Black Hat Asia 2014: Focus on SCADA
Come March, Black Hat will return to Asia for the first time since 2008, and we're rearin' to make up for lost time. Two days each of Trainings and Briefings await the region's infosec cognoscenti, so be sure to register now to lock in the discounted early rates. Today we'd like to give you a preview of three Trainings we'll be hosting, all of which focus on the hot-button topic of embedded systems.
First up: Supervisory control and data acquisition (SCADA) systems are all around us, running crucial day-to-day processes, yet are among the most poorly understood and protected. In Attacking, Defending and Building SCADA Systems, you'll take a deep dive into SCADA security fundamentals, gaining the knowledge you need to perform pentesting against live SCADA environments. Training activities will include SCADA RTOS firmware reversing, SCADA protocol fuzzing, and live attacks against PLCs.
For another take on the SCADA security beat, check out Assessing and Exploiting Control Systems with SamuraiSTFU. Billed as a non-traditional take on SCADA security, the course will teach you how to employ NESCOR's formal pentesting methodology using SamuraiSTFU (Security Testing Framework for Utilities) to perform hands-on pentesting against embedded electronic field devices, their RF communications, and the myriad of user interfaces used throughout smart grid systems.
Interconnected embedded devices are proliferating in the medical world too, where the consequences for an attack or data breach could be severe. Medical Monsters: Finding and Battling Demons in the Healthcare Technology is aimed at healthcare professionals who want to understand all of this new data that's flowing through their networks, and learn how to secure it. More than theoretical exercises, you'll be able to apply the course's hands-on lessons as soon as you return to your workplace.
Ready to register? Please visit Black Hat Asia 2014's registration page to get started.