STIX and Stones... and your Security Controls presented at s4x17 2017

by Stephan Chenette, Daniel Michaud-soucy,

Summary : This session will focus on leveraging machine readable threat intelligence, specifically Structured Threat Information eXpression (STIX), in the context of ICS/SCADA. The goal of the presentation is to dissect the automated process of ingesting STIX files and utilizing this information to validate your security controls. Attendees will learn about: ingesting STIX, the different types of cyber observables and associated security controls, the automated conversion to an attack scenarios and the validation of security controls. The session will conclude with a demonstration using real-world ICS specific threat intelligence.