See Technical ICS Security Presentations

Digital Bond's S4 2012 Video Channel




Digital Bond and Rapid7 release two Metasploit Modules for GE D20ME. Recover credentials and command line interface.


See 90 Minutes on PLC Hacking & Exploits in Project Basecamp. Results from 7 devices.


Digital Bond and Tenable more Nessus SCADA plugins from Project Basecamp


October This Month in Control System Security Podcast: Rios & McCorkle on 75 HMI Vulns


ICS Security Tool Newsletter Issue #2

Subscribe to ICS Security Tool Mailing List


Video: Dale Peterson's SCADA Research Presentation at OSIsoft User Group

Bandolier Baselines

Bandolier

Digital Bond’s Bandolier project helps asset owners and vendors identify and audit optimal security configuration for industrial control system (ICS) servers and workstations. Digital Bond partners with leading ICS vendors to identify the optimal security configuration that still allows the vendor’s product to operate properly. This requires access to the vendor’s security experts, lead engineers and a test lab. Digital Bond then creates Bandolier Security Audit Files that work with the compliance plugin in the Nessus vulnerability scanner. Bandolier Security Audit Files are available for over twenty control system components, with more on the way.

The Bandolier Baseline Security Audit Files only cover the security settings in the operating system, and they are a starting point for the development of ICS vendor specific Bandolier Security Audit Files. The Bandolier Baselines were developed as follows:

  • We took the Microsoft security guidance for Windows 7 and Windows 2008R2 Member Server as referenced in the NIST National Checklist Program Repository.
  • We added our recommended settings where Microsoft provided no guidance.
  • We modified a very small number of settings where the Microsoft recommendation was not appropriate for control systems. For example, the action to take when a log is full is modified to not stop operation.

There are 187 security configuration settings audited in the Windows 7 Baseline and 202 security configuration settings audited in the Windows 2008R2 Member Server Baseline.

In addition to being useful as a starting point for vendor specific audit files, the Bandolier Baselines can be used to audit security settings on ICS that don’t yet have a Bandolier Security Audit File. Remember they are audits so they don’t change anything or try to exploit any sub-standard security settings.

The Bandolier Baselines for Windows 7 and Windows 2008R2 operating systems are the first developed by Digital Bond. In the past we used the Tenable Security developed OS audit files, with their very kind permission and support.

Based on the number of security checks in other audit files, we believe these Bandolier Baselines are by far the most comprehensive auditing of the Microsoft security recommendations for Windows 7 and 2008R2. As always we welcome any comments or suggestions on these files.