Following the SCADA 101 attack talk at RSA last year, this talk will focus on ICS/SCADA attack detection. You will learn about some of the basic ICS/SCADA attack behaviors and the relevant logs. We will then delve into some of the fundamental techniques you can use to detect SCADA attacks, including using ML/anomaly detection. You will see a demo of ICS/SCADA attack detection in practice.
Learning Objectives: 1: Learn about some of the key ICS/SCADA attack techniques. 2: Find out about the relevant log sources needed to detect ICS/SCADA attacks. 3: Learn about some of the fundamental techniques that can be used to detect ICS/SCADA attacks.
Pre-Requisites: Some network security, incident response, security analytics experience is recommended.