Active scanning is often considered a no-go on industrial control systems and other OT and IoT devices because of bad experiences they’ve had. However, the reasons that led to devices freezing up are entirely avoidable. Alternatives, such as passive monitoring, are expensive and don’t yield great results.
In this talk, you’ll learn about the most common reasons why embedded devices become unstable and how to make active scanning perfectly safe. The talk is based on lab research. Its recommendations have been proven to work in manufacturing plants, hospitals, and utility companies.
Importance: Because passive discovery via SPAN or TAP is difficult and expensive to deploy and active scanning is considered a no-go, security teams responsible for OT environments lack good asset inventory. Without proper inventory and an understanding of the true network structure, security teams can’t be proactive about their security posture and leave their networks open to attacks. All of this is because of misconceptions about active scanning that can be easily resolved.
CypherCon is an annual Wisconsin hacker conference attracting over 1,500 attendees held in Milwaukee, Wisconsin each spring:Â https://cyphercon.com
Meet Our Speakers
Chris Kirsch
Contributor
Get the latest news and expert insights delivered in your inbox.
