DiscoverSplunk [Industrial IoT | Mobile | SignalFx | VictorOps] 2019 .conf Videos w/ SlidesThreat Hunting in Industrial (ICS\OT) Environments [Splunk Enterprise Security, Splunk for Industrial IoT]
Threat Hunting in Industrial (ICS\OT) Environments [Splunk Enterprise Security, Splunk for Industrial IoT]

Threat Hunting in Industrial (ICS\OT) Environments [Splunk Enterprise Security, Splunk for Industrial IoT]

Update: 2019-12-24
Share

Description

Industrial operations comprise a diverse blend of technology that run critical processes. The proliferation of automation and networking has increased the sophistication of Industrial Control Systems (ICS), also known as Operational Technology (OT) environments.Threats targeting OT are increasing in both frequency and sophistication. Dragos tracks 9 OT-targeting activity groups, the most significant of which, XENOTIME, was responsible for the TRISIS malware that targeted safety systems (SIS) resulting in multiple plant shutdowns and the potential to cause harm to human operators.Traditional IT threat hunting is not well-suited to OT environments. This session will outline the differences between IT and OT assessments, highlight the most significant threats facing OT, and review best practices for OT-specific threat hunting engagements, including techniques that empower defenders to detect and respond more efficiently to existing and future threats, therefore reducing adversary dwell time.


Speaker(s)
Amy Bejtlich, Threat Intelligence, Dragos
Marc Seitz, Threat Analyst, Dragos



Slides PDF link - https://conf.splunk.com/files/2019/slides/IOT1641.pdf?podcast=1577146263


Product: Splunk Enterprise Security, Splunk for Industrial IoT


Track: Internet of Things


Level: Good for all skill levels

Comments 
In Channel
Real-time public transport information systems monitoring and analysis in the city of Amsterdam [Splunk Enterprise, Splunk for Industrial IoT]

Real-time public transport information systems monitoring and analysis in the city of Amsterdam [Splunk Enterprise, Splunk for Industrial IoT]

2019-12-2449:30

Solar Analytics: Changing the World One Solar Panel At A Time [Splunk Enterprise, Splunk for Industrial IoT]

Solar Analytics: Changing the World One Solar Panel At A Time [Splunk Enterprise, Splunk for Industrial IoT]

2019-12-24--:--

Soup to Nuts SRE: How to leverage ITSI, VictorOps and Phantom to be a site reliability engineering super hero [Splunk Enterprise, Splunk IT Service Intelligence, Phantom, VictorOps]

Soup to Nuts SRE: How to leverage ITSI, VictorOps and Phantom to be a site reliability engineering super hero [Splunk Enterprise, Splunk IT Service Intelligence, Phantom, VictorOps]

2019-12-2445:47

Splunk as a Tool for DevOps Acceleration [Splunk Enterprise, Splunk IT Service Intelligence, VictorOps]

Splunk as a Tool for DevOps Acceleration [Splunk Enterprise, Splunk IT Service Intelligence, VictorOps]

2019-12-2416:43

Splunk at the Speed of Flight – Delivering Critical Passenger Cabin Services [Splunk Enterprise, Splunk IT Service Intelligence, Splunk for Industrial IoT]

Splunk at the Speed of Flight – Delivering Critical Passenger Cabin Services [Splunk Enterprise, Splunk IT Service Intelligence, Splunk for Industrial IoT]

2019-12-2441:50

Splunk for Good, Seattle University, and University of Connecticut partner to Power Aquaponics Facilities Around the Globe [Splunk Enterprise, Splunk Mobile]

Splunk for Good, Seattle University, and University of Connecticut partner to Power Aquaponics Facilities Around the Globe [Splunk Enterprise, Splunk Mobile]

2019-12-24--:--

Splunk for NewOps – Using Data-Driven IT Operations to Better Manage IT Systems at Scale [Splunk IT Service Intelligence, Splunk Machine Learning Toolkit, VictorOps]

Splunk for NewOps – Using Data-Driven IT Operations to Better Manage IT Systems at Scale [Splunk IT Service Intelligence, Splunk Machine Learning Toolkit, VictorOps]

2019-12-24--:--

Splunk Fortifies ABB Ability Industrial Cloud Foundation [Splunk Enterprise, Splunk for Industrial IoT]

Splunk Fortifies ABB Ability Industrial Cloud Foundation [Splunk Enterprise, Splunk for Industrial IoT]

2019-12-24--:--

Splunk like your life depends on it [Splunk for Industrial IoT]

Splunk like your life depends on it [Splunk for Industrial IoT]

2019-12-24--:--

Success in the Public Sector: How the State of Michigan uses Splunk to improve the lives of its citizens [Splunk Enterprise, Splunk IT Service Intelligence, Splunk Mobile]

Success in the Public Sector: How the State of Michigan uses Splunk to improve the lives of its citizens [Splunk Enterprise, Splunk IT Service Intelligence, Splunk Mobile]

2019-12-24--:--

The most epic road trip to .Conf: IOT in an RV, OMG [Splunk Enterprise, Splunk for Industrial IoT, VictorOps]

The most epic road trip to .Conf: IOT in an RV, OMG [Splunk Enterprise, Splunk for Industrial IoT, VictorOps]

2019-12-24--:--

Threat Hunting in Industrial (ICS\OT) Environments [Splunk Enterprise Security, Splunk for Industrial IoT]

Threat Hunting in Industrial (ICS\OT) Environments [Splunk Enterprise Security, Splunk for Industrial IoT]

2019-12-24--:--

Unified Observability with OpenTelemetry [SignalFx]

Unified Observability with OpenTelemetry [SignalFx]

2019-12-24--:--

Using Splunk and its premium solution to accelerate DevOps lifecycle [Splunk Enterprise, Splunk IT Service Intelligence, VictorOps]

Using Splunk and its premium solution to accelerate DevOps lifecycle [Splunk Enterprise, Splunk IT Service Intelligence, VictorOps]

2019-12-24--:--

Building the “smartest factory on planet earth” – Accenture partnering with leading crystal maker innovating with Splunk for Industrial IoT [Splunk Enterprise, Splunk Machine Learning Toolkit, AI/ML, Splunk for Industrial IoT]

Building the “smartest factory on planet earth” – Accenture partnering with leading crystal maker innovating with Splunk for Industrial IoT [Splunk Enterprise, Splunk Machine Learning Toolkit, AI/ML, Splunk for Industrial IoT]

2019-12-24--:--

Every Minute Counts: Integrating Splunk and VictorOps to Accelerate Incident Response [Splunk Enterprise, Splunk IT Service Intelligence, VictorOps]

Every Minute Counts: Integrating Splunk and VictorOps to Accelerate Incident Response [Splunk Enterprise, Splunk IT Service Intelligence, VictorOps]

2019-12-24--:--

How we understand your intent > Splunk Natural Language Platform (NLP) [Splunk Enterprise, Splunk Cloud, Splunk Mobile]

How we understand your intent > Splunk Natural Language Platform (NLP) [Splunk Enterprise, Splunk Cloud, Splunk Mobile]

2019-12-24--:--

Improving cost-efficiency of inland cargo shipping within the Port of Hamburg – powered by Splunk IoT capabilities [Splunk for Industrial IoT]

Improving cost-efficiency of inland cargo shipping within the Port of Hamburg – powered by Splunk IoT capabilities [Splunk for Industrial IoT]

2019-12-24--:--

Improving the asset reliability for manufacturing the world’s most advanced fighter jet, Lockheed Martin’s F-35 Lightning II with Splunk for Industrial IoT [Splunk for Industrial IoT]

Improving the asset reliability for manufacturing the world’s most advanced fighter jet, Lockheed Martin’s F-35 Lightning II with Splunk for Industrial IoT [Splunk for Industrial IoT]

2019-12-24--:--

Industrial Cyber Security In A Converging IT/OT World [Splunk Enterprise Security, Splunk for Industrial IoT]

Industrial Cyber Security In A Converging IT/OT World [Splunk Enterprise Security, Splunk for Industrial IoT]

2019-12-24--:--

loading
Google Play
Download from Google Play
Castbox
Download from App Store
usUnited States
00:00
00:00
x

0.5x

0.8x

1.0x

1.25x

1.5x

2.0x

3.0x

Sleep Timer

Off

End of Episode

5 Minutes

10 Minutes

15 Minutes

30 Minutes

45 Minutes

60 Minutes

120 Minutes

Threat Hunting in Industrial (ICS\OT) Environments [Splunk Enterprise Security, Splunk for Industrial IoT]

Threat Hunting in Industrial (ICS\OT) Environments [Splunk Enterprise Security, Splunk for Industrial IoT]

Splunk