Preview Mode Links will not work in preview mode

Unsolicited Response Podcast

Dec 13, 2017

This episode is a bit different. Rob Lee of Dragos and I have been having a friendly argument on a number of topics:

  • the true risk of a cyber attack on the electric sector that affects the ability to deliver power (as well as the risk of cyber attack on other sectors)
  • the value, or lack thereof, of the ICS...


Dec 1, 2017

Digital Bond developed the Bandolier Security Audit Files with some research funding from the US Dept of Energy back in 2006 - 2008. They worked well, but required ICS vendor commitment to keep them current and promote their use.

OSIsoft is a great example of what is possible. They not only continued the Bandolier...


Nov 28, 2017

This is a shorter episode on the ICS Capture The Flag (CTF) that will take place at S4x18, Jan 16-18 in Miami South Beach. This will be the third year Reid has created and run the S4 CTF, and we talk to him about:

- What makes the S4 ICS CTF different than other ICS CTFs and ICS Villages

- Flag examples from 2017

- Tips...


Nov 20, 2017

Adam Crain has been a regular on the S4 stage talking about securing ICS protocols, and we are finally getting to secure ICS protocols. The key management discussions starting at 27:15 is the highlight for me.

In this podcast we discuss:

2:45  Project Robus on fuzzing ICS protocols, particularly response fuzzing. How...


Nov 14, 2017

This month we announced the ICS Detection Challenge, that will take place at S4x18. Phase I will test the solutions ability to identify and document the ICS, and Phase II will test the solutions ability to detect cyber threats. The contestants will be given anonymized packet captures from an actual ICS.

In this podcast...