Из-за спешного массового перехода компаний на удаленную работу стремительно растет число корпоративных серверов, доступных для злоумышленников из интернета. Одна...

MITRE released its new ATT&CK for Industrial Control Systems (ICS) as a community resource on the tactics and techniques of ICS threats and a common lexicon for the community. This framework is an important tool in developing an ICS cybersecurity program and threat detection strategy. Dragos contributed significantly to the framework with our threat intelligence on the 11 different ICS specific threats tracked. In this presentation, the Dragos team will conduct a technical demonstration of an ICS cyber attack from both the attacker and defender perspective. The attacker perspective will be orchestrated by a member of Dragos' red team and the defender perspective will be done leveraging the Dragos Platform. Attendees will experience:Detailed understanding of ICS ATT&CK and how to leverage itUse-cases for threat detection and response scenariosTechnical demonstration of the Dragos PlatformTechnical demonstration of an attack on an ICS range

Erik Biverot from Swedish Defence University & Johan Nilsson from the Swedish Police talks about The Blue side of Locked Shields at CS3STHLM 2019. Presentati...

Ralph Langner, Art Manion and Dale Peterson tackle this difficult and oft discussed topic. There were two main goals: 1) Use a risk based approach to signifi...

This paper presents a testable Stakeholder-Specific Vulnerability Categorization (SSVC) that takes the form of decision trees and that avoids some problems with the Common Vulnerability Scoring System (CVSS).

CyberFence proactively delivers the most advanced cyber security optimized for industrial networks that protects against major vulnerabilities found in DNP3 systems.

Two things that make ICS cybersecurity different from IT security are the use of industrial-specific protocols like DNP3 and the common usage of endpoints li...