Blog

Upcoming talk @CS3STHLM – Operator Jail Breakouts

In a few weeks I’ll be giving a talk together with Frank Lycops ( https://asvalis.com)  on the hidden dangers of Operator Jail breakouts, how to test these issues, and how to prevent them.  The talk will be provided at the CS3sthlm conference in Sweden (https://cs3sthlm.se/). A brief summary of what to expect: Operator stations are today… Continue reading Upcoming talk @CS3STHLM – Operator Jail Breakouts

DIY insider threat presentation CS3sthlm – elaboration on questions received

During my presentation at the CS3sthlm conference (DIY insider threat detection/prevention within ICS environments), I've received some questions on this topic. Within this post I'll elaborate a bit more on these. A majority of the people in the audience claim they know their environments. Do you believe them? The results of the poll during the… Continue reading DIY insider threat presentation CS3sthlm – elaboration on questions received

DIY insider threat detection/prevention within ICS environments

This is a summary of the talk I gave during the CS3sthlm conference in October (link to topic: https://cs3sthlm.se/program/presentations/dieter-sarrazyn/) The goal of the presentation was to help people and organisation in setting up an internal “insider threat detection/prevention” program without looking at the big/expensive products out there. I will explain some (sometimes simple) things and… Continue reading DIY insider threat detection/prevention within ICS environments

Hidden dangers of remote management

In Secure remote management for ICS I have written and stated that you can have a secure remote management solution / setup for ICS environments. Having a centralized, time based, source IP controlled, strong authenticated, monitored and logged solution is good and secure - but remains limited to your environment. Nevertheless, there are hidden dangers… Continue reading Hidden dangers of remote management