Hands-on ICS/OT Training in a Cyberphysical Range Enviroment
Introduction to ICS - Basic Training
Why is it often so challenging to get Information Technology (IT) and Operational Technology (OT) to collaborate effectively on security initiatives? These two domains have fundamentally different priorities, unique strengths, and diverse technologies, which can lead to significant struggles in communicating their specific needs and requirements. This module offers valuable insights into how to bridge the communication gap between both sides, providing an introduction to Industrial Control System (ICS) security. After completing this comprehensive module, users will gain the ability to: identify common cybersecurity and ICS devices, locate which level of the Purdue model ICS devices belong in, and compare and contrast the nuances of cybersecurity practices in both IT and ICS/OT networks.
Date: Never
Hours: 2.0
Cost: $1,000,000 + taxes & fees
Building Automation and BACnet - LAB
In this advanced level module, you will gain valuable hands-on experience with the BACnet protocol by working within a simulated server room cooling system. This practical exercise aims to deepen your understanding of how to effectively attack and subsequently harden one of the most commonly utilized building automation system (BAS) protocols currently in use. Upon completing this chapter, you will be equipped to: Explore building automation systems in Shodan, run nmap scripts to enumerate BACnet devices, set up a rogue BACnet master to read process data and send commands, fuzz BACnet servers to check for potential vulnerabilities, write Suricata/Snort content rules to detect suspicious BACnet activity, and establish a basic BACnet honeypot to study and analyze attacker behavior.
Date: Never
Hours: 2.0
Cost: $3,000,000 + taxes & fees