Tenable Network Security’s Paul Asadoorian will be leading an educational session during the OTDay (operations technology) portion of the conference on January 14, titled, “Tiptoe through the Network: Practical Vulnerability Assessments in Control System Environments.”
The session will provide guidance for performing effective vulnerability assessments in environments where traditional approaches based solely on active scans just won’t work. Some of the techniques Paul will cover include:
- Using credentials to login to systems and audit for missing patches and configuration changes.
- Tuning vulnerability scans to be less intrusive, yet still accurate and providing useful information.
- Implementing passive vulnerability scanning to discover hosts on the network and enumerate vulnerabilities, without sending a single packet to the end-user system.