Dieter Sarrazyn's Avatar

Dieter Sarrazyn

@dietersar

ICS, OT security enthousiast, #BeerIsac

311
Followers 119
Following 10
Posts 12.11.2024
Joined
Posts Following

Latest posts by Dieter Sarrazyn @dietersar

Preview
New SANS/GIAC study finds cybersecurity skills gap, not talent shortage, at core of workforce crisis Upcoming SANS/GIAC study finds cybersecurity skills gap, not talent shortage, at the core of workforce crisis.

New SANS/GIAC study finds cybersecurity skills gap, not talent shortage, at core of workforce crisis

14.04.2025 21:12 πŸ‘ 0 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Video thumbnail

Smash the Stack with Swiss precision πŸ‡¨πŸ‡­πŸ’»

Join Corelan’s Stack Exploit Dev course in ZΓΌrich, Oct 7-10, 2025. πŸš€

www.eventcreate.com/e/sigs-corel...

πŸ’› Pls share πŸ’›

14.04.2025 07:37 πŸ‘ 1 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Video thumbnail

What our students say on the #Corelan Stack course:

πŸ—£οΈ β€œPeter will refute about every single thing you might have learned so far related to the topic in other courses… and then teach you it the right way from the ground up.”

See for yourself: πŸ‘‰πŸΌ bit.ly/corelan-trai...

27.03.2025 08:58 πŸ‘ 0 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0
Preview
IEC62443, NIS2 and security testing - a happy marriage? - Secudea bv When the NIS2 EU Directive came into effect, I wondered what the implications would be for security testing in industrial environments. After all, a large part of the NIS2 directive focuses on supply ...

Have a look at my newest post to learn more whether IEC62443, NIS2 and security testing are or can be a happy marriage.
secudea.be/2025/02/15/i...

15.02.2025 11:58 πŸ‘ 0 πŸ” 1 πŸ’¬ 0 πŸ“Œ 0

yep, true fact...
we used to have snow every year (some decades ago), now we (some of us) are happy when it finally snows, to realize it's gone after a few hours...
The other half doesn't know how to drive a vehicle anymore at that time...

06.01.2025 06:09 πŸ‘ 1 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

I would not match them, but more like extending the test cases with what is found in the requirements.
But tbh, a good fat/sat approach should already cover all your own security requirements.

30.12.2024 17:34 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0

True, security requirements should idd be set during design phase and verified. First on paper allowing you to catch low hanging fruit and tailor any testing protocol, second by performing technical tests.

30.12.2024 17:32 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Practical side of FAT/SAT testing - Secudea bv While listening to one of the talks at the ISC-CPH conference back in 2022, I realized that nobody is talking about the practical side of performing cyber security tests in a FAT/SAT testing approach....

Some throughs on the practical side of FAT/SAT security testing within #industrial environments - secudea.be/2024/12/30/p...
#ICS #OT #FATSAT

30.12.2024 13:53 πŸ‘ 0 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0
ISC-CPH November 2024 - Secudea bv This year it was the 3rd time visiting the ISC-CPH conference for me, one of the better ICS focused security conferences within Europe. This year again as attendee compared to last year being a presen...

(long overdue) wrap-up of the #ISCCPH conference in Copenhagen last November - secudea.be/2024/12/30/i...
#ICS #OT #industrial

30.12.2024 13:51 πŸ‘ 1 πŸ” 3 πŸ’¬ 0 πŸ“Œ 0

*sigh* this has been a good security practice for several decades already (when I was still installing firewalls), so I find it a bit strange that this suddenly becomes a hot topic... are people forgetting the good stuff, what works, the basics?? Is everybody falling for buzz words instead?

09.12.2024 20:54 πŸ‘ 0 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

Welcome to BlueSky, Andy. @defend-the-future.bsky.social
Miss you buddy, call me sometime.

He's #100 on my ICS/OT Starter Pack
go.bsky.app/SQygf7K

Who else do I need to add?

20.11.2024 19:20 πŸ‘ 8 πŸ” 1 πŸ’¬ 0 πŸ“Œ 2

well... I sure hope other tools would also be possible to be used within segmented networks without needing direct access to the internet to fetch updates...

16.11.2024 12:44 πŸ‘ 1 πŸ” 0 πŸ’¬ 0 πŸ“Œ 0
Preview
Microsoft ends development of Windows Server Update Services (WSUS) Microsoft has officially announced that Windows Server Update Services (WSUS) is now deprecated, but plans to maintain current functionality and continue publishing updates through the channel.

What are other OT/ICS security folk thinking about WSUS being deprecated?

I'd expected to see more reaction and alternatives being promoted.

#infosec #ics #ot

www.bleepingcomputer.com/news/microso...

16.11.2024 11:12 πŸ‘ 2 πŸ” 1 πŸ’¬ 4 πŸ“Œ 0

nice :-) let me know when this plan is formalizing :-)

13.11.2024 23:20 πŸ‘ 0 πŸ” 0 πŸ’¬ 1 πŸ“Œ 0

Or to BruCon

13.11.2024 23:19 πŸ‘ 1 πŸ” 1 πŸ’¬ 1 πŸ“Œ 0
Post image

I created the ICS/OT Security starter pack. Please give it a follow and let me know if I'm missing anyone.

go.bsky.app/SQygf7K

13.11.2024 17:56 πŸ‘ 87 πŸ” 36 πŸ’¬ 14 πŸ“Œ 6

hi Stephen, missing you in CPH ;-)

13.11.2024 23:14 πŸ‘ 1 πŸ” 0 πŸ’¬ 2 πŸ“Œ 0