I had the pleasure of teaching our Bandolier class again last week. This time we offered it the afternoon following the EnergySec Summit in Denver. Each venue we’ve chosen has a attracted a unique set of students — asset owners, control system vendors, and consultants. This class was heavy on asset owners, people who have to deal with security operations on a day in and day out basis.
Let’s face it: security configuration management and auditing isn’t exactly the sexiest security topic out there. But, based on the feedback we’ve received, the students leave with a new understanding of what is possible with Bandolier, Nessus and credentialed scanning. It’s one thing to talk about optimal security configuration for your control system servers and workstations. It’s another thing to actually use the tools and understand how they can be customized to meet specific challenges in your own environment.
We keep adding to and refining the course content. It now includes database and Cisco IOS auditing. In addition to OSIsoft PI Servers, we even had an Oracle database and Cisco router in our lab environment for students to try out these audit capabilities. Some of the newer Bandolier Security Audit Files that will be released later this year will use the database auditing features more heavily.
I couldn’t find a compelling reason to include it in the course content, but I did show off the new Nessus iPhone app during a break. I’m not endorsing it for control system environments but it was kind of fun for our test lab.
If you couldn’t make it to EnergySec but are interested in knowing when we offer this course next, please leave a comment or send me a note.