Following up from yesterday’s post, here are a few more notes on UAC and Bandolier.
First, my earlier post focused on Windows 7 but I probably should mention that UAC applies to 2008 server as well. The UAC implementation on the original 2008 server is similar to Vista, with 2008 R2 being more similar to Windows [...]

We’re develoing our first set of Bandolier audit files that will include Windows 7 components. The control system community, for the most part, has not embraced Windows Vista so Windows 7 is the first exposure for many to User Account Control (UAC). UAC is perhaps the most hated “feature” of Vista — the constant prompts [...]

EnergySec puts on a great electric sector control system security event every year, and it is a bargain at $150. The agenda is now out for this year’s event in Denver, Sept 21 and 22.
Looking at the agenda the highlight for me are presentations from James Arlen, Dave Lewis and Patrick Miller. These three always [...]

We are teaching our half day training class on Auditing Control System Security Configuration With Nessus and Bandolier — this time on Sept 22nd in Denver after EnergySec. In this course you learn how to use Bandolier, customize the Bandolier Security Audit Files, and use other Nessus credentialed checks for both security and NERC CIP [...]

Last week I attended, presented and tweeted at the Dept of Energy Cybersecurity For Energy Delivery Systems Peer Review. The idea is DoE funds all these research projects, and they would like a group of owner operators and other industry guru’s to help determine if the projects will help secure the energy sector’s critical control [...]

SCADA-targeted malware was inevitable and I suspect, despite the fact that it took this long to happen, that we haven’t seen the last of it. There’s a forest and trees lesson here that I hope we learn through this. Before we get too carried away on a specific vulnerability and throwing stones at software vendors, [...]

I’ve seen my fair share of Oracle databases in control systems and have been thinking more about it since working on some Bandolier Security Audit Files for a SCADA system with an Oracle component. With that in mind, here are a few bits of Oracle-related news and tips.

Oracle announced today that this quarter’s cycle includes [...]

Earlier this month Tenable released a new policy compliance plugin for Nessus that allows auditing of Cisco router and switch configuration. You don’t have to read very far on the Digital Bond blog to learn that I’m a fan of the Nessus policy compliance plugins and credentialed scanning in general. This is the technology that [...]

I’m working on a set of Bandolier Security Audit Files for a SCADA system that’s new to the project. The system includes an Oracle database so, along with the SCADA application and underlying operating systems, we are developing checks for the database server to verify that it is in an optimal security configuration. In this [...]

A typical SCADA or DCS has thousands of settings that affect security spread out over the different server and workstation components. If you’re an asset owner, how do you know that your system is delivered with a secure configuration? How can you validate that at FAT and SAT and audit the configuration periodically over time? [...]