Detecting Triton Type Attacks

In this episode I talk with Otis Alexander of MITRE about ATT&CK for ICS Evaluations. We begin with a discussion on ATT&CK and the ICS version of ATT&CK. If you are familiar with this, skip to 17:09 where we begin our discussion on the upcoming evaluations.

MITRE has created a Triton type attack and will test companies abilities to detect the various elements of this created attack. Five companies have signed up to be tested, and hopefully more will step up to this challenge.

Otis and I get into the details on how the testing takes place, the scope of the testing, how the results will be reported out, the value of the results to asset owners, and more.

Links

ATT&CK for ICS

ATT&CK for ICS Evaluations