/PCS solutions. Hands-on sessions include reverse engineering and fuzzing.

Duration: 3 days (+2 extra days for Advanced version)
Level: Basic (Medium for Advanced version)

Who should attend?
Managers, C-levels and decision makers.
Security officers and IT administrators working in industrial environments.
Red and Blue-teams in industrial environments..

Prerequisites:
Basic knowledge of ICS-related systems.
Basic knowledge of attack patterns.
For Advanced version, basic knowledge of Reverse Engineering and Fuzzing.

Hardware & Software Requirements:
Students are required to bring their own laptops (with VirtualBox for the Advanced version)

Key Takeaways:
Understand ICS attacks and techniques used against industrial environments.
Discover non-typical attack patterns.
Develop mitigation strategies for different typical setups.
Enhance your skills in ICS vulnerability research.