ICS Proactive Defense: Leveraging Operational Threat-hunting for Resilience: Part 3



Threat hunting in ICS environments must consider safety. IT and ICS systems have different missions, objectives, impacts during an incident, and different assets like embedded operating systems, and engineering devices speaking non-traditional industrial protocols. Adversaries targeting ICS must use different attack tactics and techniques for access, execution, collection, and persistence, etc., to degrade safety, manipulate control, damage physical engineering assets, etc. Thus, ICS hunting, while sharing the core attributes of traditional hunting such as of hypothesis-driven efforts, needs to be adapted to critical infrastructure.

 

In this New ICS Threat Hunting webcast series, each webcast will build on the previous one. We will discuss and have a question and answers for each:

  • ICS Threat Hunting PT1 - ICS Threat Hunting Benefits and When To Start
  • ICS Threat Hunting PT2 - ICS Data Sources - Building ICS Threat Hunt Packages
  • ICS Threat Hunting PT3 - Hunting in the ICS with Hypothesis-Driven Examples & Walkthroughs

Speaker and Presenter Information

Dean Parsons

Relevant Government Agencies

Other Federal Agencies, Federal Government, State & Local Government

Members who viewed this event also viewed:

View Exhibitor/Sponsorship Details


Event Type
Webcast


When
Mon, Mar 21, 2022, 1:00pm ET


Cost
Complimentary:    $ 0.00


Website
Click here to visit event website


Organizer
SANS Institute


Contact Event Organizer



Return to search results