Bandolier is our DOE-funded project where we are working with control system application vendors to define optimal security configuration for the various components (HMI’s, Historians, Realtime Servers, etc…). We then develop Nessus audit files that allow an asset owner/operator to audit their systems. Loyal blog readers have heard us discuss many facets of the project [...]

We’ve had a lot of posts about fuzzing on the blog lately. We’ve looked at the latest technologies and techniques, we’ve talked about fuzzers, intelligent versus dumb, some of the tradeoffs involved with design choices, and in the future we’re going to talk some more about some of the commercial offerings in the space [...]

Testing has always been part of making changes to a control system. When a change is made (e.g. new component, upgrade, patch), we have to know if everything is still going to work. Progressive asset owners have incorporated a security element into their functional testing for a while now. Some would even argue that it’s [...]

Digital Bond’s class, Using and Customizing SCADA Security Tools, was a sellout when first offered the day prior to S4 last month. It teaches advanced students how to use and customize the Bandolier Security Audit Files and the SCADA IDS preprocessors, plugins and signatures. The goal is to help asset owners and vendors take [...]

Fuzzing is growing up.  From the academics of the late 80s throwing random data at unix command line tools, to the early work by researchers and commercial groups in the last 90s and early 2000s, to the explosion of fuzzing topics at conferences around the world about 5 years ago its come a long way.
As [...]

A few thoughts after the intelligent comments, additional info, sound and fury:

Microsoft is in the very rare top tier of companies spending time and money on security. In gross $ and time probably number 1 and very high on a percentage of security to software development time. They are also among the most attacked. So [...]

There was an interesting discussion and information on what is the “best way from an ROI measure” to fuzz test at the CERT sponsored Vulnerablity Disclosure Workshop in DC this week. It led to some tweets back and forth between Digital Bond alumni Matt Franz and myself. First some background:
Fuzz testing is used by vendors, [...]

This is timely considering my post about credentialed scanning earlier this week… Paul Asadoorian over at Tenable posted a video today that demonstrates Nessus credentialed scanning. You can get a look at how to set up a patch audit and netstat port scan, where to put the credentials, etc…
Another important thing Paul covers is setting [...]

Scanning with credentials has opened a new frontier for security assessment. Here’s an analogy: traditional vulnerability scanning is like a mechanic evaluating a car just by looking at the outside and listening to the motor run. It’s useful but there is so much more information available by looking under the hood and plugging into the [...]

Bandolier helps measure optimal security — meaning that we set out to identify and audit the best possible security configuration for a particular control system application. In some cases this means allowing something less than ideal because it is necessary for the function of the application. (Example: a service that is required that most best [...]