What to expect
The OT course is a combination of lectures and hands-on cyber exercises with industrial control systems and physical protection systems. There will be a morning break, lunch break, and an afternoon break during each day.
- Security operation center staff
- Incident responders
- Reverse engineers
- Software engineers
- IT Staff responsible for operational technology or coordinating with OT/operations staff
- Cybersecurity staff with some responsibility for OT systems
- Operations staff who are responsible for OT/ICS/process systems
- Managers responsible for coordinating incident response, training, or who have an interest in how OT cybersecurity could fit into your organizational construct
If you are unfamiliar with operational technology, this course will provide you with a baseline knowledge of cybersecurity topics related to OT. If you are familiar with OT, this course will provide you with hands-on exercises that allow you to interact with key ICS devices in a way that will bolster your knowledge around related cybersecurity topics.
- Understand how Industrial Control Systems (ICS) and Operational Technology (OT) are implemented in various operational industries.
- Understand OT network topology along with piping and instrument diagrams.
- Understand the consequences of an OT cyberattack.
- Understand how field controllers (RTU, IED, PAC, PLC) are different than a typical PC.
- Perform OT-focused open-source reconnaissance techniques.
- Understand how attackers take unauthorized control of a poorly protected HMI.
- Understand how to extract, open, and analyze a piece of firmware.
- Search PCAPs to find a malicious executable.
- Locate potentially compromised hosts.
- Determine origination of command and control traffic.
- Recognize log file manipulations.
- We will provide enough equipment to allow small groups to work together to complete the exercises.
- If you have a laptop with internet access and a Kali Linux OS and would like to bring it, please do.
- Be sure to bring a laptop with a web browser for the collaborative exercise, if you are coming to a Foundry event!
A Setup Guide will be provided in the participant portal.