Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Industrial Cybersecurity

You're reading from   Industrial Cybersecurity Efficiently monitor the cybersecurity posture of your ICS environment

Arrow left icon
Product type Paperback
Published in Oct 2021
Publisher Packt
ISBN-13 9781800202092
Length 800 pages
Edition 2nd Edition
Arrow right icon
Author (1):
Arrow left icon
Pascal Ackerman Pascal Ackerman
Author Profile Icon Pascal Ackerman
Pascal Ackerman
Arrow right icon
View More author details
Toc

Table of Contents (26) Chapters Close

Preface 1. Section 1: ICS Cybersecurity Fundamentals
2. Chapter 1: Introduction and Recap of First Edition FREE CHAPTER 3. Chapter 2: A Modern Look at the Industrial Control System Architecture 4. Chapter 3: The Industrial Demilitarized Zone 5. Chapter 4: Designing the ICS Architecture with Security in Mind 6. Section 2:Industrial Cybersecurity – Security Monitoring
7. Chapter 5: Introduction to Security Monitoring 8. Chapter 6: Passive Security Monitoring 9. Chapter 7: Active Security Monitoring 10. Chapter 8: Industrial Threat Intelligence 11. Chapter 9: Visualizing, Correlating, and Alerting 12. Section 3:Industrial Cybersecurity – Threat Hunting
13. Chapter 10: Threat Hunting 14. Chapter 11: Threat Hunt Scenario 1 – Malware Beaconing 15. Chapter 12: Threat Hunt Scenario 2 – Finding Malware and Unwanted Applications 16. Chapter 13: Threat Hunt Scenario 3 – Suspicious External Connections 17. Section 4:Industrial Cybersecurity – Security Assessments and Intel
18. Chapter 14: Different Types of Cybersecurity Assessments 19. Chapter 15: Industrial Control System Risk Assessments
20. Chapter 16: Red Team/Blue Team Exercises 21. Chapter 17: Penetration Testing ICS Environments 22. Section 5:Industrial Cybersecurity – Incident Response for the ICS Environment
23. Chapter 18: Incident Response for the ICS Environment 24. Chapter 19: Lab Setup 25. Other Books You May Enjoy

Setting up and configuring Security Onion

Security Onion is an open source Linux distribution aimed at providing intrusion detection, NSM, and log management functionality, all within a single appliance (a virtual machine, or VM). Version 16.04 of Security Onion is based on Ubuntu and contains Snort, Suricata, Zeek, Wazuh, and Squert, along with many other security tools. As of the writing of this book, version 16.04 of Security Onion is being phased out in favor of version 2. The major differences between Security Onion and Security Onion 16.04 include the following:

  • Security Onion 2 features a new web interface called Security Onion Console (SOC) that includes native alert management, threat hunting, and pcap (packet capture file format) retrieval.
  • Security Onion 2 adds TheHive and Strelka support for Sigma rules; Grafana/InfluxDB (independent health monitoring/alerting); Fleet (osquery management); and Playbook (a Detection Playbook tool).
  • Security Onion 2 moves...
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime