SlideShare a Scribd company logo

ICS_Cybersecurity_FINAL

Download as PPT, PDF
Steve Markey
Steve Markey
1 of 34
Designing & Deploying ICS Honeypots Steven C. Markey, MSIS, PMP, CISSP, CIPP/US , CISM, CISA, STS-EV, CCSK, CCSP, Cloud + Principal, nControl, LLC Adjunct Professor
Source: Drupal ICS Honeypots
Source: Wikipedia ICS Honeypots
• ICS Componentry – Programmable Logic Controller (PLC) – Distributed Control Systems (DCS) – Embedded Control – Safety Instrumented Systems (SIS) ICS Honeypots
Source: Purdue
Source: MOXA
Source: MTS
Source: Open
Source: Flickr
Source: Minded Security
Source: Microsoft
Source: IEEE
Source: SAFECode & Microsoft
• Honeypot Strategies – Thick Deployments • Small Scale: Each Entity Contains Whole Logic / Stack – Thin Deployments • Larger Scale: Traffic Reflector ICS Honeypots
• Honeypot Solution Options – Open-Source • T-Pot – ELK • HoneyDrive Framework – Kippo, Conpot, Dionaea, Honeyd, Glastopf, Amun, Wordpot, LaBrea – LAMP, ELK & Other Analytics – Commercial • Offensive & Deceptive – Ridgeback • Traditional Deception – Deception Tool Kit (DTK) – KFSensor – HoneyPoint Security Server ICS Honeypots
• One-Off Deception Maneuvers – Bastion Hosts • Windows Environment: Telnet / SSH (like Kippo) • Linux Environment: RDP / RDC – VLANs • Passive Sniffers – Proxies • Forward • Reverse • Dual (WAF-like, LaBrea / Glastopf) ICS Honeypots
ICS Honeypots
ICS Honeypots
ICS Honeypots
ICS Honeypots
ICS Honeypots Source: RSSing
ICS Honeypots Source: Charlie Scott
Source: Charlie Scott
ICS Honeypots
ICS Honeypots
Source: Levenetep ICS Honeypots
Source: Jason Lefkovitz
ICS Honeypots
ICS Honeypots Source: Ridgeback
• Demo Time ICS Honeypots Source: Baseball Brains
• Questions? • Contact – Email: smarkey@ncontrolsec.com – Twitter: @markes1 – LI: http://www.linkedin.com/in/smarkey

Recommended

The Elastic Evolution of CenturyLink’s Network Management System
The Elastic Evolution of CenturyLink’s Network Management SystemThe Elastic Evolution of CenturyLink’s Network Management System
The Elastic Evolution of CenturyLink’s Network Management SystemElasticsearch
 
Incident response in Cloud
Incident response in CloudIncident response in Cloud
Incident response in CloudVandana Verma
 
Elastic at KPN
Elastic at KPNElastic at KPN
Elastic at KPNElasticsearch
 
Hopper energyservices
Hopper energyservicesHopper energyservices
Hopper energyserviceshopperdev
 
Siscale Lightning Talk: Automated Root Cause Analysis with Elastic Stack
Siscale Lightning Talk: Automated Root Cause Analysis with Elastic StackSiscale Lightning Talk: Automated Root Cause Analysis with Elastic Stack
Siscale Lightning Talk: Automated Root Cause Analysis with Elastic StackElasticsearch
 
Search for all with Elastic Enterprise Search
Search for all with Elastic Enterprise Search Search for all with Elastic Enterprise Search
Search for all with Elastic Enterprise Search Elasticsearch
 
Countering Threats with the Elastic Stack at CERDEC/ARL
Countering Threats with the Elastic Stack at CERDEC/ARLCountering Threats with the Elastic Stack at CERDEC/ARL
Countering Threats with the Elastic Stack at CERDEC/ARLElasticsearch
 
Security Events Logging at Bell with the Elastic Stack
Security Events Logging at Bell with the Elastic StackSecurity Events Logging at Bell with the Elastic Stack
Security Events Logging at Bell with the Elastic StackElasticsearch
 

Recommended

The Elastic Evolution of CenturyLink’s Network Management System
The Elastic Evolution of CenturyLink’s Network Management SystemThe Elastic Evolution of CenturyLink’s Network Management System
The Elastic Evolution of CenturyLink’s Network Management SystemElasticsearch
 
Incident response in Cloud
Incident response in CloudIncident response in Cloud
Incident response in CloudVandana Verma
 
Elastic at KPN
Elastic at KPNElastic at KPN
Elastic at KPNElasticsearch
 
Hopper energyservices
Hopper energyservicesHopper energyservices
Hopper energyserviceshopperdev
 
Siscale Lightning Talk: Automated Root Cause Analysis with Elastic Stack
Siscale Lightning Talk: Automated Root Cause Analysis with Elastic StackSiscale Lightning Talk: Automated Root Cause Analysis with Elastic Stack
Siscale Lightning Talk: Automated Root Cause Analysis with Elastic StackElasticsearch
 
Search for all with Elastic Enterprise Search
Search for all with Elastic Enterprise Search Search for all with Elastic Enterprise Search
Search for all with Elastic Enterprise Search Elasticsearch
 
Countering Threats with the Elastic Stack at CERDEC/ARL
Countering Threats with the Elastic Stack at CERDEC/ARLCountering Threats with the Elastic Stack at CERDEC/ARL
Countering Threats with the Elastic Stack at CERDEC/ARLElasticsearch
 
Security Events Logging at Bell with the Elastic Stack
Security Events Logging at Bell with the Elastic StackSecurity Events Logging at Bell with the Elastic Stack
Security Events Logging at Bell with the Elastic StackElasticsearch
 
End-to-End Security Analytics with the Elastic Stack
End-to-End Security Analytics with the Elastic StackEnd-to-End Security Analytics with the Elastic Stack
End-to-End Security Analytics with the Elastic StackElasticsearch
 
Elastic Security : Protéger son entreprise avec la Suite Elastic
Elastic Security : Protéger son entreprise avec la Suite ElasticElastic Security : Protéger son entreprise avec la Suite Elastic
Elastic Security : Protéger son entreprise avec la Suite ElasticElasticsearch
 
Achieving cyber mission assurance with near real-time impact
Achieving cyber mission assurance with near real-time impactAchieving cyber mission assurance with near real-time impact
Achieving cyber mission assurance with near real-time impactElasticsearch
 
Cybersecurity and the Role of Converged Infrastructure June 2016
Cybersecurity and the Role of Converged Infrastructure June 2016Cybersecurity and the Role of Converged Infrastructure June 2016
Cybersecurity and the Role of Converged Infrastructure June 2016David Rubal, CISSP
 
Automatize a detecção de ameaças e evite falsos positivos
Automatize a detecção de ameaças e evite falsos positivosAutomatize a detecção de ameaças e evite falsos positivos
Automatize a detecção de ameaças e evite falsos positivosElasticsearch
 
Self-Driving Data Center (Apply Machine Learning to the Cloud)
Self-Driving Data Center (Apply Machine Learning to the Cloud)Self-Driving Data Center (Apply Machine Learning to the Cloud)
Self-Driving Data Center (Apply Machine Learning to the Cloud)Sergey A. Razin
 
Automate threat detections and avoid false positives
Automate threat detections and avoid false positivesAutomate threat detections and avoid false positives
Automate threat detections and avoid false positivesElasticsearch
 
(ISC)² CyberSecureGov Presentation May 11 2017
(ISC)² CyberSecureGov Presentation May 11 2017(ISC)² CyberSecureGov Presentation May 11 2017
(ISC)² CyberSecureGov Presentation May 11 2017David Rubal, CISSP
 
Secure visualization of Big Data, Erik Bjønnes, Sintef IKT
Secure visualization of Big Data, Erik Bjønnes, Sintef IKTSecure visualization of Big Data, Erik Bjønnes, Sintef IKT
Secure visualization of Big Data, Erik Bjønnes, Sintef IKTThe Research Council of Norway, IKTPLUSS
 
Spark Summit Europe 2016 Keynote - Databricks CEO
Spark Summit Europe 2016 Keynote - Databricks CEO Spark Summit Europe 2016 Keynote - Databricks CEO
Spark Summit Europe 2016 Keynote - Databricks CEO Databricks
 
Smart Document Screening
Smart Document ScreeningSmart Document Screening
Smart Document ScreeningStenWery
 
Machine Learning The Key Ingredient to Self-Driving Data Center
Machine Learning The Key Ingredient to Self-Driving Data CenterMachine Learning The Key Ingredient to Self-Driving Data Center
Machine Learning The Key Ingredient to Self-Driving Data CenterSergey A. Razin
 
Monitoring and Securing a Geo-Dispersed Data Center at Hill AFB
Monitoring and Securing a Geo-Dispersed Data Center at Hill AFBMonitoring and Securing a Geo-Dispersed Data Center at Hill AFB
Monitoring and Securing a Geo-Dispersed Data Center at Hill AFBElasticsearch
 
Self-Driving Data Center
Self-Driving Data CenterSelf-Driving Data Center
Self-Driving Data CenterSergey A. Razin
 
Momentum in Big Data, IoT and Machine Intelligence
Momentum in Big Data, IoT and Machine IntelligenceMomentum in Big Data, IoT and Machine Intelligence
Momentum in Big Data, IoT and Machine IntelligenceShamshad Ansari
 
Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...
Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...
Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...NetworkCollaborators
 
Elastic @ Adobe: Making Search Smarter with Machine Learning at Scale
Elastic @ Adobe: Making Search Smarter with Machine Learning at ScaleElastic @ Adobe: Making Search Smarter with Machine Learning at Scale
Elastic @ Adobe: Making Search Smarter with Machine Learning at ScaleElasticsearch
 
Combining Logs, Metrics, and Traces for Unified Observability
Combining Logs, Metrics, and Traces for Unified ObservabilityCombining Logs, Metrics, and Traces for Unified Observability
Combining Logs, Metrics, and Traces for Unified ObservabilityElasticsearch
 
Applying Noisy Knowledge Graphs to Real Problems
Applying Noisy Knowledge Graphs to Real ProblemsApplying Noisy Knowledge Graphs to Real Problems
Applying Noisy Knowledge Graphs to Real ProblemsDataWorks Summit
 
Palestra de abertura: Evolução e visão do Elastic Observability
Palestra de abertura: Evolução e visão do Elastic ObservabilityPalestra de abertura: Evolução e visão do Elastic Observability
Palestra de abertura: Evolução e visão do Elastic ObservabilityElasticsearch
 
Going_Mobile_101_IIMC_v5
Going_Mobile_101_IIMC_v5Going_Mobile_101_IIMC_v5
Going_Mobile_101_IIMC_v5Steve Markey
 
Cryptov2 v1
Cryptov2 v1Cryptov2 v1
Cryptov2 v1Steve Markey
 

More Related Content

What's hot

End-to-End Security Analytics with the Elastic Stack
End-to-End Security Analytics with the Elastic StackEnd-to-End Security Analytics with the Elastic Stack
End-to-End Security Analytics with the Elastic StackElasticsearch
 
Elastic Security : Protéger son entreprise avec la Suite Elastic
Elastic Security : Protéger son entreprise avec la Suite ElasticElastic Security : Protéger son entreprise avec la Suite Elastic
Elastic Security : Protéger son entreprise avec la Suite ElasticElasticsearch
 
Achieving cyber mission assurance with near real-time impact
Achieving cyber mission assurance with near real-time impactAchieving cyber mission assurance with near real-time impact
Achieving cyber mission assurance with near real-time impactElasticsearch
 
Cybersecurity and the Role of Converged Infrastructure June 2016
Cybersecurity and the Role of Converged Infrastructure June 2016Cybersecurity and the Role of Converged Infrastructure June 2016
Cybersecurity and the Role of Converged Infrastructure June 2016David Rubal, CISSP
 
Automatize a detecção de ameaças e evite falsos positivos
Automatize a detecção de ameaças e evite falsos positivosAutomatize a detecção de ameaças e evite falsos positivos
Automatize a detecção de ameaças e evite falsos positivosElasticsearch
 
Self-Driving Data Center (Apply Machine Learning to the Cloud)
Self-Driving Data Center (Apply Machine Learning to the Cloud)Self-Driving Data Center (Apply Machine Learning to the Cloud)
Self-Driving Data Center (Apply Machine Learning to the Cloud)Sergey A. Razin
 
Automate threat detections and avoid false positives
Automate threat detections and avoid false positivesAutomate threat detections and avoid false positives
Automate threat detections and avoid false positivesElasticsearch
 
(ISC)² CyberSecureGov Presentation May 11 2017
(ISC)² CyberSecureGov Presentation May 11 2017(ISC)² CyberSecureGov Presentation May 11 2017
(ISC)² CyberSecureGov Presentation May 11 2017David Rubal, CISSP
 
Spark Summit Europe 2016 Keynote - Databricks CEO
Spark Summit Europe 2016 Keynote - Databricks CEO Spark Summit Europe 2016 Keynote - Databricks CEO
Spark Summit Europe 2016 Keynote - Databricks CEO Databricks
 
Smart Document Screening
Smart Document ScreeningSmart Document Screening
Smart Document ScreeningStenWery
 
Machine Learning The Key Ingredient to Self-Driving Data Center
Machine Learning The Key Ingredient to Self-Driving Data CenterMachine Learning The Key Ingredient to Self-Driving Data Center
Machine Learning The Key Ingredient to Self-Driving Data CenterSergey A. Razin
 
Monitoring and Securing a Geo-Dispersed Data Center at Hill AFB
Monitoring and Securing a Geo-Dispersed Data Center at Hill AFBMonitoring and Securing a Geo-Dispersed Data Center at Hill AFB
Monitoring and Securing a Geo-Dispersed Data Center at Hill AFBElasticsearch
 
Self-Driving Data Center
Self-Driving Data CenterSelf-Driving Data Center
Self-Driving Data CenterSergey A. Razin
 
Momentum in Big Data, IoT and Machine Intelligence
Momentum in Big Data, IoT and Machine IntelligenceMomentum in Big Data, IoT and Machine Intelligence
Momentum in Big Data, IoT and Machine IntelligenceShamshad Ansari
 
Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...
Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...
Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...NetworkCollaborators
 
Elastic @ Adobe: Making Search Smarter with Machine Learning at Scale
Elastic @ Adobe: Making Search Smarter with Machine Learning at ScaleElastic @ Adobe: Making Search Smarter with Machine Learning at Scale
Elastic @ Adobe: Making Search Smarter with Machine Learning at ScaleElasticsearch
 
Combining Logs, Metrics, and Traces for Unified Observability
Combining Logs, Metrics, and Traces for Unified ObservabilityCombining Logs, Metrics, and Traces for Unified Observability
Combining Logs, Metrics, and Traces for Unified ObservabilityElasticsearch
 
Applying Noisy Knowledge Graphs to Real Problems
Applying Noisy Knowledge Graphs to Real ProblemsApplying Noisy Knowledge Graphs to Real Problems
Applying Noisy Knowledge Graphs to Real ProblemsDataWorks Summit
 
Palestra de abertura: Evolução e visão do Elastic Observability
Palestra de abertura: Evolução e visão do Elastic ObservabilityPalestra de abertura: Evolução e visão do Elastic Observability
Palestra de abertura: Evolução e visão do Elastic ObservabilityElasticsearch
 

What's hot (20)

End-to-End Security Analytics with the Elastic Stack
End-to-End Security Analytics with the Elastic StackEnd-to-End Security Analytics with the Elastic Stack
End-to-End Security Analytics with the Elastic Stack
 
Elastic Security : Protéger son entreprise avec la Suite Elastic
Elastic Security : Protéger son entreprise avec la Suite ElasticElastic Security : Protéger son entreprise avec la Suite Elastic
Elastic Security : Protéger son entreprise avec la Suite Elastic
 
Achieving cyber mission assurance with near real-time impact
Achieving cyber mission assurance with near real-time impactAchieving cyber mission assurance with near real-time impact
Achieving cyber mission assurance with near real-time impact
 
Cybersecurity and the Role of Converged Infrastructure June 2016
Cybersecurity and the Role of Converged Infrastructure June 2016Cybersecurity and the Role of Converged Infrastructure June 2016
Cybersecurity and the Role of Converged Infrastructure June 2016
 
Automatize a detecção de ameaças e evite falsos positivos
Automatize a detecção de ameaças e evite falsos positivosAutomatize a detecção de ameaças e evite falsos positivos
Automatize a detecção de ameaças e evite falsos positivos
 
Self-Driving Data Center (Apply Machine Learning to the Cloud)
Self-Driving Data Center (Apply Machine Learning to the Cloud)Self-Driving Data Center (Apply Machine Learning to the Cloud)
Self-Driving Data Center (Apply Machine Learning to the Cloud)
 
Automate threat detections and avoid false positives
Automate threat detections and avoid false positivesAutomate threat detections and avoid false positives
Automate threat detections and avoid false positives
 
(ISC)² CyberSecureGov Presentation May 11 2017
(ISC)² CyberSecureGov Presentation May 11 2017(ISC)² CyberSecureGov Presentation May 11 2017
(ISC)² CyberSecureGov Presentation May 11 2017
 
Secure visualization of Big Data, Erik Bjønnes, Sintef IKT
Secure visualization of Big Data, Erik Bjønnes, Sintef IKTSecure visualization of Big Data, Erik Bjønnes, Sintef IKT
Secure visualization of Big Data, Erik Bjønnes, Sintef IKT
 
Spark Summit Europe 2016 Keynote - Databricks CEO
Spark Summit Europe 2016 Keynote - Databricks CEO Spark Summit Europe 2016 Keynote - Databricks CEO
Spark Summit Europe 2016 Keynote - Databricks CEO
 
Smart Document Screening
Smart Document ScreeningSmart Document Screening
Smart Document Screening
 
Machine Learning The Key Ingredient to Self-Driving Data Center
Machine Learning The Key Ingredient to Self-Driving Data CenterMachine Learning The Key Ingredient to Self-Driving Data Center
Machine Learning The Key Ingredient to Self-Driving Data Center
 
Monitoring and Securing a Geo-Dispersed Data Center at Hill AFB
Monitoring and Securing a Geo-Dispersed Data Center at Hill AFBMonitoring and Securing a Geo-Dispersed Data Center at Hill AFB
Monitoring and Securing a Geo-Dispersed Data Center at Hill AFB
 
Self-Driving Data Center
Self-Driving Data CenterSelf-Driving Data Center
Self-Driving Data Center
 
Momentum in Big Data, IoT and Machine Intelligence
Momentum in Big Data, IoT and Machine IntelligenceMomentum in Big Data, IoT and Machine Intelligence
Momentum in Big Data, IoT and Machine Intelligence
 
Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...
Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...
Cisco Connect 2018 Thailand - Secure, intelligent platform for the digital bu...
 
Elastic @ Adobe: Making Search Smarter with Machine Learning at Scale
Elastic @ Adobe: Making Search Smarter with Machine Learning at ScaleElastic @ Adobe: Making Search Smarter with Machine Learning at Scale
Elastic @ Adobe: Making Search Smarter with Machine Learning at Scale
 
Combining Logs, Metrics, and Traces for Unified Observability
Combining Logs, Metrics, and Traces for Unified ObservabilityCombining Logs, Metrics, and Traces for Unified Observability
Combining Logs, Metrics, and Traces for Unified Observability
 
Applying Noisy Knowledge Graphs to Real Problems
Applying Noisy Knowledge Graphs to Real ProblemsApplying Noisy Knowledge Graphs to Real Problems
Applying Noisy Knowledge Graphs to Real Problems
 
Palestra de abertura: Evolução e visão do Elastic Observability
Palestra de abertura: Evolução e visão do Elastic ObservabilityPalestra de abertura: Evolução e visão do Elastic Observability
Palestra de abertura: Evolução e visão do Elastic Observability
 

Viewers also liked

Going_Mobile_101_IIMC_v5
Going_Mobile_101_IIMC_v5Going_Mobile_101_IIMC_v5
Going_Mobile_101_IIMC_v5Steve Markey
 
Securing_Medical_Devices_v5
Securing_Medical_Devices_v5Securing_Medical_Devices_v5
Securing_Medical_Devices_v5Steve Markey
 
Safety webinar with mark friend
Safety webinar with mark friendSafety webinar with mark friend
Safety webinar with mark friendERAUWebinars
 
Reverse_Engineering_Thick-clients
Reverse_Engineering_Thick-clientsReverse_Engineering_Thick-clients
Reverse_Engineering_Thick-clientsSteve Markey
 
FOJ Marketing 2015
FOJ Marketing 2015FOJ Marketing 2015
FOJ Marketing 2015Erin Perkins
 
Presentatie hrm inspiratiedag
Presentatie hrm inspiratiedagPresentatie hrm inspiratiedag
Presentatie hrm inspiratiedagEsther Mallant
 
Passion, Persistence, and Patience: The Search for Amelia Earhart
Passion, Persistence, and Patience: The Search for Amelia EarhartPassion, Persistence, and Patience: The Search for Amelia Earhart
Passion, Persistence, and Patience: The Search for Amelia EarhartERAUWebinars
 
Secure_Development_ISSA_v4
Secure_Development_ISSA_v4Secure_Development_ISSA_v4
Secure_Development_ISSA_v4Steve Markey
 
Securing_Dbs_in_Cloud_v12
Securing_Dbs_in_Cloud_v12Securing_Dbs_in_Cloud_v12
Securing_Dbs_in_Cloud_v12Steve Markey
 
Webinar Slides-Three Knows to Great Writing Nov 4 2014
Webinar Slides-Three Knows to Great Writing Nov 4 2014Webinar Slides-Three Knows to Great Writing Nov 4 2014
Webinar Slides-Three Knows to Great Writing Nov 4 2014ERAUWebinars
 
Na it infographic_fnl
Na it infographic_fnlNa it infographic_fnl
Na it infographic_fnlThuyly Vu
 
e-Discovery_2_Cloud_v5
e-Discovery_2_Cloud_v5e-Discovery_2_Cloud_v5
e-Discovery_2_Cloud_v5Steve Markey
 
ERAU Webinar Slides: Global Business Environment--China Trip
ERAU Webinar Slides: Global Business Environment--China TripERAU Webinar Slides: Global Business Environment--China Trip
ERAU Webinar Slides: Global Business Environment--China TripERAUWebinars
 
Cloud_Computing_IIMC_v1
Cloud_Computing_IIMC_v1Cloud_Computing_IIMC_v1
Cloud_Computing_IIMC_v1Steve Markey
 
Vendor_Mgmt_101_IIMC_v2
Vendor_Mgmt_101_IIMC_v2Vendor_Mgmt_101_IIMC_v2
Vendor_Mgmt_101_IIMC_v2Steve Markey
 
Alpha and Omega: Program Outcomes to the Capstone
Alpha and Omega: Program Outcomes to the CapstoneAlpha and Omega: Program Outcomes to the Capstone
Alpha and Omega: Program Outcomes to the CapstoneERAUWebinars
 
Maotchitim
MaotchitimMaotchitim
Maotchitimjoliff
 

Viewers also liked (20)

Going_Mobile_101_IIMC_v5
Going_Mobile_101_IIMC_v5Going_Mobile_101_IIMC_v5
Going_Mobile_101_IIMC_v5
 
Cryptov2 v1
Cryptov2 v1Cryptov2 v1
Cryptov2 v1
 
Securing_Medical_Devices_v5
Securing_Medical_Devices_v5Securing_Medical_Devices_v5
Securing_Medical_Devices_v5
 
Safety webinar with mark friend
Safety webinar with mark friendSafety webinar with mark friend
Safety webinar with mark friend
 
Reverse_Engineering_Thick-clients
Reverse_Engineering_Thick-clientsReverse_Engineering_Thick-clients
Reverse_Engineering_Thick-clients
 
FOJ Marketing 2015
FOJ Marketing 2015FOJ Marketing 2015
FOJ Marketing 2015
 
Presentatie hrm inspiratiedag
Presentatie hrm inspiratiedagPresentatie hrm inspiratiedag
Presentatie hrm inspiratiedag
 
Passion, Persistence, and Patience: The Search for Amelia Earhart
Passion, Persistence, and Patience: The Search for Amelia EarhartPassion, Persistence, and Patience: The Search for Amelia Earhart
Passion, Persistence, and Patience: The Search for Amelia Earhart
 
Secure_Development_ISSA_v4
Secure_Development_ISSA_v4Secure_Development_ISSA_v4
Secure_Development_ISSA_v4
 
Securing_Dbs_in_Cloud_v12
Securing_Dbs_in_Cloud_v12Securing_Dbs_in_Cloud_v12
Securing_Dbs_in_Cloud_v12
 
MARIA AUXILIADORA
MARIA AUXILIADORAMARIA AUXILIADORA
MARIA AUXILIADORA
 
Webinar Slides-Three Knows to Great Writing Nov 4 2014
Webinar Slides-Three Knows to Great Writing Nov 4 2014Webinar Slides-Three Knows to Great Writing Nov 4 2014
Webinar Slides-Three Knows to Great Writing Nov 4 2014
 
Na it infographic_fnl
Na it infographic_fnlNa it infographic_fnl
Na it infographic_fnl
 
SSO_Good_Bad_Ugly
SSO_Good_Bad_UglySSO_Good_Bad_Ugly
SSO_Good_Bad_Ugly
 
e-Discovery_2_Cloud_v5
e-Discovery_2_Cloud_v5e-Discovery_2_Cloud_v5
e-Discovery_2_Cloud_v5
 
ERAU Webinar Slides: Global Business Environment--China Trip
ERAU Webinar Slides: Global Business Environment--China TripERAU Webinar Slides: Global Business Environment--China Trip
ERAU Webinar Slides: Global Business Environment--China Trip
 
Cloud_Computing_IIMC_v1
Cloud_Computing_IIMC_v1Cloud_Computing_IIMC_v1
Cloud_Computing_IIMC_v1
 
Vendor_Mgmt_101_IIMC_v2
Vendor_Mgmt_101_IIMC_v2Vendor_Mgmt_101_IIMC_v2
Vendor_Mgmt_101_IIMC_v2
 
Alpha and Omega: Program Outcomes to the Capstone
Alpha and Omega: Program Outcomes to the CapstoneAlpha and Omega: Program Outcomes to the Capstone
Alpha and Omega: Program Outcomes to the Capstone
 
Maotchitim
MaotchitimMaotchitim
Maotchitim
 

Similar to ICS_Cybersecurity_FINAL

Securing_Native_Big_Data_v1
Securing_Native_Big_Data_v1Securing_Native_Big_Data_v1
Securing_Native_Big_Data_v1Steve Markey
 
Hadoop is Happening
Hadoop is HappeningHadoop is Happening
Hadoop is HappeningPrecisely
 
Global bigdata conf_01282013
Global bigdata conf_01282013Global bigdata conf_01282013
Global bigdata conf_01282013HPCC Systems
 
Building the High Speed Cybersecurity Data Pipeline Using Apache NiFi
Building the High Speed Cybersecurity Data Pipeline Using Apache NiFiBuilding the High Speed Cybersecurity Data Pipeline Using Apache NiFi
Building the High Speed Cybersecurity Data Pipeline Using Apache NiFiDataWorks Summit
 
Achieve AI-Powered API Privacy using Open Source
Achieve AI-Powered API Privacy using Open SourceAchieve AI-Powered API Privacy using Open Source
Achieve AI-Powered API Privacy using Open SourceGianluca Brigandi
 
ATP Technology Pillars
ATP Technology PillarsATP Technology Pillars
ATP Technology PillarsPriyanka Aash
 
CloudCamp Chicago Jan 2015 - The Guts of the Cloud (full slides)
CloudCamp Chicago Jan 2015 - The Guts of the Cloud (full slides)CloudCamp Chicago Jan 2015 - The Guts of the Cloud (full slides)
CloudCamp Chicago Jan 2015 - The Guts of the Cloud (full slides)CloudCamp Chicago
 
Security Breakout Session
Security Breakout Session Security Breakout Session
Security Breakout Session Splunk
 
Philips john huffman
Philips john huffmanPhilips john huffman
Philips john huffmanBigDataExpo
 
Delivering Security Insights with Data Analytics and Visualization
Delivering Security Insights with Data Analytics and VisualizationDelivering Security Insights with Data Analytics and Visualization
Delivering Security Insights with Data Analytics and VisualizationRaffael Marty
 
Splunk in the Cisco Unified Computing System (UCS)
Splunk in the Cisco Unified Computing System (UCS) Splunk in the Cisco Unified Computing System (UCS)
Splunk in the Cisco Unified Computing System (UCS) Splunk
 
A Community Approach to Fighting Cyber Threats
A Community Approach to Fighting Cyber ThreatsA Community Approach to Fighting Cyber Threats
A Community Approach to Fighting Cyber ThreatsCloudera, Inc.
 
Big Crypto for Little Things
Big Crypto for Little ThingsBig Crypto for Little Things
Big Crypto for Little ThingsH4Diadmin
 
Cloudy with a Chance of Rootkits - Assurance Requirements for e-Infrastructur...
Cloudy with a Chance of Rootkits - Assurance Requirements for e-Infrastructur...Cloudy with a Chance of Rootkits - Assurance Requirements for e-Infrastructur...
Cloudy with a Chance of Rootkits - Assurance Requirements for e-Infrastructur...Martin Hamilton
 
Security Analytics for Data Discovery - Closing the SIEM Gap
Security Analytics for Data Discovery - Closing the SIEM GapSecurity Analytics for Data Discovery - Closing the SIEM Gap
Security Analytics for Data Discovery - Closing the SIEM GapEric Johansen, CISSP
 
Designing High performance & Scalable Middleware for HPC
Designing High performance & Scalable Middleware for HPCDesigning High performance & Scalable Middleware for HPC
Designing High performance & Scalable Middleware for HPCObject Automation
 
Deep Learning for Autonomous Driving
Deep Learning for Autonomous DrivingDeep Learning for Autonomous Driving
Deep Learning for Autonomous DrivingJan Wiegelmann
 
Data Tactics dhs introduction to cloud technologies wtc
Data Tactics dhs introduction to cloud technologies wtcData Tactics dhs introduction to cloud technologies wtc
Data Tactics dhs introduction to cloud technologies wtcDataTactics
 
Designing High-Performance and Scalable Middleware for HPC, AI and Data Science
Designing High-Performance and Scalable Middleware for HPC, AI and Data ScienceDesigning High-Performance and Scalable Middleware for HPC, AI and Data Science
Designing High-Performance and Scalable Middleware for HPC, AI and Data ScienceObject Automation
 
E discovery 2-cloud_v5
E discovery 2-cloud_v5E discovery 2-cloud_v5
E discovery 2-cloud_v5scm24
 

Similar to ICS_Cybersecurity_FINAL (20)

Securing_Native_Big_Data_v1
Securing_Native_Big_Data_v1Securing_Native_Big_Data_v1
Securing_Native_Big_Data_v1
 
Hadoop is Happening
Hadoop is HappeningHadoop is Happening
Hadoop is Happening
 
Global bigdata conf_01282013
Global bigdata conf_01282013Global bigdata conf_01282013
Global bigdata conf_01282013
 
Building the High Speed Cybersecurity Data Pipeline Using Apache NiFi
Building the High Speed Cybersecurity Data Pipeline Using Apache NiFiBuilding the High Speed Cybersecurity Data Pipeline Using Apache NiFi
Building the High Speed Cybersecurity Data Pipeline Using Apache NiFi
 
Achieve AI-Powered API Privacy using Open Source
Achieve AI-Powered API Privacy using Open SourceAchieve AI-Powered API Privacy using Open Source
Achieve AI-Powered API Privacy using Open Source
 
ATP Technology Pillars
ATP Technology PillarsATP Technology Pillars
ATP Technology Pillars
 
CloudCamp Chicago Jan 2015 - The Guts of the Cloud (full slides)
CloudCamp Chicago Jan 2015 - The Guts of the Cloud (full slides)CloudCamp Chicago Jan 2015 - The Guts of the Cloud (full slides)
CloudCamp Chicago Jan 2015 - The Guts of the Cloud (full slides)
 
Security Breakout Session
Security Breakout Session Security Breakout Session
Security Breakout Session
 
Philips john huffman
Philips john huffmanPhilips john huffman
Philips john huffman
 
Delivering Security Insights with Data Analytics and Visualization
Delivering Security Insights with Data Analytics and VisualizationDelivering Security Insights with Data Analytics and Visualization
Delivering Security Insights with Data Analytics and Visualization
 
Splunk in the Cisco Unified Computing System (UCS)
Splunk in the Cisco Unified Computing System (UCS) Splunk in the Cisco Unified Computing System (UCS)
Splunk in the Cisco Unified Computing System (UCS)
 
A Community Approach to Fighting Cyber Threats
A Community Approach to Fighting Cyber ThreatsA Community Approach to Fighting Cyber Threats
A Community Approach to Fighting Cyber Threats
 
Big Crypto for Little Things
Big Crypto for Little ThingsBig Crypto for Little Things
Big Crypto for Little Things
 
Cloudy with a Chance of Rootkits - Assurance Requirements for e-Infrastructur...
Cloudy with a Chance of Rootkits - Assurance Requirements for e-Infrastructur...Cloudy with a Chance of Rootkits - Assurance Requirements for e-Infrastructur...
Cloudy with a Chance of Rootkits - Assurance Requirements for e-Infrastructur...
 
Security Analytics for Data Discovery - Closing the SIEM Gap
Security Analytics for Data Discovery - Closing the SIEM GapSecurity Analytics for Data Discovery - Closing the SIEM Gap
Security Analytics for Data Discovery - Closing the SIEM Gap
 
Designing High performance & Scalable Middleware for HPC
Designing High performance & Scalable Middleware for HPCDesigning High performance & Scalable Middleware for HPC
Designing High performance & Scalable Middleware for HPC
 
Deep Learning for Autonomous Driving
Deep Learning for Autonomous DrivingDeep Learning for Autonomous Driving
Deep Learning for Autonomous Driving
 
Data Tactics dhs introduction to cloud technologies wtc
Data Tactics dhs introduction to cloud technologies wtcData Tactics dhs introduction to cloud technologies wtc
Data Tactics dhs introduction to cloud technologies wtc
 
Designing High-Performance and Scalable Middleware for HPC, AI and Data Science
Designing High-Performance and Scalable Middleware for HPC, AI and Data ScienceDesigning High-Performance and Scalable Middleware for HPC, AI and Data Science
Designing High-Performance and Scalable Middleware for HPC, AI and Data Science
 
E discovery 2-cloud_v5
E discovery 2-cloud_v5E discovery 2-cloud_v5
E discovery 2-cloud_v5
 

ICS_Cybersecurity_FINAL

Editor's Notes

  1. Process for Attack Simulation & Threat Analysis
  2. USB, HDMI, VGA, CD-ROM, APT, MalWare, DDoS
  3. T-Pot = Multiple honeypots Dionaea = Malware & VoIP protections
  4. T-Pot = Multiple honeypots Dionaea = Malware & VoIP protections
  5. T-Pot - Kibana
  6. hpfeed
  7. hpfeed
  8. OPC added by Steve
  9. OPC added by Steve
  10. Log Shipping
  11. Ridgeback Security Solution
  12. T-Pot = Multiple honeypots Dionaea = Malware & VoIP protections