3 Days Left to Get MacBook Air, $400 Amazon Gift Card, or Take $400 Off with OnDemand Training


To attend this webcast, login to your SANS Account or create your Account.

MythBusters: ICS Edition

  • Wednesday, December 05, 2018 at 1:00 PM EST (2018-12-05 18:00:00 UTC)
  • Alissa Torres, Mike Thompson


  • DomainTools

You can now attend the webcast using your mobile device!



Industrial Control Systems (or ICS) are a hot topic in both the security sphere and at large. As critical infrastructure is increasingly internet connected, its important to understand the realities of "ICS attacks" independently of their threat landscape. Fear, uncertainty, and doubt (FUD) often dominate the conversation around ICS attacks rather than the technical realities of these protocols that both make them difficult to defend and difficult to successfully exploit.

Join SANS Principal Instructor, Alissa Torres, and DomainTools Senior Data Systems Engineer, Mike Thompson, to understand ICS infrastructure. This presentation will focus on modbus and DNP3 protocols and aim to demystify what these attack protocols look like, and why they aren't as bad as the FUD (fear, uncertainty, doubt) may lead us to believe.

In this webinar, Alissa and Mike will discuss:

  • A brief exploration of ICS infrastructure
  • Examples of protocols like Modbus and DNP3
  • Real world case studies of ICS attacks
  • How to improve your organization's security hygiene

Speaker Bios

Alissa Torres

Alissa Torres is a SANS analyst and certified SANS instructor specializing in advanced computer forensics and incident response (IR). She has extensive experience in information security in the government, academic and corporate environments. Alissa has served as an incident handler and as a digital forensic investigator on an internal security team. She has taught at the Defense Cyber Investigations Training Academy (DCITA), delivering IR and network basics to security professionals entering the forensics community. A GIAC Certified Forensic Analyst (GCFA), Alissa holds the GCFE, GPEN, CISSP, EnCE, CFCE, MCT and CTT+ certifications.

Mike Thompson

Mike Thompson is a Sr Data Systems Engineer at DomainTools. He is interested in studying the Internet as an organism—the way it evolves and changes over time, and what that means for organizations and individuals. Sometimes that requires the perspective of a penetration tester, sometimes a sysadmin, other times a straight up developer or just a curious student. Mike Thompson tries as hard as he can to bring all of these viewpoints to bear in the work that he does.

At his last job as a Cybersecurity Analyst at Argonne National Laboratory, he led the research team that wrote the pioneering study on Internet Infrastructure for the Department of Homeland Security's Office of Infrastructure Protection. He's also co-authored studies on cloud vulnerabilities and remote access to industrial control systems that are currently in use by analysts at the Central Intelligence Agency and Defense Intelligence Agency. He holds multiple patents on server and network defense technologies.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.