Difference between revisions of "OWASP AppSec DC 2012/Real world backdoors on industrial devices"

From OWASP
Jump to: navigation, search
(Created page with "<noinclude>{{:OWASP AppSec DC 2012 Header}}</noinclude> __NOTOC__ == The Presentation == rightThe ICS security, or the lack of, has been hoggi...")
 
Line 2: Line 2:
 
__NOTOC__
 
__NOTOC__
 
== The Presentation  ==
 
== The Presentation  ==
[[Image:Owasp_logo_normal.jpg|right]]The ICS security, or the lack of, has been hogging the titles during the last months. The underlying issue behind this fact is that, in a post-stuxnet era, the industrial control systems are facing a totally new scenario, they are not a safe place anymore but a potential and valuable target. A lot of questions arise, but maybe the most important one is: are they prepared to face this threat? This presentation details the whole process of analyzing industrial devices, including methods such as reverse engineering and open source intelligence.<br>The results of this approach are also elaborated, showing real cases of backdoors found on widely deployed PLCs and SmartMeters
+
The ICS security, or the lack of, has been hogging the titles during the last months. The underlying issue behind this fact is that, in a post-stuxnet era, the industrial control systems are facing a totally new scenario, they are not a safe place anymore but a potential and valuable target. A lot of questions arise, but maybe the most important one is: are they prepared to face this threat? This presentation details the whole process of analyzing industrial devices, including methods such as reverse engineering and open source intelligence.<br>The results of this approach are also elaborated, showing real cases of backdoors found on widely deployed PLCs and SmartMeters
 
== The Speakers  ==
 
== The Speakers  ==
Ruben Santamarta
+
<table>
 +
<tr>
 +
<td>
 +
===Ruben Santamarta===
 +
[[Image:AppSecDC12-ruben.png|left]]Ruben Santamarta is a european security researcher specialized in offensive security.
 +
 
 +
He has discovered dozens of vulnerabilities on products from leading companies such as Microsoft, Apple or Oracle.
 +
 
 +
Ruben is currently focused on the ICS security field, reporting and releasing flaws on industrial software and hardware
 +
</td>
 +
</tr>
 +
</table>
 
<noinclude>{{:OWASP AppSec DC 2012 Footer}}</noinclude>
 
<noinclude>{{:OWASP AppSec DC 2012 Footer}}</noinclude>

Revision as of 19:59, 11 March 2012

AppSecDC-468x60-banner-2012.jpg

Registration Now OPEN! | Hotel | Schedule | Convention Center | AppSecDC.org

The Presentation

The ICS security, or the lack of, has been hogging the titles during the last months. The underlying issue behind this fact is that, in a post-stuxnet era, the industrial control systems are facing a totally new scenario, they are not a safe place anymore but a potential and valuable target. A lot of questions arise, but maybe the most important one is: are they prepared to face this threat? This presentation details the whole process of analyzing industrial devices, including methods such as reverse engineering and open source intelligence.
The results of this approach are also elaborated, showing real cases of backdoors found on widely deployed PLCs and SmartMeters

The Speakers

Ruben Santamarta

Ruben Santamarta is a european security researcher specialized in offensive security.

He has discovered dozens of vulnerabilities on products from leading companies such as Microsoft, Apple or Oracle.

Ruben is currently focused on the ICS security field, reporting and releasing flaws on industrial software and hardware


Gold Sponsors

Aspect logo owasp.jpg AppSecDC2009-Sponsor-securicon.gif AppSecDC2009-Sponsor-mandiant.gif AppSecDC2012-ISC2.gif

Silver Sponsors

SPL-LOGO-MED.png

Small Business

AppSecDC2012-Sponsor-sideas.gif BayShoreNetworks.png

Exhibitors

link=http://www.codenomicon.com/ Codenomicon WhiteHat Logo.png AppSecDC2012-HP.jpg WSI - Logo.jpg