The offensive security team here at Digital Bond spends a lot of our time attacking various control system components, from field device to SCADA server to HMI and everything in between.  A big part of these attacks is network analysis.  We examine the protocols being used to control the targeted systems, and in the case [...]

The Digital Bond team will be at some events over the next four weeks.
Marco and I will be at Distributech in Tampa from March 23 – 25. We will be in the Department of Energy booth talking about our DoE funded Bandolier and Portaledge projects. Stop by and you can see a Bandolier demo and [...]

Last week, I discussed the updates to the active profiles and port ranges within rules features. Today, I wanted to talk about a couple encryption and authorization features. Specifically, the ability to dynamically create encryption tunnels and manage the users/computers that can and cannot communicate to the firewalled network service.
The dynamic encryption feature [...]

Patrick Miller, previously with WECC, is now the Technical Director, NERC CIP Practice at ICF International.
Jake Brodsky, Bob Radvanovsky and some others from the SCADASEC list are organizing “The Gathering” on May 14-15 at the Marriott Courtyard Chicago Ohare. It will be interesting to hear what comes from this unstructured brainstorming, show and tell, hack [...]

For the past two weeks we have been working on integrating Portaledge with enterprise SEMs.  We added an outputSEM funtion in all of the Portaledge modules that writes normalized output to a file. The outputSEM function is designed to be easy to alter if an enterprise SEM does not have a method of interpreting log [...]

I’m a huge fan of Tom Peters and came across this quote re-reading his Brand You 50 for probably the 8th time.
If the client is an ‘idiot’ who ‘just doesn’t get it’; and you’re a ‘long-suffering genius’ . . . you are d-o-o-m-e-d.
All too often we hear this “just doesn’t get it” attitude in the [...]

Yesterday, I wrote a quick introduction to the Win7/2008R2 firewall.  Today, I will be discussing two really great Windows Firewall features that were updated but first I need to clarify something.  The features discussed within this and future firewall posts are specific to Win2008 R2 and not Win2008. This is because Win2008’s firewall feature set [...]

Recently, I was onsite at a vendor’s office as part of the Bandolier project and ran into a situation where the Win2k3 firewall was not enabled or configured. After the onsite visit and a little Firewall enabling, I started to think about how much the Windows Firewall has changed since WinXP/Win2k3. Specifically, I [...]

We are offering our Advanced Training Course on April 5th in San Antonio to make it convenient for those attending ICSJWG’s Spring Meeting on April 6 – 8. The afternoon module is on using and customizing our SCADA IDS preprocessors, plugins and signatures developed with funding from a DHS S&T contract.
The morning module will [...]

A few days ago a friend of mine shared out an old editorial about lifeboats, parodying the objections to civil defense programs in the early 60s, from the Harvard Crimson. People haven’t changed much. The same type of arguments brought up time and time again when discussing the need for better education into software [...]