contact us

Security Researchers will Present Case Studies that Illustrate Security Gaps Associated with Using Traditional Vulnerability Assessment Techniques in ICS Environments

SUNNYVALE, Calif. and ALBUQUERQUE, N.M. – March 28, 2018 – RiskSense®, Inc., the pioneer in intelligent threat and vulnerability  management, today announced that two of its security researchers will present a session on ICS/SCADA security risk  assessment challenges at the upcoming Industrial Control Systems Joint Working Group (ICSJWG) Spring Meeting in Albuquerque, New Mexico.

WHO: Zach Harding, senior security analyst at RiskSense, is a penetration testing expert who has reversed engineered leaked NSA exploit code.

Benjamin Mixon-Baca, Ph.D., research scientist at RiskSense is an expert on threat modeling and develops vulnerability assessment automation prototypes.

WHAT: Industrial Control System (ICS) device failures can result in potentially catastrophic consequences for operational processes, the environment and human lives. So while it is vital to fully assess cyber security risks in industrial environments, most ICS/SCADA systems are fragile to current vulnerability and penetration testing methodologies. In this session, RiskSense security researchers will use two separate case studies to illustrate the challenges associated with using traditional pen-testing and vulnerability assessment approaches in ICS networks. They will explain why relying primarily on  automated or passive techniques leads to gaps in security visibility, and present alternative methodologies that provide a more comprehensive view of risks and security vulnerabilities in ICS environments.

WHEN: Thursday, April 12, 2018, 11:20 AM – 12:05 PM MDT

WHERE: Albuquerque Marriott, 2101 Louisiana Boulevard NE, Albuquerque, New Mexico

HOW: To schedule a conversation with RiskSense, contact Marc Gendron at marc@mgpr.net or +1 781.237.0341.  For more information and to register, visit: https://ics-cert.us-cert.gov/Industrial-Control-Systems-Joint-Working-Group-ICSJWG

Resources:

RiskSense Vulnerability Discovery Service: http://bit.ly/2ubNeGZ 

RiskSense Attack Surface Validation Service: http://bit.ly/2FYcpTa

RiskSense Platform Overview: http://bit.ly/2yIJ1YE

White Paper on Operationalizing Cyber Risk: http://bit.ly/2gaurSX

Webinar on Cyber Risk Management: What’s Holding Us Back?: http://bit.ly/2xTE2ba

RiskSense Logo

RiskSense®, Inc. provides vulnerability management and remediation prioritization to measure and control cybersecurity risk. The cloud-based RiskSense platform delivers Risk-Based Vulnerability Management, Application Security Orchestration and Correlation, in addition to our Vulnerability Knowledge Base.These products bring insight to the wide views of vulnerability risk with adversarial threat-context and ties to ransomware. With Vulnerability Risk Rating, threat analytics, and automated playbooks prioritize actions for critical security weaknesses dramatically improving security and IT efficiency and effectiveness of managing attack surface risk.

Contact us at

+1 505-217-9422

Follow Risksense on LinkedIn Follow Risksense on Twitter

© 2021 RiskSense, Inc. All rights reserved.
Legal Notices, Privacy Policy, and Customer Agreements | Site Map