To give you the best possible experience, this site uses cookies. Review our Privacy Policy and Terms of Service to learn more.
Tôi hiểu rồi!
Player FM - Internet Radio Done Right
Checked 10M ago
Đã thêm cách đây một năm
Nội dung được cung cấp bởi Podcast Archives - Dale Peterson: ICS Security Catalyst. Tất cả nội dung podcast bao gồm các tập, đồ họa và mô tả podcast đều được Podcast Archives - Dale Peterson: ICS Security Catalyst hoặc đối tác nền tảng podcast của họ tải lên và cung cấp trực tiếp. Nếu bạn cho rằng ai đó đang sử dụng tác phẩm có bản quyền của bạn mà không có sự cho phép của bạn, bạn có thể làm theo quy trình được nêu ở đây https://vi.player.fm/legal.
Player FM - Ứng dụng Podcast Chuyển sang chế độ ngoại tuyến với ứng dụng Player FM !
National Geographic photographer and conservationist Jaime Rojo has spent decades capturing the beauty and fragility of the monarch butterfly. Their epic migration is one of nature’s most breathtaking spectacles, but their survival is under threat. In this episode, Jaime shares how his passion for photography and conservation led him to document the monarchs’ journey. He and host Brian Lowery discuss the deeper story behind his award-winning images, one about resilience, connection, and the urgent need to protect our natural world. See Jaime's story on the monarch butterflies at his website: rojovisuals.com , and follow Brian Lowery at knowwhatyousee.com .…
Nội dung được cung cấp bởi Podcast Archives - Dale Peterson: ICS Security Catalyst. Tất cả nội dung podcast bao gồm các tập, đồ họa và mô tả podcast đều được Podcast Archives - Dale Peterson: ICS Security Catalyst hoặc đối tác nền tảng podcast của họ tải lên và cung cấp trực tiếp. Nếu bạn cho rằng ai đó đang sử dụng tác phẩm có bản quyền của bạn mà không có sự cho phép của bạn, bạn có thể làm theo quy trình được nêu ở đây https://vi.player.fm/legal.
Nội dung được cung cấp bởi Podcast Archives - Dale Peterson: ICS Security Catalyst. Tất cả nội dung podcast bao gồm các tập, đồ họa và mô tả podcast đều được Podcast Archives - Dale Peterson: ICS Security Catalyst hoặc đối tác nền tảng podcast của họ tải lên và cung cấp trực tiếp. Nếu bạn cho rằng ai đó đang sử dụng tác phẩm có bản quyền của bạn mà không có sự cho phép của bạn, bạn có thể làm theo quy trình được nêu ở đây https://vi.player.fm/legal.
Almost 300K Awarded For ICS 0day Exploits The ZDI team brought Pwn2Own to ICS with Pwn2Own Miami at S4x20. They awarded almost $300K to researchers who were able to find and exploit 0day vulnerabilities in important ICS applications. Applications such as HMI and EWS from Rockwell Automation and Schneider Electric, OPC UA, TMW’s DNP3 stack and more. https://traffic.libsyn.com/secure/unsolicitedresponse/21-6_Pwn2Own.mp3 In this episode I talk with Brian Gorenc and Abdul-Aziz Hariri about the competition. Why they do it? What it achieves? And what happened? 0:00 My brief discussion on which patches matter and which don’t 8:12 My interview with Brian and Abdul 47:47 ZDI’s video wrap up of the event Tweet Me! @digitalbond Friday Newsletter: https://mailchi.mp/f53b1c8c2da0/friday The post Podcast: Pwn2Own Miami appeared first on Dale Peterson: ICS Security Catalyst .…
An Interview with Corey Thuen of Gravwell. Dale and Corey discuss the value of a normalized, taxonomized approach to SIEM, which Dr. Anton Chuvakin has famously claimed is doom to fail. Corey is sympathetic to this view and tries to explain it to Dale. The alternative is gathering and creating a data lake with more log data and pcaps that can be used by threat hunters and customized rules. https://traffic.libsyn.com/secure/unsolicitedresponse/21-3_Are_SIEMs_Doomed_To_Fail_Final.mp3 The conversation continues with what types of integration would be helpful between the OT detection products and whatever is used for organization wide detection and response, the packet encryption challenge, and the preference to just buy a product. You can submit your audio question on this episode or other OT and ICS Security topics to the show by going to dale-peterson.com and clicking on “Record Your Question”. The post Podcast: Is The Normalized, Taxonomized Approach In A SIEM Doomed To Fail? appeared first on Dale Peterson: ICS Security Catalyst .…
Eric Byres, CEO of aDolus and of Tofino fame, and I discuss the top three stories from December 2020 and give a Win, Fail and Prediction. https://traffic.libsyn.com/secure/unsolicitedresponse/21-1_December.mp3 Topics: The Solarwinds hack Dragos raising $110M in venture funding The minimal number and damage from cyber attacks on ICS in 2020 The post Podcast: December Month In Review appeared first on Dale Peterson: ICS Security Catalyst .…
Jason Nations and I go over October’s top three stories plus our Win, Fail and Prediction of the month. https://traffic.libsyn.com/secure/unsolicitedresponse/2020-24_October.mp3 Top Stories 1. Six Sandworm attackers from Russia charged. Why was this done now and what does it accomplish? 2. More ICS vendors announced security services (ABB and Siemens). Will this be a good business? Is it good for asset owners? 3. ICS security vendors are creating risk metrics for cyber assets and zones (Claroty and ID announced). How should asset owners view these metrics? Plus Jason has a Win and Prediction, and I give my Win, Fail and Prediction for October. Links Jason Nations / Selena Larson S4x20 video – Understanding Our Adversaries Thomas Rid’s Active Measures book ICS-Patch Decision Tree … What To Patch When? Finite State web page and Unsolicited Response episode The post Podcast: October Month In Review appeared first on Dale Peterson: ICS Security Catalyst .…
The ICS Security Month in Review episodes cover two to three big stories from the month plus a win, a fail and a prediction. This month’s stories include: S4x21’s cancellation and S4x22 dates (7:01) Ransomware in ICS (12:30) SCIDMark and other ICS cyber incident databases (16:50) Is the Airgap myth still believed by asset owners? (21:51) Wins, Fails and Predication https://traffic.libsyn.com/secure/unsolicitedresponse/2020-23_September.mp3 This is a solosode, as my planned guest got sick (not Covid). And I also start the podcast with some information on S4x21’s cancellation and S4x22. Links S4x21 Is Cancelled German death due to ransomware article UHS ransomware incident SCIDMark Sanjay Chhillar ICS Security Myth Presentation Shodan ICS Page DoE program to create and evaluate Schneider Electric SBOM (CyTRICS) DoE funding NRECA ICS Detection Tool The post Podcast: September ICS Security Month In Review appeared first on Dale Peterson: ICS Security Catalyst .…
Detecting Triton Type Attacks In this episode I talk with Otis Alexander of MITRE about ATT&CK for ICS Evaluations. We begin with a discussion on ATT&CK and the ICS version of ATT&CK. If you are familiar with this, skip to 17:09 where we begin our discussion on the upcoming evaluations. https://traffic.libsyn.com/secure/unsolicitedresponse/20-22_ATTCK_Evaluations.mp3 MITRE has created a Triton type attack and will test companies abilities to detect the various elements of this created attack. Five companies have signed up to be tested, and hopefully more will step up to this challenge. Otis and I get into the details on how the testing takes place, the scope of the testing, how the results will be reported out, the value of the results to asset owners, and more. Links ATT&CK for ICS ATT&CK for ICS Evaluations The post Podcast: ATT&CK For ICS Evaluations appeared first on Dale Peterson: ICS Security Catalyst .…
Most of the OT Detection and Asset Management solutions have developed ‘integrations’ with SIEMs, with Splunk and QRadar being the most common. I put integrations in quotes because they did little more than push alerts and events to the SIEMs with little context. This all changed with Splunk announcing their OT Security Add-On last month. In this episode of the Unsolicited Response podcast I talk with Ed Albanese, the VP Internet of Things at Splunk about the OT Security Add-On. https://traffic.libsyn.com/secure/unsolicitedresponse/20-21_Splunk.mp3 This is a more detailed, technical episode as I try to dig into the features and benefits of the integration today and where it can be improved in the future. This includes: The additional OT fields in the Splunk Asset Framework The OT_Asset and OT_SW_Asset data models How the 29 OT search queries will work with integrations likely using different terms (such as different names for asset types) and the types of search queries currently supported. The value of having standardizations for some OT alerts/events sent to Splunk, such as “modify control logic”. This support for standardized notables, as Splunk calls them, is not in the released Add On but can be configured. How Splunk is tracking vulnerability management (currently no OT integration) And how Splunk is calculating the Risk Scores in the OT Security Posture Tab Links Splunk OT Security Add-On Announcement Splunk OT Security Add-On Software Download Page The post Podcast: Splunk’s OT Security Add-On appeared first on Dale Peterson: ICS Security Catalyst .…
Chào mừng bạn đến với Player FM!
Player FM đang quét trang web để tìm các podcast chất lượng cao cho bạn thưởng thức ngay bây giờ. Đây là ứng dụng podcast tốt nhất và hoạt động trên Android, iPhone và web. Đăng ký để đồng bộ các theo dõi trên tất cả thiết bị.
Tham gia ứng dụng podcast tốt nhất thế giới để quản lý các chương trình yêu thích của bạn trực tuyến và nghe ngoại tuyến trên ứng dụng Android và iOS. Nó miễn phí và dễ sử dụng!