In this episode I speak with Ralph Langner of Langner Communications about the ICS Product Security Market. Ralph is famous for his work on Stuxnet, and he has done a lot of great work before and after Stuxnet. For the last two years he has set aside his decades of being in the ICS Security Consulting business and focused on developing the product he feels his clients have needed.
In this podcast we cover a lot of ground including:
- The latest info on Stuxnet and his post Stuxnet experience
- Why he left a comfortable consulting and speaking career
- His view on why Selective Probing (active scanning) is key for ICS Asset Discovery & Inventory
- Whether Asset Management and Detection wiil be separate or combined solutions
- The importance of data import / export and the REST API
- OT SIEM or Enterprise SIEM?
- Identifying configuration changes
- Meta data as being a key in Asset Management
- Does Vulnerability Management belong in Asset Inventory products?
- Will the user profile be a product / market determinant?
Links & Information:
Ralph offers a free 90-day evaluation of the OT-BASE Asset Discovery.
- Langner OT-BASE
- Video on the easily identifiable centrifuge noise change when the Stuxnet attack occurred
- Stuxnet Deep Dive Video from S4x12
- To Kill A Centrifuge White Paper
- Robust Control Systems Networks book
- Selective Probing Video
- Vulnerability Management Video
This episode was sponsored by CyberX. Founded by military cyber experts with nation-state expertise defending critical infrastructure, CyberX has developed an end-to-end platform for continuous ICS threat monitoring and risk mitigation.