SCADA-targeted malware was inevitable and I suspect, despite the fact that it took this long to happen, that we haven’t seen the last of it. There’s a forrest and trees lesson here that I hope we learn through this. Before we get too carried away on a specific vulnerability and throwing stones at software vendors, [...]

I’ve seen my fair share of Oracle databases in control systems and have been thinking more about it since working on some Bandolier Security Audit Files for a SCADA system with an Oracle component. With that in mind, here are a few bits of Oracle-related news and tips.

Oracle announced today that this quarter’s cycle includes [...]

I spent some time last week working with the Nessus Cisco IOS compliance plugins. My testing and blog post mostly focused on routers but a great comment from Michael Toecker got me thinking about network switches and their role in control system security. They are an important, but often overlooked, element of control system IT [...]

Earlier this month Tenable released a new policy compliance plugin for Nessus that allows auditing of Cisco router and switch configuration. You don’t have to read very far on the Digital Bond blog to learn that I’m a fan of the Nessus policy compliance plugins and credentialed scanning in general. This is the technology that [...]

I’m working on a set of Bandolier Security Audit Files for a SCADA system that’s new to the project. The system includes an Oracle database so, along with the SCADA application and underlying operating systems, we are developing checks for the database server to verify that it is in an optimal security configuration. In this [...]

A typical SCADA or DCS has thousands of settings that affect security spread out over the different server and workstation components. If you’re an asset owner, how do you know that your system is delivered with a secure configuration? How can you validate that at FAT and SAT and audit the configuration periodically over time? [...]

A recent Nessus update added some functionality that was missing ever since the 4.2 upgrade — the ability to save a scan template. I’ve had enough Bandolier users ask me about this to make it worth mentioning here.
Basically, with the new 4.2 UI, there was no way to save a scan. Policies and of course [...]

Optimal security configuration is a term we often use to describe what is measured by the Bandolier security audit files. One definition for optimal, according to my dictionary, is “most desirable”. Yes, I just busted out the clichéd dictionary definition. But I think it’s useful here because it helps get to this question: what is [...]

Nessus was an obvious choice when we set out to build the Bandolier Security Audit Files. First, it is one of the most popular security tools available and is the de facto standard for vulnerability scanners. The compliance plugins work perfectly for the goal of Bandolier – measure the optimal security configuration for SCADA and [...]

Here are a few more thoughts and observations from ICSJWG…

We taught our Using and Customizing SCADA Security Tools course on the Monday prior to ICSJWG. Seeing the students in the class use and customize Bandolier was exciting and, for me, helped set the tone for the next couple of days. Dale already covered some other [...]