nozomi-networks-logo

Join Nozomi Networks at S4x22!

April 19-21, 2022 | South Beach, Miami 

Meet with Nozomi Networks Leadership

Don't miss the opportunity to meet with the Nozomi Networks leadership team of experts to discuss your 2022 security strategies and how you can accelerate them with Nozomi Networks. 

  • Edgard Capdevielle, CEO
  • Andrea Carcano, Co-Founder and CPO
  • Stephen Driggers, CRO  
  • Ronny Fredericks, Field CTO 
  • Sandeep Lota, Field CTO 
  • Chet Namboodri, SVP Alliances and Business Development
  • Rich Wenning, VP of Americas Sales

Private meetings are available at the Ritz Carlton, just a short walk from The Surfcomber and The Fillmore Theater.

S4x22-exec-team
Roberto

Speaking Session | PLC EDR: Model Checking of Logic

Tuesday, April 19 | 1:30pm EST | Stage 2 

A model-checking approach that uses a translation of Rockwell’s Ladder Diagrams into an equivalent formal model, on which a set of automatic analysis can be performed. These analysis include checking for logic equivalence and automated test generation, offering benefits in critical environments for detecting malicious or unexpected code behaviors. This research suggests that the use of static analysis techniques for PLC programs needs to be further pushed in order to obtain more secure and reliable programs.

One of the most effective techniques to disrupt a critical industrial processes is to inject PLCs with malicious code. A threat actor gaining access to an Engineering Station may load a program designed to change the process logic or disable security features involved in critical operations. While many general-purpose programming languages nowadays rely on static analysis tools to help with the analysis of memory errors or other security flaws, this is much less the case for PLCs languages and IDEs. So when will we see endpoint detection and response in PLC's?

Speaker: Roberto Bruttomesso, Software Engineer Coordinator

Speaking Session | How IoT Botnets Evade Detection And Analysis

Tuesday, April 19 | 2:00pm EST | Stage 3

Successful botnets are designed to hijack victim devices for extended periods and must spread throughout the host network without detection. Botnet creators have to design features to avoid generating anomalous behavior and hinder analysis by researchers when identified. One key technique to stymie reverse engineering botnet code is to obfuscate the code by compressing or encrypting the executable, called packing.

In this presentation, we'll explore the current status of the packers used by IoT malware providing statistics based on the data collected by Nozomi Networks honeypots. We'll also dig deeper into various obstacles that researchers face analyzing obfuscated samples and how they can be handled.

Speakers: 
Alexey Kleymenov, Sr. Cyber Threat Analyst
Chris Grove, Product Evangelist 
 
Image from iOS (5)-1

Autobahn Training: Top 20 PLC Secure Coding Practices

Thursday, April 21 | 12:30pm EST | Stage 3

OWASP and others have developed secure coding practices for applications. Now there is a Top 20 PLC Secure Coding Practices list. These practices are not classic security controls, and they can be implemented in most PLC’s.

In this session you will get some vivid examples of how to implement some of the practices and why the practices are important. The kind of information you can use to get your team that programs your PLC’s to dig into this issue and the top 20 list.


Speakers
Vivek Ponnada, Nozomi Networks
Josh Ruff, Deloitte & Touche LLC

Make a Pit Stop at Our Cabana 

Don't forget to come say, "HI" on Wednesday afternoon at our Cabana on the upper pool deck at The Surfcomber Hotel. 

Grab some new Nozomi Networks swag and catch up with old friends. 

And, if you're interested, we'll show you how Nozomi Networks helps you maneuver the ever-changing threat landscape with unlimited visibility into complex environments, anomaly and vulnerability detection and accelerated remediation efforts. All at scale. 

For more information on S4x22, full agenda and registration, visit the S4 website. 

linkedin-white twitter-white Nozomi Networks podcast-white

© 2022 Nozomi Networks Inc. All Rights Reserved.