Dragos 2018 ICS Year in Review: Lessons Learned from Threat Hunting and Responding to ICS Intrusions

•Download as PPTX, PDF•

1 like•742 views

VP of Dragos' Threat Operations Center, Ben Miller, and Principal Threat Analyst Mark Stacey discuss the 2018 ICS Year in Review report covering observations from performing threat hunts and incident response within industrial environments.

Technology

2018 Reviewof Hunting and
Respondingin ICS

Positive Deductions
Communities exist, information is
being shared, and trust is earned.
Vendors are motivated to
secure devices and protocols.
The industry acknowledges the threat
landscape and has a desire to
understand their own landscape
better (52%+).

Key Takeaways When considering improvements to
security, everything can be within scope.
The attackers either are or have already
achieved IT / OT convergence.
Cyber is guilty until proven innocent.
Successful IR requires a thought-out
approach and planning. Keeping in
mind, not all challenges are technical.
Consistent monitoring for adversary
behavior across ingress, egress, and
lateral traffic remains the single best
strategic and tactical action
organizations can take.
Applying specific IT solutions laterally
to these networks will not result in a
defensible organization.

PROBLEM STATEMENT:
ICS NETWORKS MUST BE DEFENSIBLE

What is on my
network?
•Asset Inventory
•Collection Management
Framework
•Vendors, Topology, Architecture
Is my network
under attack?
•Environment Visibility
•Proactive Hunting
•Vulnerability Detection
How do I
respond to
threats or
compromise?
• Exercises
• Playbooks
• Professional
Relationships
•Security Controls
•Impact
•TTP
•Target(s)

“We know weneedto improve our security
but don’t know whereto start.”

Enhance
Enable
Establish
Know what
you’re defending
Know your
capabilities
Test
Learn
Adapt
Architecture Assessment
IR Retainer
Training
Vulnerability Assessment
Threat Assessment
MDR
Penetration Test
Threat Hunting
Tabletops
What is on
my network?
Is my network
under attack?
How do I
respond?
{
{
{
{
{
{

https://dragos.com/wp-content/uploads/yir-threat-hunting-and-
responding.pdf
Ben Miller -- @electricfork
MarkStacey -- @lzeroki

More from Dragos, Inc.

A Case Study on Asset Baselining, Threat Detection, and Response - presented by Tim Watkins, Schweitzer Engineering Laboratories, and Matt Cowell, Dragos. The webinar – now available on-demand at https://selinc.com/events/on-demand-webinar/126340/ – provides insights on baselining your operation, building cyber defense, and streamlining ongoing management. SEL and Dragos also shared a case study based on a recent joint effort to address key cybersecurity challenges at a mid-sized US electric utility. Learn more about Dragos at https://dragos.com or follow us at https://twitter.com/dragosinc Learn more about SEL cybersecurity at https://selinc.com/solutions/security-for-critical-infrastructure/ or follow us at https://twitter.com/SEL_news

Securing Electric Utility Infrastructure

Dragos, Inc.

Dragos discusses the quickly rising tensions between the US, Russia, and Iran, threat intelligence on malicious activity surrounding these tensions, and recommended responses to defend industrial control systems and critical infrastructure worldwide. Presentations included from Dragos Threat Intelligence following these threats and the Dragos Threat Operations Center currently responding and defending against these threats. Visit www.dragos.com for more info about industrial cybersecurity

Rising Cyber Escalation US Iran Russia ICS Threats and Response

Dragos, Inc.

In this presentation, Matt Bodman, Director of Special Programs at Dragos, demonstrates the basics of Neighborhood Keeper. Neighborhood Keeper is a collaborative threat detection and intelligence program, led by Dragos in partnership with the DOE, that makes ICS threat analytics and data accessible to the greater ICS community. Its initial participants include: Dragos, Ameren, First Energy, Department of Energy’s Idaho National Labs, North American Electric Reliability Corporation’s Electricity Information Sharing and Analysis Center, and Southern Company. Neighborhood Keeper will serve smaller providers who lack sufficient resources to buy and manage advanced security technologies, giving them access to collaborative ICS data at near-real-time and providing them immediate insight into the ICS threat landscape without revealing sensitive data. For more information, please visit https://dragos.com/neighborhood-keeper/

Neighborhood Keeper - Introduction

Dragos, Inc.

In this presentation Daniel Michaud-Soucy, Principal Threat Analyst at Dragos, will demonstrate three separate models in order to identify gaps in ICS security posture. First, threat modeling serves as an inward look as an ICS network defender in order to properly understand the environment, the threat actors, the impacts, the risks and the crown jewels pertaining to an industrial process. Second, the ICS cyber kill chain serves as an outward look at the steps an adversary needs to take in order to achieve their objectives. Third, the bowtie model allows a graphical representation of the threats to the environment as well as the protection, detection, and response controls that help secure it. In the end, the asset owner creates a holistic picture of the security controls in their network, pertaining to the threat actors they care about and allows identification of gaps in their strategy. Visit www.dragos.com to learn more about the Dragos industrial cybersecurity platform for increased visibility of assets, threats and guided responses.

Dressing up the ICS Kill Chain

Dragos, Inc.

The advent of complex communication networks has revolutionized operational architecture in industrial environments over the last 20-30 years. The availability of real-time operational data has proven to effectively compress decision cycles, increase productivity, and has freed organizations of many resource constraints in their operational environments. However, the fact remains that the reliance on real-time operational data and asset connectivity and communication within industrial environments has also opened the way for attackers to potentially compromise asset functions through the very communication networks that are now depended upon for control of physical processes and safety. Additionally, the steady worldwide increase of industrial cyber-attacks has motivated security professionals to develop a plethora of assessment frameworks to help identify weak points in network defense and lower risk.

Consequence Informed Cyber Security

Dragos, Inc.

Dragos year in review (yir) 2018

Dragos, Inc.

Adversary groups and activities targeting industrial control systems are on the rise. Security teams are now tasked with defending increasingly complex and critical control systems without interrupting operations. This presentation highlights plans and progress of a large public electric utility to extend threat detection capability using PI system data sets. Integration with a threat detection platform improves situational awareness and adds value in three ways. It first provides confidence for quickly eliminating threat activity as a root cause of operational upsets. The second benefit is improved likelihood of detecting malicious tradecraft targeting control systems. Finally, the integrated approach provides data in support of control system incident response and forensic activities. Video for presentation here: https://youtu.be/Inn6FPaXN1w Learn more www.dragos.com

Dragos & SRP, PI World 2019: Utilizing Operations Data for Enhanced Cyber Thr...

Dragos, Inc.

2018 Year in Review- ICS Threat Activity Groups

Dragos, Inc.

Key Considerations for Executives from Dragos Executive Year In Review on Industrial Cybersecurity Strategy by Robert M Lee Addresses questions of : - How do we know if we’re underspending or overspending on ICS/industrial cybersecurity? - What is the best thing we can do to get started that will help move us forward in OT security? - If a major attack happens, what is the role of the government? More Info here: https://dragos.com/resource/insights-to-build-an-effective-industrial-cybersecurity-strategy-for-your-organization/ https://www.linkedin.com/company/dragos-inc./ Twitter: https://twitter.com/dragosinc

Insights To Building An Effective Industrial Cybersecurity Strategy For Your ...

Dragos, Inc.

Presentation from Cyber Security for Critical Assets conference (CS4CA ) in Houston, March 26-28 2019 presented by Sergio Caltagirone, Vice President of Threat Intelligence. Covers: - overview of the OT threat landscape - new OT threats Dragos has uncovered through its industrial cybersecurity technology platform, array of services, and industrial threat intelligence. - details on major industrial threat activity groups and root causes of many recent OT compromises Learn more here: https://dragos.com/year-in-review/ More info: www.dragos.com Follow us on LinkedIn: https://www.linkedin.com/company/dragos-inc./ Follow us on Twitter: https://twitter.com/dragosinc

The Current ICS Threat Landscape

Dragos, Inc.

Selection criteria for today’s ICS cybersecurity technology presented at S4 2019. Includes: - Recommendations for best practices before evaluating an industrial cybersecurity solution in OT environments - Outline of different ICS cybersecurity technologies such as the differences between active and passive scanning, anomaly detection, threat behavior analytics - What’s important in an industrial control systems cybersecurity platform - Practical guide to pilots and bake-offs To learn more read the whitepaper Key Considerations For Selecting An Industrial Cybersecurity Solution for Asset Identification, Threat Detection, and Response https://dragos.com/resource/key-considerations-for-selecting-an-industrial-cybersecurity-solution-for-asset-identification-threat-detection-and-response/ For more about Dragos and the 2019 S4 Detection challenge, read the blog and watch the video here: https://dragos.com/blog/industry-news/dragos-results-of-s4-industrial-cybersecurity-detection-challenge-contest/ More info: www.dragos.com Follow us on LinkedIn: https://www.linkedin.com/company/dragos-inc./ Follow us on Twitter: https://twitter.com/dragosinc

Industrial Control Systems Cybersecurity Technology Selection

Dragos, Inc.

Robert M. Lee's, Dragos CEO, presentation from RSA 2019. Description: Most industrial security best practices are essentially enterprise security best practices copy/pasted into industrial networks. Yet that is not an effective way to reduce risk against industrial-specific threats. Instead, we can learn from ICS attacks that have occurred. In this presentation, Robert M, Lee, CEO and co-founder of Dragos will provide first-hand insights into industrial threats and the lessons learned for industrial security. More information here: https://dragos.com/rsa-2019/ More info: www.dragos.com Follow us on LinkedIn: https://www.linkedin.com/company/drag.... Follow us on Twitter: https://twitter.com/dragosinc

Intelligence-Driven Industrial Security with Case Studies in ICS Attacks

Dragos, Inc.

Sergio Caltagirone's, Dragos VP of Threat Intelligence, presentation from RSA 2019. The industrial control system threat is growing quickly. But ICS hackers do not start by disrupting electric grids. Instead, they mature predictably leading them from things that go bad, to things that go boom. In this presentation, Sergio Caltagirone will explain how using ICS threat intelligence Dragos has developed an ICS hacker maturity model enabling us to determine how much risk a threat poses and predict how long until they reach maximum risk. More information here: https://dragos.com/rsa-2019/ More info: www.dragos.com Follow us on LinkedIn: https://www.linkedin.com/company/drag.... Follow us on Twitter: https://twitter.com/dragosinc

How Long to Boom: Understanding and Measuring ICS Hacker Maturity

Dragos, Inc.

Selena Larson, Dragos Intelligence Analyst's presentation from RSA 2019. There have been public narratives about the US being on the precipice of a nationwide hacker-caused blackout. What is the reality of adversary activity and the potential or likelihood of a cyber attack that could disrupt the electric grid? What are hackers currently doing in ICS networks? In this presentation, Selena Larson, Intelligence Analyst at Dragos will separate fact from (science) fiction. More information here: https://dragos.com/rsa-2019/ More info: www.dragos.com Follow us on LinkedIn: https://www.linkedin.com/company/drag.... Follow us on Twitter: https://twitter.com/dragosinc

Debunking the Hacker Hype: The Reality of Widespread Blackouts

Dragos, Inc.

Joe Slowik, Dragos Sr. Adversary Hunter's presentation from RSA 2019. Cyber-defense centers on “what” a technology is designed to look for, with capabilities and limitations depending on the method. Three distinct approaches have emerged: traditional IOCs, anomaly detection and behavioral analytics. Unfortunately, marketing has muddied these terms beyond recognition. In this presentation, Joe Slowik, Adversary Hunter at Dragos will critically examine each approach and its capabilities. More information here: https://dragos.com/rsa-2019/ More info: www.dragos.com Follow us on LinkedIn: https://www.linkedin.com/company/drag.... Follow us on Twitter: https://twitter.com/dragosinc

Unraveling Detection Methodologies: Indicators vs. Anomalies vs. Behaviors

Dragos, Inc.

Virtualizing Industrial Controllers (PLCs/DCS Controllers) represents a fundamental shift in the industrial automation industry. Most industries have fully embraced virtualization as a means to support reliability, scalability and resource optimization. However, the industrial control system industry has been slow to adopt virtualization into automation controllers fully. These slides are from Austin Scott's S4 2019 presentation and outlines the benefits of industrial controller virtualization and why automation vendors see this as a threat to their business model. The slides describe a virtualized PLC deployment at a large refinery in North America that allowed them to scale to support the massive size of the plant and includes: - What is PLC virtualization? - A brief history of PLC virtualization - Challenges with PLC virtualization - The benefits of PLC/Controller virtualization - Commodity controllers

PLC Virtualization Dragos S4 2019

Dragos, Inc.

From #CTISUMMIT. More info here: https://dragos.com/blog/industry-news/meet-me-in-the-middle-threat-indications-and-warning-in-principle-and-practice/ Video here: https://youtu.be/79RdB3aj2vA Discussions on threat intelligence often get bogged down between “machine speed” ingestion of atomic indicators and in-depth analysis of activity taking weeks (or months) to produce. Left in the cold in such debates is a very important but seldom considered middle ground: time-sensitive and incomplete but enriched threat intelligence. In the U.S. Navy and similar services, this is referred to as threat “indications and warning” (I&W) – a step beyond a simple observable refined to ensure accuracy and timely receipt. The goal of I&W is to get actionable, important information to those in need of it most as quickly, efficiently, and accurately as possible, even if as a result some context or other insights are lost. As a result of this activity, consumers are better armed and equipped to deal with and counter threats as they emerge, rather than either reacting to items with no context whatsoever or only reading about their challenges weeks after the fact in a complete intelligence report. This discussion explores the concept of threat I&W within the context of network security generally and threat intelligence specifically to identify this topic as a shamefully ignored middle ground between extremes. The presentation explores the conceptual background behind this idea, then transition to real-life examples of I&W drawn from the speaker’s past activity in threat intelligence, incident response, and military operations.

Meet Me in the Middle: Threat Indications and Warning in Principle and Practice

Dragos, Inc.

Uncovering ICS Threat Activity Groups for Intelligence-Driven Defense: Dragos has released information about eight threat activity groups that have targeted industrial companies. These groups range from espionage, to learning industrial environments for future effects, to causing a power outage and targeting human life directly. But what are threat activity groups? They are different than what is normally tracked in the community as threat actors and have a different focus for defenders.

Threat Activity Groups - Dragos

Dragos, Inc.

Dragos' Sergio Caltagirone and Robert M. Lee discuss the four types of threat detection methods for industrial control systems operations, while providing ICS-specific use cases, to help you determine which detection strategy is most effective for your organization. The recorded webinar can be found here: hhttps://youtu.be/zqvDu0OaY8k Aslo check out: Four Types of Threat Detection White Paper: https://dragos.com/blog/FourTypesOfTh... Part of the Secrets of ICS Cybersecurity webinar series: https://dragos.com/blog/20181017Webin... More info www.dragos.com Follow us on LinkedIn: https://www.linkedin.com/company/drag.... Follow us on Twitter: https://twitter.com/dragosinc

The Four Types of Threat Detection and Use Cases in Industrial Security

Dragos, Inc.

Dragos Adversary Hunter Jimmy Wylie presents "TRSIS in Perspective" at the 13th annual API conference in Houston, TX. This presentation analyzes the 2017 TRISIS event at an unspecified gas facility in Saudi Arabia--the first deliberate targeting of SIS that could have resulted in potential loss of life. This presentation also examines post-TRISIS, as Dragos has observed that XENOTIME, the adversary group responsible for TRSIS, has expanded its targeting to North America and other safety systems. Visit www.dragos.com to learn more.

TRISIS in Perspective

Dragos, Inc.

More from Dragos, Inc. (20)

Securing Electric Utility Infrastructure

Rising Cyber Escalation US Iran Russia ICS Threats and Response

Neighborhood Keeper - Introduction

Dressing up the ICS Kill Chain

Consequence Informed Cyber Security

Dragos year in review (yir) 2018

Dragos & SRP, PI World 2019: Utilizing Operations Data for Enhanced Cyber Thr...

2018 Year in Review- ICS Threat Activity Groups

Insights To Building An Effective Industrial Cybersecurity Strategy For Your ...

The Current ICS Threat Landscape

Industrial Control Systems Cybersecurity Technology Selection

Intelligence-Driven Industrial Security with Case Studies in ICS Attacks

How Long to Boom: Understanding and Measuring ICS Hacker Maturity

Debunking the Hacker Hype: The Reality of Widespread Blackouts

Unraveling Detection Methodologies: Indicators vs. Anomalies vs. Behaviors

PLC Virtualization Dragos S4 2019

Meet Me in the Middle: Threat Indications and Warning in Principle and Practice

Threat Activity Groups - Dragos

The Four Types of Threat Detection and Use Cases in Industrial Security

TRISIS in Perspective

Recently uploaded

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Juan lago vázquez

Boost Fertility New Invention Ups Success Rates.pdf

sudhanshuwaghmare1

FWD Group - Insurer Innovation Award 2024

The Digital Insurer

Tracing the root cause of a performance issue requires a lot of patience, experience, and focus. It’s so hard that we sometimes attempt to guess by trying out tentative fixes, but that usually results in frustration, messy code, and a considerable waste of time and money. This talk explains how to correctly zoom in on a performance bottleneck using three levels of profiling: distributed tracing, metrics, and method profiling. After we learn to read the JVM profiler output as a flame graph, we explore a series of bottlenecks typical for backend systems, like connection/thread pool starvation, invisible aspects, blocking code, hot CPU methods, lock contention, and Virtual Thread pinning, and we learn to trace them even if they occur in library code you are not familiar with. Attend this talk and prepare for the performance issues that will eventually hit any successful system. About authorWith two decades of experience, Victor is a Java Champion working as a trainer for top companies in Europe. Five thousands developers in 120 companies attended his workshops, so he gets to debate every week the challenges that various projects struggle with. In return, Victor summarizes key points from these workshops in conference talks and online meetups for the European Software Crafters, the world’s largest developer community around architecture, refactoring, and testing. Discover how Victor can help you on victorrentea.ro : company training catalog, consultancy and YouTube playlists.

Finding Java's Hidden Performance Traps @ DevoxxUK 2024

Victor Rentea

Keynote 2: APIs in 2030: The Risk of Technological Sleepwalk Paolo Malinverno, Growth Advisor - The Business of Technology Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

apidays

MINDCTI Revenue Release Quarter One 2024

MIND CTI

Understanding the FAA Part 107 License ..

Christopher Logan Kennedy

Corporate and higher education. Two industries that, in the past, have had a clear divide with very little crossover. The difference in goals, learning styles and objectives paved the way for differing learning technologies platforms to evolve. Now, those stark lines are blurring as both sides are discovering they have content that’s relevant to the other. Join Tammy Rutherford as she walks through the pros and cons of corporate and higher ed collaborating. And the challenges of these different technology platforms working together for a brighter future.

Corporate and higher education May webinar.pptx

Rustici Software

Retrieval augmented generation (RAG) is the most popular style of large language model application to emerge from 2023. The most basic style of RAG works by vectorizing your data and injecting it into a vector database like Milvus for retrieval to augment the text output generated by an LLM. This is just the beginning. One of the ways that we can extend RAG, and extend AI, is through multilingual use cases. Typical RAG is done in English using embedding models that are trained in English. In this talk, we’ll explore how RAG could work in languages other than English. We’ll explore French, Chinese, and Polish.

Introduction to Multilingual Retrieval Augmented Generation (RAG)

Zilliz

💉💊+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHABI}}+971581248768 +971581248768 Mtp-Kit (500MG) Prices » Dubai [(+971581248768**)] Abortion Pills For Sale In Dubai, UAE, Mifepristone and Misoprostol Tablets Available In Dubai, UAE CONTACT DR.Maya Whatsapp +971581248768 We Have Abortion Pills / Cytotec Tablets /Mifegest Kit Available in Dubai, Sharjah, Abudhabi, Ajman, Alain, Fujairah, Ras Al Khaimah, Umm Al Quwain, UAE, Buy cytotec in Dubai +971581248768''''Abortion Pills near me DUBAI | ABU DHABI|UAE. Price of Misoprostol, Cytotec” +971581248768' Dr.DEEM ''BUY ABORTION PILLS MIFEGEST KIT, MISOPROTONE, CYTOTEC PILLS IN DUBAI, ABU DHABI,UAE'' Contact me now via What's App…… abortion Pills Cytotec also available Oman Qatar Doha Saudi Arabia Bahrain Above all, Cytotec Abortion Pills are Available In Dubai / UAE, you will be very happy to do abortion in Dubai we are providing cytotec 200mg abortion pill in Dubai, UAE. Medication abortion offers an alternative to Surgical Abortion for women in the early weeks of pregnancy. We only offer abortion pills from 1 week-6 Months. We then advise you to use surgery if its beyond 6 months. Our Abu Dhabi, Ajman, Al Ain, Dubai, Fujairah, Ras Al Khaimah (RAK), Sharjah, Umm Al Quwain (UAQ) United Arab Emirates Abortion Clinic provides the safest and most advanced techniques for providing non-surgical, medical and surgical abortion methods for early through late second trimester, including the Abortion By Pill Procedure (RU 486, Mifeprex, Mifepristone, early options French Abortion Pill), Tamoxifen, Methotrexate and Cytotec (Misoprostol). The Abu Dhabi, United Arab Emirates Abortion Clinic performs Same Day Abortion Procedure using medications that are taken on the first day of the office visit and will cause the abortion to occur generally within 4 to 6 hours (as early as 30 minutes) for patients who are 3 to 12 weeks pregnant. When Mifepristone and Misoprostol are used, 50% of patients complete in 4 to 6 hours; 75% to 80% in 12 hours; and 90% in 24 hours. We use a regimen that allows for completion without the need for surgery 99% of the time. All advanced second trimester and late term pregnancies at our Tampa clinic (17 to 24 weeks or greater) can be completed within 24 hours or less 99% of the time without the need surgery. The procedure is completed with minimal to no complications. Our Women's Health Center located in Abu Dhabi, United Arab Emirates, uses the latest medications for medical abortions (RU-486, Mifeprex, Mifegyne, Mifepristone, early options French abortion pill), Methotrexate and Cytotec (Misoprostol). The safety standards of our Abu Dhabi, United Arab Emirates Abortion Doctors remain unparalleled. They consistently maintain the lowest complication rates throughout the nation. Our Physicians and staff are always available to answer questions and care for women in one of the most difficult times in their lives. The decision to have an abortion at the Abortion Cl

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@

Webinar Recording: https://www.panagenda.com/webinars/why-teams-call-analytics-is-critical-to-your-entire-business Nothing is as frustrating and noticeable as being in an important call and being unable to see or hear the other person. Not surprising then, that issues with Teams calls are among the most common problems users call their helpdesk for. Having in depth insight into everything relevant going on at the user’s device, local network, ISP and Microsoft itself during the call is crucial for good Microsoft Teams Call quality support. To ensure a quick and adequate solution and to ensure your users get the most out of their Microsoft 365. But did you know that ‘bad calls’ are also an excellent indicator of other problems arising? Precisely because it is so noticeable!? Like the canary in the mine, bad calls can be early indicators of problems. Problems that might otherwise not have been noticed for a while but can have a big impact on productivity and satisfaction. Join this session by Christoph Adler to learn how true Microsoft Teams call quality analytics helped other organizations troubleshoot bad calls and identify and fix problems that impacted Teams calls or the use of Microsoft365 in general. See what it can do to keep your users happy and productive! In this session we will cover - Why CQD data alone is not enough to troubleshoot call problems - The importance of attributing call problems to the right call participant - What call quality analytics can do to help you quickly find, fix-, and prevent problems - Why having retrospective detailed insights matters - Real life examples of how others have used Microsoft Teams call quality monitoring to problem shoot problems with their ISP, network, device health and more.

Why Teams call analytics are critical to your entire business

panagenda

How to Troubleshoot Apps for the Modern Connected Worker

ThousandEyes

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

Zilliz

CNIC Information System with Pakdata Cf In Pakistan

danishmna97

💥 You’re lucky! We’ve found two different (lead) developers that are willing to share their valuable lessons learned about using UiPath Document Understanding! Based on recent implementations in appealing use cases at Partou and SPIE. Don’t expect fancy videos or slide decks, but real and practical experiences that will help you with your own implementations. 📕 Topics that will be addressed: • Training the ML-model by humans: do or don't? • Rule-based versus AI extractors • Tips for finding use cases • How to start 👨‍🏫👨‍💻 Speakers: o Dion Morskieft, RPA Product Owner @Partou o Jack Klein-Schiphorst, Automation Developer @Tacstone Technology

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

UiPathCommunity

Dubai, known for its towering skyscrapers, luxurious lifestyle, and relentless pursuit of innovation, often finds itself in the global spotlight. However, amidst the glitz and glamour, the emirate faces its own set of challenges, including the occasional threat of flooding. In recent years, Dubai has experienced sporadic but significant floods, disrupting normalcy and posing unique challenges to its infrastructure. Among the critical nodes in this bustling metropolis is the Dubai International Airport, a vital hub connecting the world. This article delves into the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Orbitshub

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the deployment of external web forms using Jotform for Bonterra Impact Management. This solution can be customized to your organization’s needs and deployed to support the common use cases below: - Intake and consent - Assessments - Surveys - Applications - Program registration Interested in deploying web form automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Jeffrey Haguewood

Six Myths about Ontologies: The Basics of Formal Ontology

johnbeverley2021

Strategies for Landing an Oracle DBA Job as a Fresher

Remote DBA Services

Architecting Cloud Native Applications

WSO2

Recently uploaded (20)

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Boost Fertility New Invention Ups Success Rates.pdf

FWD Group - Insurer Innovation Award 2024

Finding Java's Hidden Performance Traps @ DevoxxUK 2024

Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...

MINDCTI Revenue Release Quarter One 2024

Understanding the FAA Part 107 License ..

Corporate and higher education May webinar.pptx

Introduction to Multilingual Retrieval Augmented Generation (RAG)

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

Why Teams call analytics are critical to your entire business

How to Troubleshoot Apps for the Modern Connected Worker

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

CNIC Information System with Pakdata Cf In Pakistan

DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Six Myths about Ontologies: The Basics of Formal Ontology

Strategies for Landing an Oracle DBA Job as a Fresher

Architecting Cloud Native Applications

Dragos 2018 ICS Year in Review: Lessons Learned from Threat Hunting and Responding to ICS Intrusions

1. 2018 Reviewof Hunting and Respondingin ICS

2. 2018 Services Delivery

5. Positive Deductions Communities exist, information is being shared, and trust is earned. Vendors are motivated to secure devices and protocols. The industry acknowledges the threat landscape and has a desire to understand their own landscape better (52%+).

6. Key Takeaways When considering improvements to security, everything can be within scope. The attackers either are or have already achieved IT / OT convergence. Cyber is guilty until proven innocent. Successful IR requires a thought-out approach and planning. Keeping in mind, not all challenges are technical. Consistent monitoring for adversary behavior across ingress, egress, and lateral traffic remains the single best strategic and tactical action organizations can take. Applying specific IT solutions laterally to these networks will not result in a defensible organization.

7. PROBLEM STATEMENT: ICS NETWORKS MUST BE DEFENSIBLE

8. What is on my network? •Asset Inventory •Collection Management Framework •Vendors, Topology, Architecture Is my network under attack? •Environment Visibility •Proactive Hunting •Vulnerability Detection How do I respond to threats or compromise? • Exercises • Playbooks • Professional Relationships •Security Controls •Impact •TTP •Target(s)

9. “We know weneedto improve our security but don’t know whereto start.”

10. Enhance Enable Establish Know what you’re defending Know your capabilities Test Learn Adapt Architecture Assessment IR Retainer Training Vulnerability Assessment Threat Assessment MDR Penetration Test Threat Hunting Tabletops What is on my network? Is my network under attack? How do I respond? { { { { { {

11. https://dragos.com/wp-content/uploads/yir-threat-hunting-and- responding.pdf Ben Miller -- @electricfork MarkStacey -- @lzeroki

Editor's Notes

1 client, more follow Not present in IT - FS-ISAC Pentest – vulnerablility Vendor services
MSSP / agent Meeting people for first time Table top – helicopter
Each is not mandatory before the other but will facilitate and empower the next
Resources are finite What don’t I know
Training – get hands-on Challenge assumptions with data and analysis Tabletops – right of boom

Dragos 2018 ICS Year in Review: Lessons Learned from Threat Hunting and Responding to ICS Intrusions

Recommended

Recommended

More Related Content

More from Dragos, Inc.

More from Dragos, Inc. (20)

Recently uploaded

Recently uploaded (20)

Dragos 2018 ICS Year in Review: Lessons Learned from Threat Hunting and Responding to ICS Intrusions

Editor's Notes