SLIDE 1
如何即時固守 OT 工業控制的 最後一道資安防線
Seize the last chance of preventing OT Cyberattack proactively
Gwen Hsieh
- Sr. Offering Manger, IBM Security
IBM X-Force signatures related to ICS related products and protocols - - PowerPoint PPT Presentation
IBM X-Force signatures related to ICS related products and protocols - - PowerPoint PPT Presentation
OT Seize the last chance of preventing OT Cyberattack proactively Gwen Hsieh Sr. Offering Manger, IBM Security IBM X-Force signatures related to ICS related products and protocols
SLIDE 2
SLIDE 3
SLIDE 4
SLIDE 5
SLIDE 6
SLIDE 7
SLIDE 8
SLIDE 9
IBM X-Force signatures related to ICS related products and protocols
Provides the protection for more than 1,000 high-risk and critical vulnerabilities or attacks.
Signatures Severity Scada_IGSS_Collection_Chunk_Overflow High Scada_IGSS_Collection_Traversal Medium Scada_IGSSdataServer_Command_Overflow High Scada_IGSSdataServer_LogText_Format_Strin g High Scada_IGSSdataServer_RMS_Overflow High Scada_IGSSdataServer_StdReport_Overflow High Scada_IGSSdataServer_Dir_Traversal Medium Scada_KingView_History_Generic_Overflow High Scada_KingView_History_Opcode3_Overflow High Realwin_Scada_Fcinfotagsetcontrol_Bo High Realwin_Scada_HMI_Integer_Overflow High Realwin_Scada_HMI_Multiple_Overflow High Realwin_Scada_String_Overflow High Scada_DNP_Unknown_Protocol (*) Low Scada_DNP_Malformed (*) Medium Scada_ICCP_Long_TPDU High Scada_Modbus_IncorrectLength (*) Medium Scada_Modbus_TooLarge (*) Medium DCOM_Scada_Opc_Bo (*) High Scada_Citect_ODBC_BO High
- Attack signatures for specific vulnerabilities
in equipment
Honeywell Siemens PCL Schneider Electric Interactive Graphical SCADA System KingView / WellinTech RealWin SCADA System / RealFlex LiveData ICCP Server / Live Data
- Attack signatures for ICS, PLC, SCADA
protocol anomalies
Distributed Network Protocol (DNP) Modbus DCOM - Distributed Common Object Model protocol
- Attack signatures for DNP, Modbus, DCOM
protocols such as query, restart, etc.
SLIDE 10