Podcast: Pwn2Own Miami
Almost 300K Awarded For ICS 0day Exploits The ZDI team brought Pwn2Own to ICS with Pwn2Own Miami at S4x20. They awarded almost $300K to researchers who were able to find and exploit 0day vulnerabilities in important ICS applications. Applications such as HMI and EWS...Podcast: Is The Normalized, Taxonomized Approach In A SIEM Doomed To Fail?
An Interview with Corey Thuen of Gravwell. Dale and Corey discuss the value of a normalized, taxonomized approach to SIEM, which Dr. Anton Chuvakin has famously claimed is doom to fail. Corey is sympathetic to this view and tries to explain it to Dale. The alternative...Podcast: December Month In Review
Eric Byres, CEO of aDolus and of Tofino fame, and I discuss the top three stories from December 2020 and give a Win, Fail and Prediction. https://traffic.libsyn.com/secure/unsolicitedresponse/21-1_December.mp3 Topics: The Solarwinds hackDragos raising $110M in venture...Podcast: October Month In Review
Jason Nations and I go over October’s top three stories plus our Win, Fail and Prediction of the month.
Russian hackers charged, ICS vendor security services, and risk metrics.
Podcast: September ICS Security Month In Review
The ICS Security Month in Review episodes cover two to three big stories from the month plus a win, a fail and a prediction. This month’s stories include: S4x21’s cancellation and S4x22 dates(7:01) Ransomware in ICS (12:30) SCIDMark and other ICS cyber...
Podcast: ATT&CK For ICS Evaluations
Detecting Triton Type Attacks In this episode I talk with Otis Alexander of MITRE about ATT&CK for ICS Evaluations. We begin with a discussion on ATT&CK and the ICS version of ATT&CK. If you are familiar with this, skip to 17:09 where we begin our...
Podcast: Splunk’s OT Security Add-On
Most of the OT Detection and Asset Management solutions have developed ‘integrations’ with SIEMs, with Splunk and QRadar being the most common. I put integrations in quotes because they did little more than push alerts and events to the SIEMs with little...
Podcast: What OT Can Learn From IT
We hear it all the time. OT is different than IT, and IT doesn’t understand OT. People argue about IT/OT convergence. In all these discussions I believe two things are true. OT doesn’t really understand IT, and the similar, but not identical, requirements...Podcast: Interview with CISA Director Krebs on New Strategy
The US Department of Homeland Security CISA put out a new One CISA strategy document and an Alert in July. So I thought it would be a good time to talk with CISA Director Chris Krebs.