OWASP AppSec DC 2012/Vulnerabilities in Industrial Control Systems

Revision as of 19:59, 11 March 2012 by Mark.bristow (talk | contribs)

Jump to: navigation, search


Registration Now OPEN! | Hotel | Schedule | Convention Center | AppSecDC.org

The Presentation

In 2011 ICS-CERT experienced a dramatic increase in reported disclosures of vulnerabilities in industrial control system (ICS) products. Security researchers (white, gray, and black hats) across the globe are increasing their research in the ICS product arena and the potential impact to critical infrastructure. Coordinated vulnerability disclosures of control system products are increasing rapidly, but so are the instances of unanticipated or full disclosures.
The once obscure world of ICS security is now a hot topic in the media and around the water cooler. This presentation will discuss the daunting trends in the disclosure of ICS product vulnerabilities, who is disclosing new vulnerabilities, and the coordination process used by ICS-CERT. We will also discuss what concerning trends ICS-CERT is seeing, including recent hacktivist and anarchist group activity.

The Speakers

Kevin Hemsley

Owasp logo normal.jpg
Mr. Kevin Hemsley is a Senior Critical Infrastructure Security Analyst and Vulnerability Handler within the Industrial Control Systems - Cyber Emergency Response Team (ICS-CERT). In this role, he provides all-source research, analysis, and reporting on all aspects of threats affecting domestic critical infrastructure protection, computer network operations, and industrial control systems.

Gold Sponsors

Aspect logo owasp.jpg AppSecDC2009-Sponsor-securicon.gif AppSecDC2009-Sponsor-mandiant.gif AppSecDC2012-ISC2.gif

Silver Sponsors


Small Business

AppSecDC2012-Sponsor-sideas.gif BayShoreNetworks.png


link=http://www.codenomicon.com/ Codenomicon WhiteHat Logo.png AppSecDC2012-HP.jpg WSI - Logo.jpg