ICS/SCADA Security and Penetration Testing
Details
ICS/SCADA is the most important system that widely use in many Critical National Information Infrastructure including power plants, factories, transportations, national defence & security, food & agriculture all over the world. However, the SCADA system is not well secured and has lots of vulnerabilities on the network structure, protocol, and product.
These systems control critical components of industrial automation networks. If there’s a problem with it, the essential services (such as water and power) could shut down the services for thousands or millions of people.
Therefore, it makes SCADA system to exposed to more bigger risk than normal IT infrastructure. These risks can be connected to cyber warfare and cyber terror that cause huge accident to an organization or even a country.
This ICS/SCADA security training covers from the basic contents of SCADA system, real cases of SCADA system and various techniques to scan, hack and penetrate into it. It also teaches participants how to manage incident response and how to find the zero day vulnerabilities against the SCADA system.
During the training, participants will be provided with Cyber-War game system. It’s a cyber drill simulation for ICS/SCADA system as a demonstration. The participant will be able to evaluated their skill and knowledge with the system. It also shows real time competitions status of cyber-war with live scoreboard.
At the end of the training, participants will have better understanding and skills to assess and securing their ICS/SCADA system
Come, join us to learn the art of SCADA security!
Outline
- ICS Introduction
- ICS/SCADA Architecture and Components
- ICS/SCADA Case Study
- Scanning for HMIs and PLCs, then lead to Web Hacking
- SCADA Vulnerabilities (1-Day)
- Bypass Air-Gap
- Network Protocols for SCADA
- SCADA Network Analysis
- Penetration Testing on Power Plants and Transportation System (0-day)
- SCADA Vulnerabilities (0-Day)
- Incident Response for SCADA System
Condition Zebra is an international IT security software, services, education and distribution business established in 2007. The organization provides Information Security and Risk Management solutions that reduce risk to a manageable and resolvable level.
ConZebra’s strategies of combining key technologies with exclusive expertise in Information Security and Risk Management services help mitigate operational, legal and financial threats for clients, and create a safe harbor from which the clients can manage risk as part of their daily operations.