Got GIAC? Free GIAC Cert Attempt Included with OnDemand 5 or 6 Day Training thru July 7


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Sorry, the slides for this webcast are not available for download.

Ripple20: What you need to know

  • Tuesday, August 04, 2020 at 1:00 PM EDT (2020-08-04 17:00:00 UTC)
  • Kate Vajda, Reid Wightman, Tim Conway


  • Dragos, Inc.

You can now attend the webcast using your mobile device!



Despite being one of the most widely deployed vulnerabilities in Industrial IoT creating significant exposure, the recently discovered Ripple20 is one of the most difficult to detect and address. Dragos Senior Vulnerability experts Reid Wightman and Kate Vajda will provide an update of their analysis in this August 4 webinar briefing. 

What you'll learn: 

   Devices impacted

   Prevention strategy

   Mitigation tactics

   Research implications

Speaker Bios

Kate Vajda

Kate Vajda is a Senior Vulnerability Analyst for Dragos Intelligence Team. Kate analyzes public advisories for accuracy, understanding, and correction to feed Intelligence and the Platform. She also performs vulnerability research and assessments of software and hardware, as needed. Kate believes in leaving everything better than she found it with her top two priorities being process and automation.

Prior to Dragos, Kate was a senior security consultant at Secure Ideas, focusing on network penetration testing, architecture reviews, and security program maturity guidance. She also has 8 years experience at a Fortune 500 utility where she worked with several aspects of the company, including business, IT, OT, and security. She started her profession in a network research lab where she was free to explore technology and utilize different techniques for implementation and automation.

Kate is also an adjunct professor in the security program at a local college and a network admin for her local church. She spends her free time playing board games, breaking escape room records, organizing security conferences, and running or playing in CTFs.

Reid Wightman

Dragos Senior Vulnerability Researcher; Reid analyzes publicly disclosed vulnerabilities and determines whether the public reporting is accurate, as well as uncovers just what the true industrial impact of a vulnerability can be. He also performs in-house research and vulnerability assessments on both industrial hardware and software. Reid assists with malware analysis, especially if it involves ICS exploitation.


Tim Conway

Tim Conway serves as the Technical Director for ICS and SCADA programs at SANS and is responsible for developing, reviewing and implementing technical components of the SANS ICS and SCADA product offerings. Recognizing the need for ICS-focused cybersecurity training throughout critical infrastructure environments and an increased need for NERC CIP hands-on training, Tim authored and instructs ICS456: Essentials for NERC Critical Infrastructure Protection. During his career, Tim has served as the chair of the RFC CIPC, chair of the NERC CIP Interpretation Drafting Team, chair of the NERC CIPC GridEx Working Group, and chair of the NBISE Smart Grid Cyber Security panel.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.