This presentation reviews the spectrum of perimeter solutions based on unidirectional technology - solutions that are being deployed to protect the safety and reliability of industrial control systems. Learn why the technology is truly unidirectional based on physics and different ways it can be used in SCADA and DCS.
Many practitioners find parts of the spectrum to be counter-intuitive. Further, some parts of the spectrum are straightforward to deploy, and others require that practitioners take some care to ensure that the results really are as strong as they should be. Technologies and techniques covered include unidirectional gateways, secure bypass, temporary/programmed gateway reversals, opposing gateways, secure remote access, and parallel operations and IT WANs.
Elastic Security: Unified protection for everyoneElasticsearch
Prevent, detect, and respond to threats with Elastic Security, free and open for analysts everywhere. Built on the Elastic Stack, Elastic Security powers the SOC by eliminating blind spots, stopping threats at scale, and arming every analyst. Join this fast-moving session to see it in action.
Elastic Agent is a single, unified way to add monitoring for logs, metrics, and other types of data to a host. It can also query data from operating systems, and more. A single agent makes it easier and faster to deploy monitoring across your infrastructure. Each agent has a single policy you can update to add integrations for new data sources, security protections.
Falcon OverWatch Experts Hunt 24/7 To Stop Incidents Before They Become Breaches
Is your IT security team suffering from alert fatigue? For many organizations, chasing down every security alert can tax an already overburdened IT department, often resulting in a breach that might have been avoided. Adding to this challenge is an increase in sophisticated threats that strike so fast and frequently, traditional methods of investigation and response can’t offer adequate protection.
A new webcast from CrowdStrike, “Proactive Threat Hunting: Game-Changing Endpoint Protection Above and Beyond Alerting,” discusses why so many organizations are vulnerable to unseen threats and alert fatigue, and why having an approach that is both reactive and proactive is key. You’ll also learn about Falcon OverWatch™, CrowdStrike’s proactive threat hunting service that investigates and responds to threats immediately, dramatically increasing your ability to react before a damaging breach occurs.
Download the webcast slides to learn:
--How constantly reacting to alerts prevents you from getting ahead of the potentially damaging threats designed to bypass standard endpoint security
--Why an approach that includes proactive threat hunting, sometimes called Managed Detection and Response, is key to increasing protection against new and advanced threats
--How CrowdStrike Falcon OverWatch can provide 24/7 managed threat hunting, augmenting your security efforts with a team of cyber intrusion detection analysts and investigators who proactively identify and prioritize incidents before they become damaging breaches
Cryptography is both an art and a science – the use of deception and mathematics, to hide, transmit, and receive data. This short course covers Cryptography as it relates to the CISSP certification. The full video course is located here: http://resources.infosecinstitute.com/cryptography-CISSP-use-of-cryptography
Elastic Security: Unified protection for everyoneElasticsearch
Prevent, detect, and respond to threats with Elastic Security, free and open for analysts everywhere. Built on the Elastic Stack, Elastic Security powers the SOC by eliminating blind spots, stopping threats at scale, and arming every analyst. Join this fast-moving session to see it in action.
Elastic Agent is a single, unified way to add monitoring for logs, metrics, and other types of data to a host. It can also query data from operating systems, and more. A single agent makes it easier and faster to deploy monitoring across your infrastructure. Each agent has a single policy you can update to add integrations for new data sources, security protections.
Falcon OverWatch Experts Hunt 24/7 To Stop Incidents Before They Become Breaches
Is your IT security team suffering from alert fatigue? For many organizations, chasing down every security alert can tax an already overburdened IT department, often resulting in a breach that might have been avoided. Adding to this challenge is an increase in sophisticated threats that strike so fast and frequently, traditional methods of investigation and response can’t offer adequate protection.
A new webcast from CrowdStrike, “Proactive Threat Hunting: Game-Changing Endpoint Protection Above and Beyond Alerting,” discusses why so many organizations are vulnerable to unseen threats and alert fatigue, and why having an approach that is both reactive and proactive is key. You’ll also learn about Falcon OverWatch™, CrowdStrike’s proactive threat hunting service that investigates and responds to threats immediately, dramatically increasing your ability to react before a damaging breach occurs.
Download the webcast slides to learn:
--How constantly reacting to alerts prevents you from getting ahead of the potentially damaging threats designed to bypass standard endpoint security
--Why an approach that includes proactive threat hunting, sometimes called Managed Detection and Response, is key to increasing protection against new and advanced threats
--How CrowdStrike Falcon OverWatch can provide 24/7 managed threat hunting, augmenting your security efforts with a team of cyber intrusion detection analysts and investigators who proactively identify and prioritize incidents before they become damaging breaches
Cryptography is both an art and a science – the use of deception and mathematics, to hide, transmit, and receive data. This short course covers Cryptography as it relates to the CISSP certification. The full video course is located here: http://resources.infosecinstitute.com/cryptography-CISSP-use-of-cryptography
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020Jiunn-Jer Sun
• Why An Industrial Cybersecurity Standard
• What Is IEC 62443 About
• How It Impacts On You - The Security Lifecycle
• IEC 62443 Certificates
• Reference: Some Ongoing Projects
• Summary
451 and Cylance - The Roadmap To Better Endpoint SecurityAdrian Sanabria
In recent years, endpoint security has evolved well beyond signature-based antivirus which proved unable to keep pace with the speed and volume of evolving threats. With the onslaught of new security technologies available, it can be difficult to determine where to begin. In this webinar, 451 Senior Analyst, Adrian Sanabria and Cylance Product Marketing Manager, Steve Salinas will discuss a proven approach to securing your endpoints.
Adrian and Steve will present the fundamental steps to securing endpoints:
• Step 1: A Better Malware Mousetrap
• Step 2: More Resilient Endpoints
• Step 3: Stopping Non-Malware Attacks
• Step 4: Full System Visibility with Endpoint Detection and Response
• Step 5: Dynamic Defense with User Behavior
• Step 6: Data Visibility
• Conclusion: Malware is Solved! What Now?
Endpoint security can be complex. Join us for this webinar to learn how applying a reasoned, results-based approach can help you can take control of your endpoints and silence attackers.
SF Big Analytics talk: NVIDIA FLARE: Federated Learning Application Runtime E...Chester Chen
Topic:
NVIDIA FLARE: Federated Learning Application Runtime Environment for Developing Robust AI Models
Summary:
Federated learning (FL) enables building robust and generalizable AI models by leveraging diverse datasets from multiple collaborators without moving data. We created NVIDIA FLARE as an open-source SDK to make it easier for data scientists to use FL in their research. The SDK allows existing machine learning and deep learning workflows adapted for distributed learning across enterprises and enables platform developers to build a secure, privacy-preserving offering for multiparty collaboration utilizing homomorphic encryption or differential privacy. The SDK is a lightweight, flexible, and scalable Python package and allows researchers to bring their data science workflows implemented in any training libraries (PyTorch, TensorFlow, or even NumPy), and apply them in real-world FL settings. This talk will introduce the key design principles of NVIDIA FLARE and illustrate use cases (e.g., COVID analysis) with customizable FL workflows that implement different privacy-preserving algorithms.
Speaker: Dr. Holger Roth ( Nvidia)
Holger Roth is a Sr. Applied Research Scientist at NVIDIA focusing on deep learning for medical imaging. He has been working closely with clinicians and academics over the past several years to develop deep learning based medical image computing and computer-aided detection models for radiological applications. He is an Associate Editor for IEEE Transactions of Medical Imaging and holds a Ph.D. from University College London, UK. In 2018, he was awarded the MICCAI Young Scientist Publication Impact Award.
Keynote: Elastic Security evolution and visionElasticsearch
SecOps teams are taking on more responsibility than ever as online activity increases from a newly remote workforce, accelerating the need for digital transformation. Learn how Elastic Security has evolved to help SecOps teams take a broader, more inclusive approach to security and set their organisations up for success. Plus, hear the vision for what’s next.
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Jim Gilsinn
With the recent publication of ANSI/ISA-62443-3-3-2013, it is possible for end-users, system integrators, and vendors to qualify the capabilities of their systems from an ICS cyber security perspective. This process is not as simple as it may seem, though. In many cases, the capabilities of individual components of a system can be determined from specifications and manuals. The capabilities of the system also needs to be evaluated as a whole to determine how those individual components work together. Component-level and System-level certifications are common practice in the safety environment, and will eventually become common in the ICS cyber security environment as well. Certification bodies, like the ISA Security Compliance Institute (ISCI), have begun the process to develop certification efforts around ISA-62443-3-3. Until many more groups of components and systems have been officially certified, third-party assessments and evaluations will be common. This presentation will discuss an example of how Kenexis Consulting has evaluated a particular vendor’s components and systems to determine compliance with ISA-62443-3-3. The presentation will go through the evaluation methodology used and describe how Kenexis used the evaluation to develop a series of real-world use-cases of the components and system in the ICS environment.
A Big Picture of IEC 62443 - Cybersecurity Webinar (2) 2020Jiunn-Jer Sun
• Why An Industrial Cybersecurity Standard
• What Is IEC 62443 About
• How It Impacts On You - The Security Lifecycle
• IEC 62443 Certificates
• Reference: Some Ongoing Projects
• Summary
451 and Cylance - The Roadmap To Better Endpoint SecurityAdrian Sanabria
In recent years, endpoint security has evolved well beyond signature-based antivirus which proved unable to keep pace with the speed and volume of evolving threats. With the onslaught of new security technologies available, it can be difficult to determine where to begin. In this webinar, 451 Senior Analyst, Adrian Sanabria and Cylance Product Marketing Manager, Steve Salinas will discuss a proven approach to securing your endpoints.
Adrian and Steve will present the fundamental steps to securing endpoints:
• Step 1: A Better Malware Mousetrap
• Step 2: More Resilient Endpoints
• Step 3: Stopping Non-Malware Attacks
• Step 4: Full System Visibility with Endpoint Detection and Response
• Step 5: Dynamic Defense with User Behavior
• Step 6: Data Visibility
• Conclusion: Malware is Solved! What Now?
Endpoint security can be complex. Join us for this webinar to learn how applying a reasoned, results-based approach can help you can take control of your endpoints and silence attackers.
SF Big Analytics talk: NVIDIA FLARE: Federated Learning Application Runtime E...Chester Chen
Topic:
NVIDIA FLARE: Federated Learning Application Runtime Environment for Developing Robust AI Models
Summary:
Federated learning (FL) enables building robust and generalizable AI models by leveraging diverse datasets from multiple collaborators without moving data. We created NVIDIA FLARE as an open-source SDK to make it easier for data scientists to use FL in their research. The SDK allows existing machine learning and deep learning workflows adapted for distributed learning across enterprises and enables platform developers to build a secure, privacy-preserving offering for multiparty collaboration utilizing homomorphic encryption or differential privacy. The SDK is a lightweight, flexible, and scalable Python package and allows researchers to bring their data science workflows implemented in any training libraries (PyTorch, TensorFlow, or even NumPy), and apply them in real-world FL settings. This talk will introduce the key design principles of NVIDIA FLARE and illustrate use cases (e.g., COVID analysis) with customizable FL workflows that implement different privacy-preserving algorithms.
Speaker: Dr. Holger Roth ( Nvidia)
Holger Roth is a Sr. Applied Research Scientist at NVIDIA focusing on deep learning for medical imaging. He has been working closely with clinicians and academics over the past several years to develop deep learning based medical image computing and computer-aided detection models for radiological applications. He is an Associate Editor for IEEE Transactions of Medical Imaging and holds a Ph.D. from University College London, UK. In 2018, he was awarded the MICCAI Young Scientist Publication Impact Award.
Keynote: Elastic Security evolution and visionElasticsearch
SecOps teams are taking on more responsibility than ever as online activity increases from a newly remote workforce, accelerating the need for digital transformation. Learn how Elastic Security has evolved to help SecOps teams take a broader, more inclusive approach to security and set their organisations up for success. Plus, hear the vision for what’s next.
Evaluating System-Level Cyber Security vs. ANSI/ISA-62443-3-3Jim Gilsinn
With the recent publication of ANSI/ISA-62443-3-3-2013, it is possible for end-users, system integrators, and vendors to qualify the capabilities of their systems from an ICS cyber security perspective. This process is not as simple as it may seem, though. In many cases, the capabilities of individual components of a system can be determined from specifications and manuals. The capabilities of the system also needs to be evaluated as a whole to determine how those individual components work together. Component-level and System-level certifications are common practice in the safety environment, and will eventually become common in the ICS cyber security environment as well. Certification bodies, like the ISA Security Compliance Institute (ISCI), have begun the process to develop certification efforts around ISA-62443-3-3. Until many more groups of components and systems have been officially certified, third-party assessments and evaluations will be common. This presentation will discuss an example of how Kenexis Consulting has evaluated a particular vendor’s components and systems to determine compliance with ISA-62443-3-3. The presentation will go through the evaluation methodology used and describe how Kenexis used the evaluation to develop a series of real-world use-cases of the components and system in the ICS environment.
Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...Digital Bond
The Control System Security Center (CSSC) in Japan has an active project in their lab to apply process white list control and computer resource access control to Windows servers and workstations in an ICS. These security controls can be very effective in ICS computers that are relatively static as compared to corporate network systems.
The process white list control limits process creation with parent-child relation, SHA1 hash value of an executable file, and conflict of interest. The computer resource access control limits access from a process to file, network (IP address and port), and device. Attend this session learn how CSSC is applying this technology and lessons learned in the lab environment.
Tiptoe Through The Network: Practical Vulnerability Assessments in Control Sy...Digital Bond
I will never forget my assignment for a vulnerability assessment against a control systems network. “Hey, can you go somewhere, run “scans” against this system, and oh by the way don’t crash it or a large portion of the USA could lose power”. Needless to say, I turned down that assignment, as they required that a traditional network-based “scan” be run. There has to be a better way to preform assessments in such environments!
Fast forward 10 years later and I’ve worked with much safer techniques for assessing the security of SCADA/Control systems infrastructure. Working for Tenable Network Security has also provided me great insights into several techniques, including:
- Using credentials to login to systems and audit for missing patches and configuration changes
- Tuning vulnerability scans to be less intrusive yet still accurate and providing useful information
- Implementing passive vulnerability scanning to discover hosts on the network and enumerate vulnerabilities, without sending a single packet to the end-user system
Each of the files or classes of a projects source code represents a tree (AST). Looking at dependencies to other classes besides inheritance creates a graph though. Field types and method parameters are also implicit dependencies. Storing this information in a graph database like Neo4j allows for interesting queries and insights. Class-Graph provides that and is available as open-source github project.
Software development manager performance appraisalmartinjack417
Software development manager job description,Software development manager goals & objectives,Software development manager KPIs & KRAs,Software development manager self appraisal
Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...Digital Bond
Each SCADA network, in a healthy state, presents a specific quality of service (QoS) which rarely changes given the repetitive process of the IACS operations. The continuous monitoring of QoS parameters of an automation network may anticipate problems such as malware contamination and equipment failures like switches and routers. It is very important to be aware of these changes in behavior in order to receive alerts and promptly handle them, avoiding incidents that could compromise the operation of the network and be financially or environmentally costly.
In this session Mr. Branquinho presents the results of tests to measure the performance of a simulated automation network parameters using a small SCADA network sandbox. First, the normal operating parameters of the network were measured. Next, several attacks were launched against the simulated automation network. At the conclusion of the work the graphs of the network in healthy state with the graphs of the network with the security incidents described above. The session will show how the network parameters were affected by each kind of incident and built a table showing the way the main parameters of an automation network were affected by the attacks.
Case Study: Running a DCS in a Highly Virtualized Environment, Chris Hughes o...Digital Bond
This session will cover the pro's and con's of virtualization as well as lessons learned from real world virtualization of DCS environments. Chris has deployed virtualization in ICS with and without ICS vendor cooperation.
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...Digital Bond
The presentation covers assessment, implementation methodology, and current level of success for addressing four key objectives which are protecting the controls fieldbus (networks) from untrusted networks (domain), secure and safe remote support capability from both inside and outside of the company, control supplier access to manufacturing equipment when onsite, and protect manufacturing systems from Malware and intrusion. This system isn’t theoretical, it’s in broad use and full critical production. If the time and connectivity is available a quick remote access demonstration can be given. The presentation will wrap up with a series of thoughts and ideas that occur to me regarding security in general as I listen to other organizations and groups talking about various security needs and activities.
Time Traveling: Adapting Techniques from the Future to Improve Reliability, J...Digital Bond
Technology in ICS environments lags the Enterprise by 10-15yr. This often leads to ICS companies having to stand by while other more nimble institutions are able to take advantage of new technology. What few people realize, is that our industry gets to watch the future happen out on the Internet and then pick and choose the best techniques to adapt and bring back in time. In this session Mr. Kitchel will look at what is new in the IT world and forecast what should and will be applied to OT.
Managing and Securing Remote Access To Critical Infrastructure, Yariv Lenchne...Digital Bond
The session will cover the security risks and issues around the management and usage of privileged/interactive user remote access and will cover the following topics:
- Management of generic and shared accounts (and their users)
- Remote interactive access to critical systems (e.g. vendor support)
- Current typical jump server implementations and its security weakness
- Isolation, Monitoring and Control over interactive/privileged sessions
- Recommended design and implementation of jump servers
The session will cover the security issues and the proposed solutions.
Presented at ISACA's EuroCACS 2015 (Copenhaguen).
Understand the impact of Industrial Control Systems (ICS) on the security ecosystem.
Expand the knowledge on SCADA systems and how cyberattacks can have physical consequences, bridging the cyber and physical worlds.
[CLASS 2014] Palestra Técnica - Michael FirstenbergTI Safe
Título da Palestra: Inovando na segurança de perímetro industrial: revolucionando a segurança de perímetro SCADA com tecnologias que são mais fortes que Firewalls
Presenter: Mike Firstenberg, Waterfall Security Solutions
NIST, NERC CIP, the ISA/IEC and other authorities are adjusting their advice for secure industrial networks to include at least one layer of hardware-enforced unidirectional communications. Many security practitioners are familiar with specific applications of Unidirectional Security Gateway technology, but fewer have seen how widely the technology is being deployed throughout the electric sector.
Join us to review comprehensive unidirectional network architectures for generation, transmission, distribution, high-voltage substations, and control centers/TSO’s/balancing authorities. In each vertical we review use cases, examine NERC CIP compliance implications and cost savings, and compare the strength of each architecture with legacy firewall-based designs.
Four Keys to Securing Distributed Control Systems and the Industrial IoT
Originally aired November 13, 2014
View On-Demand now: http://event.on24.com/r.htm?e=879027&s=1&k=F51E9DE70EB5A3BA7A0ECB9FB2CFCB66&partnerref=rti
Control systems are at the core of critical infrastructure and industrial applications. These include the power grid, medical devices, manufacturing systems, transportation infrastructure, cars and defense systems.
Because of their essential role and the value of the information they exchange, these systems must be protected from both espionage and sabotage. This is becoming even more imperative as the enabling devices are increasingly connected into the Industrial Internet of Things to improve efficiency and availability.
Securing control systems is particularly challenging because security cannot come at the expense of other fundamental requirements, including reliability, real-time performance, autonomy and interoperability.
This webinar will introduce the new Data Distribution Service (DDS) Security standard, the first standard designed to address security for mission-critical real-time systems. It will review how the DDS standard provides authentication, confidentiality and access control while still satisfying demanding reliability and performance requirements. It will also show how DDS Security can be easily incorporated into existing systems regardless of whether or not they already use DDS.
Speaker: David Barnett, Vice President of Products and Markets
A joint presentation of Gary Williams of Schneider Electric and Michael Coden of NextNine at the 10th Annual Conference of the American Petroleum institute. The presentation discusses benefits, disadvantages, and architectures for allowing 3rd party access.
All Hope is Not LostNetwork Forensics Exposes Today's Advanced Security Thr...Savvius, Inc
Do you think it requires an advanced degree to initiate an advanced security attack? Think again. Tool kits are readily available for immediate download that guide those with even just basic computer skills through the steps to initiate complex network attacks. But all hope is not lost. One of the best defenses is readily available in the market today – network recorders with network forensics – and when combined with the appropriate visibility fabric architecture, these solutions defend against attacks on even the fastest networks available today.
Join WildPackets and Gigamon as we explore the current state of network attacks, network vulnerabilities, and the solutions available to combat the most aggressive, and the most subtle, attacks.
Mitigating Risk for the Mobile Worker: Novell ZENworks Endpoint Security Mana...Novell
Mobility is a fact of organizational life, and administrators have a business imperative to make their end users as productive on the go as they are in the office. But mobile productivity can't come at the expense of security. Attend this session to learn about Novell ZENworks Endpoint Security Management and its role in enabling secure mobile productivity. Keeping your network safe, your data protected and you users productive is more important than ever. Learn how you do all three with comprehensive and centralized endpoint security management solutions from Novell.
Using NetFlow to Streamline Security Analysis and Response to Cyber ThreatsEmulex Corporation
Data centers move exabytes of data through their networks. This explosive growth in network traffic has put demands on data centers to adapt and add new technologies and standards to keep pace and make information easily accessible. Our personal information, company IP assets and sensitive data run across these networks that are constantly under persistent and malicious cyber attacks to look for vulnerabilities in their networks. IT security teams have to protect complex networks that are growing in size and complexity. They call for a new approach to gaining full – rather than partial – visibility into network behavior to stop downtime losses and data leaks.
By providing 1 to 1 NetFlow generation then collecting the data and analyzing the flow records is essential in time-to-resolution (TTR). To help you take full advantage of valuable NetFlow data for use in network security management, Emulex and Lancope have created a best-in-class network and security solution that allows you to quickly and continuously monitor the makeup of the traffic traversing your network.
In this webinar, we’ll explore why network security management is crucial in managing functionality and visibility of an organization’s network infrastructure and how Emulex helps address these deployment requirements. We'll also explore what matters most when network security is breached, and share some best practice insights gleaned from working with customers that run some of the largest and most critical data networks on the planet.
Scaling small cell deployment - Why current tools are inadequateDavid Chambers
As service providers plan large scale rollout of public access small cells, many operators believe that existing planning and workflow tools are simply not enough to meet the needs of complex backhaul design, rapid implementation and change management.
These slides are from a webinar where Amdocs describes their unique ‘catalog driven’ approach to process automation which cuts the time and cost for small cell network rollout.
The answer is no for about 90% of the cyber assets due to the very minimal risk reduction achieved. Spend your effort elsewhere. Presentation goes over categories of security patching in ICS and recommends prioritized security patching.
Attacking and Defending Autos Via OBD-II from escar AsiaDigital Bond
This presentation from escar Asia does go into detail on the Progressive Snapshot dongle security problems, but it also addresses common issues found in ICS security and the path forward. For example the insecure by design problem, no thought on embedded product security, importance of a security perimeter as the immediate best security solution, and the medium to long term solutions.
Remote Control Automobiles at ESCAR US 2015Digital Bond
Corey Thuen of Digital Bond Labs gave this presentation at the Embedded Systems in Cars (ESCAR) US event is May 2015.
He assessed the security, or lack thereof, in the Progressive Snapshot dongle. This is an important example of how an attacker could gain remote access to a car's CANBus.
The last part of the presentation goes over some CANBus tools that are available at Digital Bond's GitHub.
Ralph Langner of The Langner Group at S4x15 OTDay.
Ralph explains how the RIPE framework and associated tools and templates can be used to implement and measure an ICS security program. This session was followed by a nuclear plant owner/operator who was implementing RIPE.
Bryan Owen of OSIsoft at S4x15 OTDay.
Bryan shows how to harden a Windows Services generically and then specifically to a service used by OSIsoft's PI Server
Jonathan Pollet and Mark Heard of Red Tiger Security at S4x15 OTDay.
The NIST Cybersecurity Framework (CSF) has been out for a year now, and some owner/operators have begun to use it to help create an ICS cyber security program. The Red Tiger Security team discusses what the CSF is and there experience in using it with real world clients.
Assessing the Security of Cloud SaaS SolutionsDigital Bond
Matthew Theobald of Schneider Electric presentation at S4x15 OTDay.
This session provided a tutorial on how to evaluate the security of a SaaS solution. These are being increasingly offered for storage, processing and analysis of ICS data.
Liam Randall of Critical Stack at S4x15 Operation Technology Day. Liam is a Bro guru and describes how it can be used to monitor communications, detect attacks and analyze data.
Active Directory in ICS: Lessons Learned From The FieldDigital Bond
Donovan Tindall of Honeywell at the S4x15 Operations Technology Day (OTDay). A meaty, but practical technical session on how to use Active Directory to help manage and secure your ICS.
Tatsuaki Takebe of Yokogawa Electric Corporation provides the closing keynote with a focus on international standards activity and how it affects the Japanese ICS community.
Internet Accessible ICS in Japan (English)Digital Bond
Dale Peterson of Digital Bond gathered reports and examples from Shodan researchers to quantify and describe ICS devices that are connected to the Internet in Japan. It is not a small number and some of the examples are compelling.
Survey and Analysis of ICS Vulnerabilities (Japanese)Digital Bond
Masaki Kubo of JPCERT provides some statistical analysis of the ICS vulnerabilities. He also looks at the coding errors that caused the vulnerabilities and takes an indepth look at recent Yokogawa vulnerabilities.
ICS Security Training ... What Works and What Is Needed (Japanese)Digital Bond
Tomomi Aoyama of Nagoya Institute of Technology discusses Red/Blue and other types of ICS training. She identifies what is effective and offers suggestions for future training.
Vulnerability Inheritance in ICS (English)Digital Bond
Reid Wightman of Digital Bond Labs shows how software libraries integrated into ICS can bring vulnerabilities along with them.
In this case it is the CoDeSys library bringing vulnerabilities to more than 200 products including PLC's from Hitachi and Sanyo-Denki. Reid goes into the vulnerabilities and shows the tools that can exploit the vulnerabilities.
Equally important is the vendor misrepresenting the fact that the vulns were fixed, when they were not. And the vendors, Hitachi and Sanyo-Denki to name two, that did not test the security of the libraries before including them in their products and selling them to customers.
Dale Peterson and Corey Thuen pinch hit for Kyle Wilhoit to present his concept of malware incubation. It is creating a realistic environment for malware to be grown so that it can be studied and help with incident response.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
Welcome to the first live UiPath Community Day Dubai! Join us for this unique occasion to meet our local and global UiPath Community and leaders. You will get a full view of the MEA region's automation landscape and the AI Powered automation technology capabilities of UiPath. Also, hosted by our local partners Marc Ellis, you will enjoy a half-day packed with industry insights and automation peers networking.
📕 Curious on our agenda? Wait no more!
10:00 Welcome note - UiPath Community in Dubai
Lovely Sinha, UiPath Community Chapter Leader, UiPath MVPx3, Hyper-automation Consultant, First Abu Dhabi Bank
10:20 A UiPath cross-region MEA overview
Ashraf El Zarka, VP and Managing Director MEA, UiPath
10:35: Customer Success Journey
Deepthi Deepak, Head of Intelligent Automation CoE, First Abu Dhabi Bank
11:15 The UiPath approach to GenAI with our three principles: improve accuracy, supercharge productivity, and automate more
Boris Krumrey, Global VP, Automation Innovation, UiPath
12:15 To discover how Marc Ellis leverages tech-driven solutions in recruitment and managed services.
Brendan Lingam, Director of Sales and Business Development, Marc Ellis
Enhancing Performance with Globus and the Science DMZGlobus
ESnet has led the way in helping national facilities—and many other institutions in the research community—configure Science DMZs and troubleshoot network issues to maximize data transfer performance. In this talk we will present a summary of approaches and tips for getting the most out of your network infrastructure using Globus Connect Server.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.