The ICS Detection Challenge at S4x18 last January pitted Claroty, Gravwell, Nozomi and Security Matters in a competition to determine who could create the most complete asset inventory and who could do the best job detecting attacks through passive ICS network monitoring only.

In this podcast Dale Peterson and Eric Byres discuss

  • Where the packets came from and what type of ICS created the packet samples (2:00)
  • An analysis of the product categories ability to create an asset inventory (14:10)
  • The effectiveness of the detection capabilities (28:30)
  • Where this product category is likely to go in the next 1 to 5 years. (36:06)

Claroty won the event, but the results really showed what the product category could and could not do.

Links:


This episode was sponsored by CyberX. Founded by military cyber experts with nation-state expertise defending critical infrastructure, CyberX has developed an end-to-end platform for continuous ICS threat monitoring and risk mitigation.

Check out the CyberX Global ICS and IIoT Risk Report and my podcast from last year on the report with Phil Neray.