Security testing for ICS Owners – Back to Basics …

Why “Back to basics” regarding security testing? Well... during several previous security assessments that I have performed, I have run into a lot of the issues mentioned within the presentation I have given on this years CS3STHLM conference in Stockholm. Sometimes I also have the feeling that too much attention is given to technical and… Continue reading Security testing for ICS Owners – Back to Basics …

Collaboration Network extended

After having established a good and close cooperation between Secudea, Onrix and Asvalis, it was time to expand the portfolio of combined services. This is why the collaboration network has been extended with Corelan Consulting (founded by Peter Van Eeckhoutte). The foundations of this cooperation are based on strong policy and security principles, including mutual… Continue reading Collaboration Network extended

Upcoming talk @CS3STHLM – Operator Jail Breakouts

In a few weeks I’ll be giving a talk together with Frank Lycops (  on the hidden dangers of Operator Jail breakouts, how to test these issues, and how to prevent them.  The talk will be provided at the CS3sthlm conference in Sweden ( A brief summary of what to expect: Operator stations are today… Continue reading Upcoming talk @CS3STHLM – Operator Jail Breakouts

DIY insider threat presentation CS3sthlm – elaboration on questions received

During my presentation at the CS3sthlm conference (DIY insider threat detection/prevention within ICS environments), I've received some questions on this topic. Within this post I'll elaborate a bit more on these. A majority of the people in the audience claim they know their environments. Do you believe them? The results of the poll during the… Continue reading DIY insider threat presentation CS3sthlm – elaboration on questions received