Workshop: Introduction to OT/ICS Penetration Testing (9AM – 3PM)
About This Session
(Free for all Full Conference Pass Holders!)
Workshop: Time: 9:00 AM – 3:00 PM 🕒 [Certificate of Completion (4 CPEs) – awarded after passing a short 10-question quiz] (Free for conference participants)
Penetration testing in operational technology (OT) and industrial control systems (ICS) is often misunderstood and underexplored. Few resources exist to help security professionals understand how to safely and effectively test these environments, leading to misconceptions and gaps in cybersecurity programs.
This workshop is designed to bridge that gap, offering a comprehensive, hands-on experience packed with knowledge and practical labs. Participants will learn how OT penetration testing differs from IT testing, how to evaluate the security of OT networks and assets (such as PLCs and HMIs), and most importantly, how to conduct testing safely.
By the end of this course, attendees will be able to identify security weaknesses in their OT/ICS environments and gain the attacker’s perspective in critical industries such as power generation, chemical refining, and water treatment.
Hands-on labs are included and can be completed at your own pace, providing a deeper understanding of how adversaries target and compromise OT/ICS networks.
Agenda
Part 1: Course Introduction
Part 2: Getting Started with OT/ICS Penetration Testing
Part 3: The OT/ICS Penetration Testing Framework
Part 4: Reconnaissance and OSINT
Part 5: Discovery and Enumerating OT Assets
Part 6: Attacking and Compromising OT Assets
Part 7: Impacting Operators and Industrial Processes
[No additional fee for this workshop]
Workshop: Time: 9:00 AM – 3:00 PM 🕒 [Certificate of Completion (4 CPEs) – awarded after passing a short 10-question quiz] (Free for conference participants)
Penetration testing in operational technology (OT) and industrial control systems (ICS) is often misunderstood and underexplored. Few resources exist to help security professionals understand how to safely and effectively test these environments, leading to misconceptions and gaps in cybersecurity programs.
This workshop is designed to bridge that gap, offering a comprehensive, hands-on experience packed with knowledge and practical labs. Participants will learn how OT penetration testing differs from IT testing, how to evaluate the security of OT networks and assets (such as PLCs and HMIs), and most importantly, how to conduct testing safely.
By the end of this course, attendees will be able to identify security weaknesses in their OT/ICS environments and gain the attacker’s perspective in critical industries such as power generation, chemical refining, and water treatment.
Hands-on labs are included and can be completed at your own pace, providing a deeper understanding of how adversaries target and compromise OT/ICS networks.
Agenda
Part 1: Course Introduction
Part 2: Getting Started with OT/ICS Penetration Testing
Part 3: The OT/ICS Penetration Testing Framework
Part 4: Reconnaissance and OSINT
Part 5: Discovery and Enumerating OT Assets
Part 6: Attacking and Compromising OT Assets
Part 7: Impacting Operators and Industrial Processes
[No additional fee for this workshop]
Speaker
Mike Holcomb
Director - ICS/OT Cyber Security - Fluor Corporation
Mike Holcomb is the Fellow of Cybersecurity and the ICS/OT Cybersecurity Global Lead for Fluor, one of the largest global engineering, procurement, and construction companies. His current role provides him with the opportunity to work in securing some of the world’s largest ICS/OT environments, from power plants and commuter rail to manufacturing facilities and refineries. He has his Masters degree in ICS/OT cybersecurity from the SANS Technology Institute.
You can find his free educational content on ICS/OT cyber security on LinkedIn (linkedin.com/in/mikeholcomb), YouTube (youtube.com/@utilsec) and mikeholcomb.com.
You can find his free educational content on ICS/OT cyber security on LinkedIn (linkedin.com/in/mikeholcomb), YouTube (youtube.com/@utilsec) and mikeholcomb.com.