homepage
Open menu
Go one level top
  • Train and Certify
    Train and Certify

    Immediately apply the skills and techniques learned in SANS courses, ranges, and summits

    • Overview
    • Courses
      • Overview
      • Full Course List
      • By Focus Areas
        • Cloud Security
        • Cyber Defense
        • Cybersecurity and IT Essentials
        • DFIR
        • Industrial Control Systems
        • Offensive Operations
        • Management, Legal, and Audit
      • By Skill Levels
        • New to Cyber
        • Essentials
        • Advanced
        • Expert
      • Training Formats
        • OnDemand
        • In-Person
        • Live Online
      • Course Demos
    • Training Roadmaps
      • Skills Roadmap
      • Focus Area Job Roles
        • Cyber Defense Job Roles
        • Offensive Operations Job Roles
        • DFIR Job Roles
        • Cloud Job Roles
        • ICS Job Roles
        • Leadership Job Roles
      • NICE Framework
        • Security Provisionals
        • Operate and Maintain
        • Oversee and Govern
        • Protect and Defend
        • Analyze
        • Collect and Operate
        • Investigate
        • Industrial Control Systems
      • European Skills Framework
    • GIAC Certifications
    • Training Events & Summits
      • Events Overview
      • Event Locations
        • Asia
        • Australia & New Zealand
        • Latin America
        • Mainland Europe
        • Middle East & Africa
        • Scandinavia
        • United Kingdom & Ireland
        • United States & Canada
      • Summits
    • OnDemand
    • Get Started in Cyber
      • Overview
      • Degree and Certificate Programs
      • Scholarships
      • Cyber Aces
    • Cyber Ranges
  • Manage Your Team
    Manage Your Team

    Build a world-class cyber team with our workforce development programs

    • Overview
    • Why Work with SANS
    • Group Purchasing
    • Build Your Team
      • Team Development
      • Assessments
      • Private Training
      • Hire Cyber Professionals
      • By Industry
        • Health Care
        • Industrial Control Systems Security
        • Military
    • Leadership Training
  • Security Awareness
    Security Awareness

    Increase your staff’s cyber awareness, help them change their behaviors, and reduce your organizational risk

    • Overview
    • Products & Services
      • Security Awareness Training
        • EndUser Training
        • Phishing Platform
      • Specialized
        • Developer Training
        • ICS Engineer Training
        • NERC CIP Training
        • IT Administrator
      • Risk Assessments
        • Knowledge Assessment
        • Culture Assessment
        • Behavioral Risk Assessment
    • OUCH! Newsletter
    • Career Development
      • Overview
      • Training & Courses
      • Professional Credential
    • Blog
    • Partners
    • Reports & Case Studies
  • Resources
    Resources

    Enhance your skills with access to thousands of free resources, 150+ instructor-developed tools, and the latest cybersecurity news and analysis

    • Overview
    • Webcasts
    • Free Cybersecurity Events
      • Free Events Overview
      • Summits
      • Solutions Forums
      • Community Nights
    • Content
      • Newsletters
        • NewsBites
        • @RISK
        • OUCH! Newsletter
      • Blog
      • Podcasts
      • Summit Presentations
      • Posters & Cheat Sheets
    • Research
      • White Papers
      • Security Policies
    • Tools
    • Focus Areas
      • Cyber Defense
      • Cloud Security
      • Digital Forensics & Incident Response
      • Industrial Control Systems
      • Cyber Security Leadership
      • Offensive Operations
  • Get Involved
    Get Involved

    Help keep the cyber community one step ahead of threats. Join the SANS community or begin your journey of becoming a SANS Certified Instructor today.

    • Overview
    • Join the Community
    • Work Study
    • Teach for SANS
    • CISO Network
    • Partnerships
    • Sponsorship Opportunities
  • About
    About

    Learn more about how SANS empowers and educates current and future cybersecurity practitioners with knowledge and skills

    • SANS
      • Overview
      • Our Founder
      • Awards
    • Instructors
      • Our Instructors
      • Full Instructor List
    • Mission
      • Our Mission
      • Diversity
      • Scholarships
    • Contact
      • Contact Customer Service
      • Contact Sales
      • Press & Media Enquiries
    • Frequent Asked Questions
    • Customer Reviews
    • Press
    • Careers
  • Contact Sales
  • SANS Sites
    • GIAC Security Certifications
    • Internet Storm Center
    • SANS Technology Institute
    • Security Awareness Training
  • Search
  • Log In
  • Join
    • Account Dashboard
    • Log Out
  1. Home >
  2. Blog >
  3. DISC: SANS ICS Virtual Conference and ICS CTF Event Details
370x370_Robert-M-Lee.jpg
Robert M. Lee

DISC: SANS ICS Virtual Conference and ICS CTF Event Details

Here are the details for the DISC: SANS ICS Virtual Conference on May 1st and the Capture the Flag (CTF) Challenge event on April 30th

April 26, 2020

ics-virtual-conf.jpg

We are counting the days for our DISC Conference! but before we let the fun begin, here's important information you must read.

On April 30th, 2020, a day before the Conference, there will be an entirely free, really exciting, industrial control system (ICS) capture the flag (CTF) hosted by Dragos, Inc. and the SANS Institute. Following that there will be an entirely free day long virtual conference with speakers from SANS and Dragos, Inc. covering topics from building your own ICS range, analyzing ICS vulnerabilities, thinking through the easiest and low cost actions you can take to better enable ICS security quickly, and more.

There are a lot of people that have signed up so I want to provide some quick details ahead of the email going out about this Monday April 27th. You can register for the event here

The conference agenda is published at the link I posted and it’s pretty self explanatory. The only thing to call out is that the times are different than normal; we did that so that folks across the US could easily access it and it’s long enough that folks across the world can participate in different parts of it from a time zone perspective; it’s difficult to balance this but the sessions are all being recorded. If you sign up you will get the slides and recordings after the fact. The only confusing thing is that initially the webinar was going to be run on GoToWebinar as all SANS presentations are but after we blew past the limit (well over 3,500 have signed up already) we switched to Zoom (yes we evaluated the security concerns and found Zoom’s response and actions to be appropriate). So if you have a calendar invite for GoToWebinar that’s a legacy thing. However, there’s nothing you need to do. On the day of the conference simply go to the same registration link that you used to sign up, when you sign in to your SANS portal account that link will turn into the conference link and automatically forward you to the Zoom invite (we have enabled the browser option so you do not need to install the Zoom application if you do not want).

On the ICS CTF I want to draw folks’ attention to a few points to help them prepare. For those of you that have participated in a NetWars before, this is an entirely new and unique DISC ICS NetWars so you won’t see any overlap with previous questions and approaches of the other ICS NetWars run at the various SANS Summits. Additionally, the style will be different anyway since Dragos made Level 3 and Level 4. Here’s the most important details for everyone (these will all be in the email that goes out on Monday but in case you don’t get the email I wanted to write them down in the blog):

  • DISC ICS NetWars is an entirely unique ICS CTF and will only be run at this event
  • The data, questions, and answers will be made available to everyone who registers for the virtual conference, you do not need to register for the CTF to get the data
  • You should only register for the CTF if you plan to play live, it’s limited to 1k people so we want to ensure everyone who wants to play gets to play
  • To register for the CTF you must first register for the conference, then, starting Monday the 27th, in your SANS portal you will see a NetWars registration link; it is first come first serve
  • The style of the CTF is entirely defensive; there will be questions ranging from entry level questions that are multiple choice (e.g. what is the accurate way to describe Fieldbus protocols?), intermediate questions that have data sets (e.g. here’s some PLC ladder logic, analyze it to find the flag), and advanced questions primarily in the form of packet captures (e.g. analyze an ICS range’s data to find flags in ICS protocols, analyze attacks happening, and perform functions across asset identification, threat detection, and response with network security skills)
  • You will be playing at home on your own (teams may be enabled, we’re checking now to see if it’s doable but plan on playing alone as a back up plan if you have a team)
  • You can use your own system and your own tools, no tools or VMs will be provided; I would recommend network security tools and VMs like SecurityOnion or if you’re a SANS alumni your ICS515 VM
  • There will be prizes. It’ll at least include coins and swag but we’re seeing if we can get approval for free SANS events, training, and maybe some Amazon gift cards; we’ll know more at the event
  • Normally at ICS NetWars you can ask questions and get help; we’ll have a Slack channel for everyone and a Zoom link for everyone to join in on if they want to hear our commentary or us answering questions and announcing important information to the participants, but it will be entirely impossible for us to answer 1,000 people’s questions consistently. So plan on only asking questions that relate to technical issues and getting up and running with the data, you will not have much support in the event outside of that
  • The day of the event we’ll have all the appropriate details for everyone and a welcome brief (that will be shared over a Zoom link we’ll distribute in email) to include the Slack channel, some FAQs, and some details to get started. We’ll distribute as much of these as possible ahead of the event especially for those of you who are joining at different times instead of doing the CTF the entire time
  • There will be a leaderboard broadcast through the Zoom conference on the day of the CTF
  • Austin Scott (the lead architect of the CTF) will present the last session at the conference on May 1st to go through Level 3 and 4’s questions and answers. It will not be a full walk through but give you all the answers and details that would have been helpful. Post event, all the questions/answers will be published. People are free to post their own walkthroughs
  • Be Social! The hashtag #DISCSANS is the event (CTF and Conference) hashtag; share helpful tips with people, collaborate with peers, and try to make this as social as possible given the socially distant life to which we are all dealing with
  • If you are intimidated by the concept of a CTF don’t worry. The event is broken into 4 levels.
    • Level 1: QA with multiple choice and hints to help you answer the questions
    • Level 2: Some multiple choice, some exact answer, across some technical data sets such as packet captures, but still with hints enabled and very approachable
    • Level 3 and Level 4: A single packet capture that’ll contain data from an ICS range and a wide variety of technically challenging questions with little to no hints
  • The approach means that the winners will really have to earn it but everyone can play and learn from any background including brand new folks
  • This is an exceptionally important event for people to learn from, it is very difficult to get ICS range data normally especially with attacks and a variety of ICS protocols take this opportunity. 

    Dragos and SANS are doing this for the community as a thank you for everyone always being so awesome but also as an opportunity to help share the world of ICS security and get you all excited about it. As always thank you for your continued learning and excitement. Take care, look for the email on Monday April 27th, check your portal that day regardless, and have fun! If you have any questions use the hashtag #DISCSANS and I’ll try to answer as many as I can ahead of the event.


Share:
TwitterLinkedInFacebook
Copy url Url was copied to clipboard
Subscribe to SANS Newsletters
Receive curated news, vulnerabilities, & security awareness tips
United States
Canada
United Kingdom
Spain
Belgium
Denmark
Norway
Netherlands
Australia
India
Japan
Singapore
Afghanistan
Aland Islands
Albania
Algeria
American Samoa
Andorra
Angola
Anguilla
Antarctica
Antigua and Barbuda
Argentina
Armenia
Aruba
Austria
Azerbaijan
Bahamas
Bahrain
Bangladesh
Barbados
Belarus
Belize
Benin
Bermuda
Bhutan
Bolivia
Bonaire, Sint Eustatius, and Saba
Bosnia And Herzegovina
Botswana
Bouvet Island
Brazil
British Indian Ocean Territory
Brunei Darussalam
Bulgaria
Burkina Faso
Burundi
Cambodia
Cameroon
Cape Verde
Cayman Islands
Central African Republic
Chad
Chile
China
Christmas Island
Cocos (Keeling) Islands
Colombia
Comoros
Cook Islands
Costa Rica
Croatia (Local Name: Hrvatska)
Curacao
Cyprus
Czech Republic
Democratic Republic of the Congo
Djibouti
Dominica
Dominican Republic
East Timor
East Timor
Ecuador
Egypt
El Salvador
Equatorial Guinea
Eritrea
Estonia
Ethiopia
Falkland Islands (Malvinas)
Faroe Islands
Fiji
Finland
France
French Guiana
French Polynesia
French Southern Territories
Gabon
Gambia
Georgia
Germany
Ghana
Gibraltar
Greece
Greenland
Grenada
Guadeloupe
Guam
Guatemala
Guernsey
Guinea
Guinea-Bissau
Guyana
Haiti
Heard And McDonald Islands
Honduras
Hong Kong
Hungary
Iceland
Indonesia
Iraq
Ireland
Isle of Man
Israel
Italy
Jamaica
Jersey
Jordan
Kazakhstan
Kenya
Kiribati
Korea, Republic Of
Kosovo
Kuwait
Kyrgyzstan
Lao People's Democratic Republic
Latvia
Lebanon
Lesotho
Liberia
Liechtenstein
Lithuania
Luxembourg
Macau
Macedonia
Madagascar
Malawi
Malaysia
Maldives
Mali
Malta
Marshall Islands
Martinique
Mauritania
Mauritius
Mayotte
Mexico
Micronesia, Federated States Of
Moldova, Republic Of
Monaco
Mongolia
Montenegro
Montserrat
Morocco
Mozambique
Myanmar
Namibia
Nauru
Nepal
Netherlands Antilles
New Caledonia
New Zealand
Nicaragua
Niger
Nigeria
Niue
Norfolk Island
Northern Mariana Islands
Oman
Pakistan
Palau
Palestine
Panama
Papua New Guinea
Paraguay
Peru
Philippines
Pitcairn
Poland
Portugal
Puerto Rico
Qatar
Reunion
Romania
Russian Federation
Rwanda
Saint Bartholemy
Saint Kitts And Nevis
Saint Lucia
Saint Martin
Saint Vincent And The Grenadines
Samoa
San Marino
Sao Tome And Principe
Saudi Arabia
Senegal
Serbia
Seychelles
Sierra Leone
Sint Maarten
Slovakia
Slovenia
Solomon Islands
South Africa
South Georgia and the South Sandwich Islands
South Sudan
Sri Lanka
St. Helena
St. Pierre And Miquelon
Suriname
Svalbard And Jan Mayen Islands
Swaziland
Sweden
Switzerland
Taiwan
Tajikistan
Tanzania
Thailand
Togo
Tokelau
Tonga
Trinidad And Tobago
Tunisia
Turkey
Turkmenistan
Turks And Caicos Islands
Tuvalu
Uganda
Ukraine
United Arab Emirates
United States Minor Outlying Islands
Uruguay
Uzbekistan
Vanuatu
Vatican City
Venezuela
Vietnam
Virgin Islands (British)
Virgin Islands (U.S.)
Wallis And Futuna Islands
Western Sahara
Yemen
Yugoslavia
Zambia
Zimbabwe

By providing this information, you agree to the processing of your personal data by SANS as described in our Privacy Policy.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Recommended Training

  • ICS410: ICS/SCADA Security Essentials
  • LDR521: Leading Cybersecurity Change: Building a Security-Based Culture
  • LEG523: Law of Data Security and Investigations

Tags:
  • Industrial Control Systems Security

Related Content

Blog
ICS_Summit_Blog_Teaser.jpg
Industrial Control Systems Security, Digital Forensics and Incident Response
June 2, 2022
A Visual Summary of SANS ICS Security Summit 2022
On June 2nd and 3rd, thousands from around the globe tuned in for the SANS ICS Security Summit. We invited Ashton Rodenhiser of Mind's Eye Creative to create graphic recordings of our Summit presentations. If you missed a talk or are looking to view the SANS ICS Security Summit through a visual...
370x370-person-placeholder.png
Emily Blades
read more
Blog
Top 10 SANS Summits Talks of 2021
Digital Forensics and Incident Response, Industrial Control Systems Security, Cyber Defense, Purple Team, Cloud Security, Open-Source Intelligence (OSINT)
December 9, 2021
Top 10 SANS Summits Talks of 2021
This year, SANS hosted 13 Summits with 275 talks. Here were the top-rated talks of the year.
370x370-person-placeholder.png
Emily Blades
read more
Blog
Industrial Control Systems Security
March 9, 2021
SANS ICS Security Summit Keynote: Anne Neuberger
Anne Neuberger, Deputy National Security Advisor for Cyber, delivered the 2021 ICS Security Summit keynote
370x370_jennifer-santiago.jpg
Jennifer E Santiago (Moderator)
read more
  • Register to Learn
  • Courses
  • Certifications
  • Degree Programs
  • Cyber Ranges
  • Job Tools
  • Security Policy Project
  • Posters & Cheat Sheets
  • White Papers
  • Focus Areas
  • Cyber Defense
  • Cloud Security
  • Cybersecurity Leadership
  • Digital Forensics
  • Industrial Control Systems
  • Offensive Operations
Subscribe to SANS Newsletters
Receive curated news, vulnerabilities, & security awareness tips
United States
Canada
United Kingdom
Spain
Belgium
Denmark
Norway
Netherlands
Australia
India
Japan
Singapore
Afghanistan
Aland Islands
Albania
Algeria
American Samoa
Andorra
Angola
Anguilla
Antarctica
Antigua and Barbuda
Argentina
Armenia
Aruba
Austria
Azerbaijan
Bahamas
Bahrain
Bangladesh
Barbados
Belarus
Belize
Benin
Bermuda
Bhutan
Bolivia
Bonaire, Sint Eustatius, and Saba
Bosnia And Herzegovina
Botswana
Bouvet Island
Brazil
British Indian Ocean Territory
Brunei Darussalam
Bulgaria
Burkina Faso
Burundi
Cambodia
Cameroon
Cape Verde
Cayman Islands
Central African Republic
Chad
Chile
China
Christmas Island
Cocos (Keeling) Islands
Colombia
Comoros
Cook Islands
Costa Rica
Croatia (Local Name: Hrvatska)
Curacao
Cyprus
Czech Republic
Democratic Republic of the Congo
Djibouti
Dominica
Dominican Republic
East Timor
East Timor
Ecuador
Egypt
El Salvador
Equatorial Guinea
Eritrea
Estonia
Ethiopia
Falkland Islands (Malvinas)
Faroe Islands
Fiji
Finland
France
French Guiana
French Polynesia
French Southern Territories
Gabon
Gambia
Georgia
Germany
Ghana
Gibraltar
Greece
Greenland
Grenada
Guadeloupe
Guam
Guatemala
Guernsey
Guinea
Guinea-Bissau
Guyana
Haiti
Heard And McDonald Islands
Honduras
Hong Kong
Hungary
Iceland
Indonesia
Iraq
Ireland
Isle of Man
Israel
Italy
Jamaica
Jersey
Jordan
Kazakhstan
Kenya
Kiribati
Korea, Republic Of
Kosovo
Kuwait
Kyrgyzstan
Lao People's Democratic Republic
Latvia
Lebanon
Lesotho
Liberia
Liechtenstein
Lithuania
Luxembourg
Macau
Macedonia
Madagascar
Malawi
Malaysia
Maldives
Mali
Malta
Marshall Islands
Martinique
Mauritania
Mauritius
Mayotte
Mexico
Micronesia, Federated States Of
Moldova, Republic Of
Monaco
Mongolia
Montenegro
Montserrat
Morocco
Mozambique
Myanmar
Namibia
Nauru
Nepal
Netherlands Antilles
New Caledonia
New Zealand
Nicaragua
Niger
Nigeria
Niue
Norfolk Island
Northern Mariana Islands
Oman
Pakistan
Palau
Palestine
Panama
Papua New Guinea
Paraguay
Peru
Philippines
Pitcairn
Poland
Portugal
Puerto Rico
Qatar
Reunion
Romania
Russian Federation
Rwanda
Saint Bartholemy
Saint Kitts And Nevis
Saint Lucia
Saint Martin
Saint Vincent And The Grenadines
Samoa
San Marino
Sao Tome And Principe
Saudi Arabia
Senegal
Serbia
Seychelles
Sierra Leone
Sint Maarten
Slovakia
Slovenia
Solomon Islands
South Africa
South Georgia and the South Sandwich Islands
South Sudan
Sri Lanka
St. Helena
St. Pierre And Miquelon
Suriname
Svalbard And Jan Mayen Islands
Swaziland
Sweden
Switzerland
Taiwan
Tajikistan
Tanzania
Thailand
Togo
Tokelau
Tonga
Trinidad And Tobago
Tunisia
Turkey
Turkmenistan
Turks And Caicos Islands
Tuvalu
Uganda
Ukraine
United Arab Emirates
United States Minor Outlying Islands
Uruguay
Uzbekistan
Vanuatu
Vatican City
Venezuela
Vietnam
Virgin Islands (British)
Virgin Islands (U.S.)
Wallis And Futuna Islands
Western Sahara
Yemen
Yugoslavia
Zambia
Zimbabwe

By providing this information, you agree to the processing of your personal data by SANS as described in our Privacy Policy.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
  • © 2023 SANS™ Institute
  • Privacy Policy
  • Contact
  • Careers
  • Twitter
  • Facebook
  • Youtube
  • LinkedIn