contact us see demo

Security Researchers will Present Case Studies that Illustrate Security Gaps Associated with Using Traditional Vulnerability Assessment Techniques in ICS Environments

SUNNYVALE, Calif. and ALBUQUERQUE, N.M. – March 28, 2018 – RiskSense®, Inc., the pioneer in intelligent threat and vulnerability  management, today announced that two of its security researchers will present a session on ICS/SCADA security risk  assessment challenges at the upcoming Industrial Control Systems Joint Working Group (ICSJWG) Spring Meeting in Albuquerque, New Mexico.

WHO: Zach Harding, senior security analyst at RiskSense, is a penetration testing expert who has reversed engineered leaked NSA exploit code.

Benjamin Mixon-Baca, Ph.D., research scientist at RiskSense is an expert on threat modeling and develops vulnerability assessment automation prototypes.

WHAT: Industrial Control System (ICS) device failures can result in potentially catastrophic consequences for operational processes, the environment and human lives. So while it is vital to fully assess cyber security risks in industrial environments, most ICS/SCADA systems are fragile to current vulnerability and penetration testing methodologies. In this session, RiskSense security researchers will use two separate case studies to illustrate the challenges associated with using traditional pen-testing and vulnerability assessment approaches in ICS networks. They will explain why relying primarily on  automated or passive techniques leads to gaps in security visibility, and present alternative methodologies that provide a more comprehensive view of risks and security vulnerabilities in ICS environments.

WHEN: Thursday, April 12, 2018, 11:20 AM – 12:05 PM MDT

WHERE: Albuquerque Marriott, 2101 Louisiana Boulevard NE, Albuquerque, New Mexico

HOW: To schedule a conversation with RiskSense, contact Marc Gendron at marc@mgpr.net or +1 781.237.0341.  For more information and to register, visit: https://ics-cert.us-cert.gov/Industrial-Control-Systems-Joint-Working-Group-ICSJWG

Resources:

RiskSense Vulnerability Discovery Service: http://bit.ly/2ubNeGZ 

RiskSense Attack Surface Validation Service: http://bit.ly/2FYcpTa

RiskSense Platform Overview: http://bit.ly/2yIJ1YE

White Paper on Operationalizing Cyber Risk: http://bit.ly/2gaurSX

Webinar on Cyber Risk Management: What’s Holding Us Back?: http://bit.ly/2xTE2ba