Application Security Weekly: OT Security

It's no surprise that OT security has fared poorly over the last 30+ years. To many appsec folks, these systems have uncommon programming languages, unfamiliar hardware, and brittle networking stacks. They also tend to have different threat scenarios. Many of these systems are designed, successfully, to maintain availability. But when a port scan can freeze or crash a device, that availability seems like it hasn't put enough consideration into adversarial environments. We chat about the common failures of OT design and discuss a few ways that systems designed today might still be secure 30 years from now.

Meet Our Speakers

Huxley Barbee

Former Security Evangelist

Subscribe Now

Get the latest news and expert insights delivered in your inbox.

Welcome to the club! Your subscription to our newsletter is successful.

Related Resources

Oil and Gas Upstream
Huxley Barbee discusses why and how cybersecurity for operational technology (OT) and industrial control systems (ICS) including oil and gas...
Risky Biz Interview: Breaking apart OT protocols
runZero's Rob King on the how and why of reverse engineering for active discovery
ExpedITioners Podcast: The modern divergence of environments and security methodologies
In this episode, Zach and Huxley talk about the modern divergence of environments and security methodologies.
Infosec Toolshed: Metasploit: Why did he do it?
Every top 10 list of security tools includes Metasploit. But how did the project get started?

See Results in Minutes

Get complete visibility into IT, OT, & IoT — without agents, credentials, or hardware.

© Copyright 2024 runZero, Inc. All Rights Reserved