Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Industrial Cybersecurity

You're reading from   Industrial Cybersecurity Efficiently monitor the cybersecurity posture of your ICS environment

Arrow left icon
Product type Paperback
Published in Oct 2021
Publisher Packt
ISBN-13 9781800202092
Length 800 pages
Edition 2nd Edition
Arrow right icon
Author (1):
Arrow left icon
Pascal Ackerman Pascal Ackerman
Author Profile Icon Pascal Ackerman
Pascal Ackerman
Arrow right icon
View More author details
Toc

Table of Contents (26) Chapters Close

Preface 1. Section 1: ICS Cybersecurity Fundamentals
2. Chapter 1: Introduction and Recap of First Edition FREE CHAPTER 3. Chapter 2: A Modern Look at the Industrial Control System Architecture 4. Chapter 3: The Industrial Demilitarized Zone 5. Chapter 4: Designing the ICS Architecture with Security in Mind 6. Section 2:Industrial Cybersecurity – Security Monitoring
7. Chapter 5: Introduction to Security Monitoring 8. Chapter 6: Passive Security Monitoring 9. Chapter 7: Active Security Monitoring 10. Chapter 8: Industrial Threat Intelligence 11. Chapter 9: Visualizing, Correlating, and Alerting 12. Section 3:Industrial Cybersecurity – Threat Hunting
13. Chapter 10: Threat Hunting 14. Chapter 11: Threat Hunt Scenario 1 – Malware Beaconing 15. Chapter 12: Threat Hunt Scenario 2 – Finding Malware and Unwanted Applications 16. Chapter 13: Threat Hunt Scenario 3 – Suspicious External Connections 17. Section 4:Industrial Cybersecurity – Security Assessments and Intel
18. Chapter 14: Different Types of Cybersecurity Assessments 19. Chapter 15: Industrial Control System Risk Assessments
20. Chapter 16: Red Team/Blue Team Exercises 21. Chapter 17: Penetration Testing ICS Environments 22. Section 5:Industrial Cybersecurity – Incident Response for the ICS Environment
23. Chapter 18: Incident Response for the ICS Environment 24. Chapter 19: Lab Setup 25. Other Books You May Enjoy

Forming the malicious or unwanted applications threat hunting hypothesis

As we discussed in Chapter 10, Threat Hunting, threat hunting exercises are geared around hypotheses. Typically, hypotheses follow or reflect a discovered security incident or some form of an alert from an automated security monitoring system or a finding from a security analyst. The threat hunting exercise we will be performing in this chapter works a bit differently; the environment we are going to perform threat hunting activities in is unfamiliar or new to us. For example, our company purchased a new production plant with an existing ICS network infrastructure they are looking to tie to the existing company infrastructure, and we want to make sure that it is safe to do so. Another scenario would be when you have run your ICS network for ages but never seriously looked at the state of its security posture; in this case, these "unprovoked" types of threat hunting exercises can quickly and accurately...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image