RiskSense to Discuss Industrial PenTest Challenges at ICSJWG 2018 Spring Meeting
Security Researchers will Present Case Studies that Illustrate Security Gaps Associated with Using Traditional Vulnerability Assessment Techniques in ICS Environments
SUNNYVALE, Calif. and ALBUQUERQUE, N.M. – March 28, 2018 – RiskSense®, Inc., the pioneer in intelligent threat and vulnerability management, today announced that two of its security researchers will present a session on ICS/SCADA security risk assessment challenges at the upcoming Industrial Control Systems Joint Working Group (ICSJWG) Spring Meeting in Albuquerque, New Mexico.
WHO: Zach Harding, senior security analyst at RiskSense, is a penetration testing expert who has reversed engineered leaked NSA exploit code.
Benjamin Mixon-Baca, Ph.D., research scientist at RiskSense is an expert on threat modeling and develops vulnerability assessment automation prototypes.
WHAT: Industrial Control System (ICS) device failures can result in potentially catastrophic consequences for operational processes, the environment and human lives. So while it is vital to fully assess cyber security risks in industrial environments, most ICS/SCADA systems are fragile to current vulnerability and penetration testing methodologies. In this session, RiskSense security researchers will use two separate case studies to illustrate the challenges associated with using traditional pen-testing and vulnerability assessment approaches in ICS networks. They will explain why relying primarily on automated or passive techniques leads to gaps in security visibility, and present alternative methodologies that provide a more comprehensive view of risks and security vulnerabilities in ICS environments.
WHEN: Thursday, April 12, 2018, 11:20 AM - 12:05 PM MDT
WHERE: Albuquerque Marriott, 2101 Louisiana Boulevard NE, Albuquerque, New Mexico
HOW: To schedule a conversation with RiskSense, contact Marc Gendron at email@example.com or +1 781.237.0341. For more information and to register, visit: https://ics-cert.us-cert.gov/Industrial-Control-Systems-Joint-Working-Group-ICSJWG
RiskSense Vulnerability Discovery Service: http://bit.ly/2ubNeGZ
RiskSense Attack Surface Validation Service: http://bit.ly/2FYcpTa
RiskSense Platform Overview: http://bit.ly/2yIJ1YE
White Paper on Operationalizing Cyber Risk: http://bit.ly/2gaurSX
Webinar on Cyber Risk Management: What's Holding Us Back?: http://bit.ly/2xTE2ba
About RiskSense RiskSense®, Inc., is the pioneer and market leader in pro-active cyber risk management. The company enables enterprises and governments to reveal cyber risk, quickly orchestrate remediation, and monitor the results. This is done by unifying and contextualizing internal security intelligence, external threat data, and business criticality across a growing attack surface.
The company’s Software-as-a-Service (SaaS) Platform transforms cyber risk management into a more pro-active, collaborative, and real-time discipline. The RiskSense Platform embodies the expertise and intimate knowledge gained from real world experience in defending critical networks from the world’s most dangerous cyber adversaries. As part of a team that collaborated with the U.S. Department of Defense and U.S. Intelligence Community, RiskSense founders developed Computational Analysis of Cyber Terrorism against the U.S. (CACTUS), Support Vectors Intrusion Detection, Behavior Risk Analysis of Vicious Executables (BRAVE), and the Strike Team Program.
By leveraging RiskSense cyber risk management solutions, organizations can significantly shorten time-to-remediation, increase operational efficiency, strengthen their security programs, improve cyber hygiene, heighten response readiness, reduce costs, and ultimately minimize cyber risks. For more information, please visit www.risksense.com or follow us on Twitter at @RiskSense.