Attacks against industrial control systems (ICS) are on the rise. To effectively respond to this emerging threat, organizations must be aware of the challenges that come along with performing digital forensics and incident response (DFIR) for ICS. This course is designed to give ICS security personnel the skills needed to identify and understand threats targeting ICS devices that use embedded operating systems such as VxWorks and Windows CE. This fast-paced technical course offers learners hands-on experience investigating targeted attacks and guides them through the steps required to analyze and triage compromised ICS.
After completing this course, learners should be able to:
- Learn to investigate targeted attacks against ICS
- Understand the steps required to triage compromised ICS
Who should attend
Incident response team members, threat hunters, information security professionals and industrial control system security professionals.
Background in ICS, PLCs and other embedded devices and operating systems. Background in forensic analysis, network traffic analysis, log analysis, security assessments and penetration testing, security architecture, and system administration.
In-classroom instructor-led training
What to bring
Students are required to bring their own laptop that meets the following specs:
- Windows 7+ or Windows 7 Virtual machine
- VMware Player or Workstation
- 20 GB of free HDD space
- Wireless connectivity