Nexus: A Claroty Podcast
83 episodes - English - Latest episode: 8 days ago - ★★★★★ - 4 ratingsNexus is a cybersecurity podcast hosted by Claroty Editorial Director Mike Mimoso. Nexus will feature discussions with cybersecurity leaders, researchers, innovators, and influencers, discussing the topics affecting cybersecurity professionals in OT, IoT, and IoMT environments. Nexus is formerly known as Aperture.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
Sharon Brizinov on Hacking and Securing PLCs
April 20, 2022 04:00 - 34 minutes - 23.6 MBIn this episode of the Aperture podcast, Claroty Team82 vulnerability research lead Sharon Brizinov covers a presentation he’s giving at the S4x22 conference in Miami that explains a unique attack against Siemens SIMATIC 1200 and 1500 PLCs that enabled native code execution on the device. Also, Brizinov explains his participation in the Pwn2Own contest. S4 hosts the only ICS-focused version of Pwn2Own, and this year there are four categories of targets in scope: control servers, OPC UA serv...
Kylie McClanahan on Automating the Gathering of Vulnerability Information
March 29, 2022 04:00 - 41 minutes - 28.2 MBKylie McClanahan, a University of Arkansas doctoral student and senior developer at Bastazo, joins the Aperture podcast to discuss her research into automating the gathering of vulnerability remediation and mitigation information from vendors and third-party sources. McClanahan explains how she and colleagues have used machine learning, natural language processing, and keyword techniques, among others, to parse mitigation advice from vendor advisories and alerts from third-party sources suc...
Kylie McClanahan on Automating the Gathering of Vulnerability Information
March 29, 2022 04:00 - 41 minutes - 28.2 MBKylie McClanahan, a University of Arkansas doctoral student and senior developer at Bastazo, joins the Aperture podcast to discuss her research into automating the gathering of vulnerability remediation and mitigation information from vendors and third-party sources. McClanahan explains how she and colleagues have used machine learning, natural language processing, and keyword techniques, among others, to parse mitigation advice from vendor advisories and alerts from third-party sources suc...
Sean Tufts on OT Security Culture, Technology Challenges
February 24, 2022 05:00 - 40 minutes - 27.9 MBSean Tufts, ICS and OT security practice director at Optiv, joins the Claroty Aperture podcast to discuss some of the security technology and cultural challenges facing industrial enterprises as they deal with digital transformation and convergence. Tufts, a former NFL player and college football star, also shares his non-conventional career path to OT cybersecurity and how some of the skills translate from pro sports to his second career.
Sean Tufts on OT SOC Playbooks, Culture Challenges
February 24, 2022 05:00 - 40 minutes - 27.9 MBSean Tufts, ICS and OT security practice director at Optiv, joins the Claroty Aperture podcast to discuss some of the security technology and cultural challenges facing industrial enterprises as they deal with digital transformation and convergence. Tufts, a former NFL player and college football star, also shares his non-conventional career path to OT cybersecurity and how some of the skills translate from pro sports to his second career.
Patrick Miller on Securing Critical Infrastructure in a Time of Conflict
February 17, 2022 17:00 - 43 minutes - 29.7 MBVeteran ICS cybersecurity expert Patrick Miller joins Claroty's Aperture podcast to discuss the proactive measures ICS cybersecurity managers and OT asset owners and operators should be taking right now in light of geopolitical tensions around the world. Miller recently wrote a blog explaining what and how electric utilities and other CI organizations should be communicating and sharing in the event of conflict between Russia and Ukraine spilling over onto the internet. He elaborates on tha...
OT-ISAC on Information-Sharing, Incident Recovery
January 30, 2022 05:00 - 41 minutes - 28.3 MBBill Nelson, director and officer of the OT-ISAC, joins the podcast to discuss the growing need for adequate sharing of threat intelligence and incident information among operational technology professionals, including asset owners and security practitioners. Nelson explains some of the information-sharing challenges that continue to shadow ISACs, and why member organizations may be hesitant to share incident details. He also discusses a new operational resilience framework in development t...
Tom VanNorman on OT Cybersecurity Skills Gap
January 12, 2022 05:00 - 40 minutes - 27.5 MBICS Village cofounder Tom VanNorman joins the Aperture podcast to discuss the recently announced Cybersecurity & Industrial Infrastructure Security Apprenticeship Program that aims to improve cybersecurity knowledge within operational technology. ICS Village is part of a consortium behind this apprenticeship program along with Siemens Energy, SANS Institute, and a number of academic institutions. The aim is to integrate academic classes, training, and real-world job rotations at leading indu...
Claroty, JFrog on Fuzzing BusyBox
November 28, 2021 05:00 - 38 minutes - 26.6 MBClaroty researcher Vera Mens and JFrog researcher Shachar Menashe join the podcast to discuss a recent research collaboration between the two companies that looked at the security of BusyBox. Busybox is a popular embedded Linux utility suite, and is found everywhere in operational technology, including in devices such as PLCs, HMIs, and RTUs. The researchers published a paper that describes 14 vulnerabilities uncovered in BusyBox—all of which were patched—and the custom fuzzing harnesses us...
ZDI's Dustin Childs on Pwn2Own Miami
November 15, 2021 05:00 - 35 minutes - 24.5 MBDustin Childs of the Zero Day Initiative (ZDI) joins Claroty's Aperture podcast to discuss the upcoming Pwn2Own Miami hacking contest. This is the only hacking contest focused on finding zero-day vulnerabilities in industrial control systems (ICS) and operational technology (OT), and it will be held during the S4 conference in January. Childs is a veteran of the security industry and Pwn2Own, which is 16 years old. Pwn2Own Miami will be the second such event with an ICS focus. Researchers ...
Exploring and Navigating OT for CISOs
November 10, 2021 05:00 - 42 minutes - 28.9 MBSplunk OT security strategist Chris Duffey and Global Advisory CISO Doug Brush join Claroty's Aperture podcast to discuss how CISOs can and must navigate the world of industrial control system (ICS) and operational technology cybersecurity. Digital transformation and convergence have forced IT and OT under the same umbrella for many industrial enterprises and critical infrastructure. For many CISOs, managing OT cybersecurity is a whole new world of risk management strategies, technologies,...
Gary E. Miller on the GPSD Bug
October 27, 2021 04:00 - 39 minutes - 27.1 MBGary E. Miller, principal maintainer of GPSD, joins the Aperture Podcast to discuss a bug in this service that potentially could have caused some disruptions on devices that rely on global positioning systems for precise time-keeping. GPSD is a service daemon that extracts time information from GPS appliances. GPSD can be found in anything from mobile phones, to submarine navigation systems, and satellites. There are also industrial applications that reply on GPS for timing, including flow ...
Top 20 Secure PLC Coding Practices List
September 28, 2021 17:00 - 40 minutes - 27.8 MBMartin Scheu and Dirk Rotermund of the Top 20 Secure PLC Coding Practices project join Claroty's Aperture podcast to discuss how engineers can integrate secure coding practices into PLC programming. The group's list of secure coding practices was released earlier this year and is available as a free download. It’s a 44-page document that includes not only the list of secure coding practices, but also detailed guidance for each, and where they map to on certain frameworks such as MITRE ATT&C...
Dennis Fisher on 'When Bug Bounties Went Boom'
September 20, 2021 04:00 - 42 minutes - 28.9 MBDecipher Editor in Chief Dennis Fisher joins the podcast to discuss a series he recently published on the history and evolution of bug bounties. In the series, Dennis talks to the hackers and researchers who took an idea and turned it into one of information security's most well-known and lucrative industries. In this episode, Fisher covers the early days of bug bounties, the No More Free Bugs movement, the legal landmines researchers faced doing vulnerability research—essentially for free—...
Tom Pace on SBOMs for ICS and OT
August 22, 2021 04:00 - 48 minutes - 33.6 MBTom Pace, founder of security company NetRise joins Claroty's Aperture Podcast to discuss SBOMs, or software bill of materials, and how they can be leveraged to improve industrial control system and operational technology cybersecurity. SBOMs are analogous to ingredient labels on food products, or parts lists for automobiles. Yet for ICS and OT equipment, they are a rarity. That lack of visibility into software and firmware components puts organizations at risk in the event of an incident,...
Tony Baker on OT Cybersecurity Challenges, CIP Security
August 10, 2021 22:00 - 37 minutes - 25.7 MBRockwell Automation Chief Product Safety and Security Officer Tony Baker joins the Claroty Aperture podcast to discuss the rash of cybersecurity challenges facing critical infrastructure and industry owners and operators. Baker is a Rockwell veteran and has specialized in cybersecurity for the last eight years. He shares his insight on some of the challenges and resource gaps defenders are facing today, as well as the short- and long-term impact of the high-profile industrial cybersecurity ...
Inside the Water Sector Cybersecurity Survey
July 02, 2021 04:00 - 33 minutes - 23.3 MBMichael Arceneaux, managing director of the Water Information Sharing and Analysis Center (WaterISAC), joins Claroty's Aperture podcast for a deep dive into the results of the recently released Water Sector Coordinating Council's cybersecurity survey. In short, the water sector needs cybersecurity help from industry organizations and the federal government. Respondents, identified four critical areas of need ranging from training, to improved cybersecurity tools and threat information, to ...
Adm. Mike Rogers on Ransomware and OT
June 25, 2021 04:00 - 42 minutes - 29.4 MBRetired Adm. Mike Rogers, former NSA Director and U.S. Cyber Command Commander, joins Claroty's Aperture Podcast to lend his insight and expertise into the rash of ransomware attacks starting to impact operational technology (OT) environments and critical infrastructure. Rogers covers the risk assessments that industrial enterprises are undertaking to handle the ransomware threat, and how to best response in the event of an incident. The discussion also ranges into: Cyber resilience in OT...
Mandiant on Low-Sophistication OT Attacks
June 08, 2021 04:00 - 42 minutes - 29 MBMandiant Threat Intelligence Senior Manager Nathan Brubaker joins the Aperture Podcast to discuss the growing trend of low-sophistication attacks targeting operational technology and industrial control systems. Nathan coauthored a recent Mandiant report on the subject, identifying a number of trends worth monitoring as industrial enterprises continue to connect OT to the internet and converge IT and OT systems internally. Attackers are exploiting connectivity to sometimes interact with i...
E-ISAC on Biden 100-Day Plan for Power Grid Cybersecurity
May 18, 2021 04:00 - 33 minutes - 22.9 MBManny Cancel, CEO of the Electricity-ISAC, joins the Aperture podcast for a wide-ranging discussion on cybersecurity issues affecting electricity utilities and critical infrastructure. Cancel shares his thoughts on the Biden Administration's recent announcement of a 100-day plan to improve electricity and power grid cybersecurity. Specifically, the plan calls for the identification and deployment of technologies and systems that improve situational awareness and response capabilities for ele...
E-ISAC on Biden 100-Day Plan for Power Grid Cybersecurity
May 18, 2021 04:00 - 33 minutes - 22.9 MBManny Cancel, CEO of the Electricity-ISAC, joins the Aperture podcast for a wide-ranging discussion on cybersecurity issues affecting electricity utilities and critical infrastructure. Cancel shares his thoughts on the Biden Administration's recent announcement of a 100-day plan to improve electricity and power grid cybersecurity. Specifically, the plan calls for the identification and deployment of technologies and systems that improve situational awareness and response capabilities for ele...
Katie Moussouris on Dan Kaminsky, Pay Equity, Vulnerability Disclosure Progress
April 29, 2021 04:00 - 41 minutes - 28.7 MBLuta Security founder, security entrepreneur, and vulnerability disclosure pioneer Katie Moussouris joins the Aperture Podcast to talk about influential researcher Dan Kaminsky, who died April 23 at 42 years old. Katie discusses the breadth of Dan's work as a researcher, and his friendship, empathy, and outreach within the security community. Katie also talks about her work advocating for pay, gender and employment equity, and how her mother persevered as a single mother earning significant...
Kaspersky Lab, Claroty on OPC Security Research
March 30, 2021 19:00 - 43 minutes - 30.2 MBOn this episode of Claroty's Aperture Podcast, researchers from Claroty and Kaspersky Lab join to discuss security research into the OPC protocol. OPC is a protocol stack that is used for interoperability between disparate vendor communication protocols in the ICS domain. Kaspersky Lab's Evgeny Goncharov and Claroty's Sharon Brizinov and Uri Katz bring their respective experience researching OPC and discuss why it's a critical protocol for OT networks. In 2018, Kaspersky Lab published som...
Kaspersky, Claroty on OPC Security Research
March 30, 2021 19:00 - 43 minutes - 30.2 MBOn this episode of Claroty's Aperture Podcast, researchers from Claroty and Kaspersky join to discuss security research into the OPC protocol. OPC is a protocol stack that is used for interoperability between disparate vendor communication protocols in the ICS domain. Kaspersky's Evgeny Goncharov and Claroty's Sharon Brizinov and Uri Katz bring their respective experience researching OPC and discuss why it's a critical protocol for OT networks. In 2018, Kaspersky Lab published some of th...
Josh Grunzweig on Exchange Zero Days
March 17, 2021 22:00 - 34 minutes - 23.8 MBJosh Grunzweig of Volexity joins the Aperture Podcast to discuss the Microsoft Exchange zero-day vulnerabilities and exploits that have been dominating headlines. Tens of thousands of organizations have already been compromised by attack groups using this bug to dump corporate email, and carry out further attacks such as ransomware or deploying cryptocurrency mining software. Josh's team at Volexity was the first to report in-the-wild exploits of the Exchange zero days, and in this episode,...
Mauro Conti on Assessing the Use of Insecure ICS Protocols
March 10, 2021 06:00 - 31 minutes - 21.7 MBProf. Mauro Conti of the University of Padua, Italy joins the Aperture Podcast to discuss a paper he coauthored last year called Assessing the Use of Insecure ICS Protocols via IXP Network Traffic Analysis. The paper, co-written with Giovanni Barbieri, Nils Ole Tippenhauer, and Federico Turrin of the University of Padua and the Helmholtz Center for Information Security, examines the gaps and exposures presented by connecting industrial control systems to external networks. Many of these ...
Water ISAC on Oldsmar Hack, Sector Cybersecurity
February 22, 2021 23:00 - 41 minutes - 28.2 MBJennifer Lyn Walker and Michael Arceneaux of the Water ISAC join the podcast to discuss the recent cybersecurity incident at the Oldsmar, Fla., water-treatment facility, the state of cybersecurity inside the water & wastewater critical infrastructure sector, and whether organizations are reticent about sharing information about attacks with others in the sector. Walker is a cyber threat analyst with the Water ISAC, while Arceneaux is managing director of the organization. Water ISAC has mor...
Justin Searle on Pen-Testing ICS
January 21, 2021 00:00 - 39 minutes - 26.8 MBJustin Searle, director of ICS security at InGuardians and a SANS Institute ICS security senior instructor, joins the Aperture podcast to discuss penetration testing ICS environments. Justin is a leader in the ICS security community, a 21-year veteran immersed in conducting and teach security assessments worldwide. In this episode, Justin discusses the challenges in pen-testing production industrial environments, the state of pen-testing tooling for ICS, how digital transformation and IT/O...
Justin Searle on Pen-Testing ICS
January 21, 2021 00:00 - 39 minutes - 26.8 MBJustin Searle, director of ICS security at InGuardians and a SANS Institute ICS security senior instructor, joins the Aperture podcast to discuss penetration testing ICS environments. Justin is a leader in the ICS security community, a 21-year veteran immersed in conducting and teach security assessments worldwide. In this episode, Justin discusses the challenges in pen-testing production industrial environments, the state of pen-testing tooling for ICS, how digital transformation and IT/O...
Tom Tervoort on Zerologon
December 17, 2020 23:00 - 41 minutes - 28.3 MBTom Tervoort, a senior security specialist with Netherlands-based Secura, joins the Aperture Podcast to discuss the Zerologon vulnerability in Windows Netlogon. This critical crypto bug in the Netlogon authentication mechanism was discovered by Tom and the Secura team, and patched in August by Microsoft. Since then, exploit code has surfaced and the vulnerability has been used by two separate APT groups. Tom discusses how he "accidentally" discovered Zerologon, the risks posed by successful...
Richard Thomas, Joe Gardiner on CVE Discovery Time for ICS
November 24, 2020 05:00 - 41 minutes - 28.2 MBRichard Thomas of the University of Birmingham and Joseph Gardiner of the Bristol Cyber Security Group, University of Bristol, discuss their recently published paper: "Catch Me If You Can: An In-Depth Study of CVE Discovery Time and Inconsistencies for Managing Risks in Critical Infrastructures." The paper examines how long ICS and OT vulnerabilities are in the wild before being discovered, and also shortcomings in ICS-related CVEs, which are often the first touch organizations have with vul...
Dustin Childs on Vulnerability Disclosure, Pwn2Own, ZDI
November 18, 2020 05:00 - 36 minutes - 25.1 MBDustin Childs, Communications Manager for the Zero Day Initiative (ZDI) joins the Aperture podcast to talk about vulnerability disclosure and its evolution since the early 2000s. Dustin also covers the legacy of ZDI as a vulnerability clearinghouse as it turns 15 this year, some milestones for bug-hunters, and the role of Pwn2Own in maturing disclosures for vendors and researchers alike. The conversation also includes the growing interest in uncovering vulnerabilities in industrial control s...
Introducing Aperture, A Claroty Podcast
November 16, 2020 15:00 - 1 minute - 1.09 MBWelcome to Claroty's brand new podcast, Aperture! hosted by Editorial Director Mike Mimoso. Aperture will feature regular discussions with IT and OT security experts as we focus on protecting the critical infrastructure that impacts so much of our day-to-day lives. Please share the word about the podcast. It will be available on all the major platforms, and on the Claroty blog. Subscribe now so you don't miss any of our discussions. We'll be back soon with compelling discussions with the...