Defenders often find themselves in a position where visibility is either not ideal, or even nonexistent – especially for host artifacts. Using the example of ICS environments, this talk will provide a case study of how network visibility via Bro can be leveraged to gain proxy visibility on the host, with a special emphasis on YARA for file analysis. The same example can be applied to other environments where defenders may have little say in host setup, but effectively control the network.
Never miss the latest ICS news and insights from our experts.
Ready to put your insights into action?
Take the next steps and contact our team today.