Hands on exercises with open source tools and resources available for ICS/SCADA NSM.
What you'll learn
- They will learn how to apply open source tools and other resources, to implement Network Security Monitoring specifically for ICS/SCADA environments
- Some exposure to Security Onion, Kibana, TRITON SIS Malware PCAP, TRITON/TRISTATION Snort Rules, Nozomi Networks TRITON SIS Malware resources, Wireshark PCAP, and SGUIL.
Requirements
- It would be beneficial if you took my first course on Udemy: ICS/SCADA Cyber Security. We will use PCAP from the first course in this 2nd course.
- It would beneficial if the student could setup an instance of the Security Onion Linux distribution so the student could gain hands on experience following along with the course.
- A hunger to learn, to improve, and progress in your Cyber Security tradecraft. Persistence!
Description
Our world is growing more and more dependent upon technology and systems that monitor and control industrial processes. The electric power grid, water and sewage systems, oil and natural gas pipelines, and many more critical infrastructure utilize Industrial Control Systems/Supervisory Control and Data Acquisition (ICS/SCADA) systems. ICS/SCADA is used to monitor and control these infrastructure processes. One way we can defend these systems is by implementing Network Security Monitoring (NSM) within ICS/SCADA environments. This ICS/SCADA Network Security Monitoring (NSM) course will provide you with a strong foundation in some of the open source tools that are available to implement ICS/SCADA NSM within your ICS/SCADA environments! You will learn about various topics such as: What is Security Onion, and how can it be used for ICS/SCADA NSM? What open source tools and resources are available to implement ICS/SCADA NSM? How do I update my Snort rules to implement ICS/SCADA NSM? What are some Snort rules that can be used to detect the TRITON SIS Malware? What other TRITON SIS Malware resources are out there? etc...
Who this course is for:
- Intermediate to Advanced level Cyber Security students who want to learn how to apply open source tools to conduct ICS/SCADA Network Security Monitoring.
