This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

OWASP AppSec DC 2012/Real world backdoors on industrial devices

Revision as of 13:48, 28 March 2012 by Mark.bristow (talk | contribs) (Ruben Santamarta)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search


Registration Now OPEN! | Hotel | Schedule | Convention Center |

The Presentation

The ICS security, or the lack of, has been hogging the titles during the last months. The underlying issue behind this fact is that, in a post-stuxnet era, the industrial control systems are facing a totally new scenario, they are not a safe place anymore but a potential and valuable target. A lot of questions arise, but maybe the most important one is: are they prepared to face this threat? This presentation details the whole process of analyzing industrial devices, including methods such as reverse engineering and open source intelligence.
The results of this approach are also elaborated, showing real cases of backdoors found on widely deployed PLCs and SmartMeters

The Speakers

Ruben Santamarta

Ruben Santamarta is a european security researcher specialized in offensive security.

Ruben Santamarta works as a security researcher for IOActive.

He has discovered dozens of vulnerabilities on products from leading companies such as Microsoft, Apple or Oracle.

Ruben is currently focused on the ICS security field, reporting and releasing flaws on industrial software and hardware

Gold Sponsors

Aspect logo owasp.jpg AppSecDC2009-Sponsor-securicon.gif AppSecDC2009-Sponsor-mandiant.gif AppSecDC2012-ISC2.gif

Silver Sponsors


Small Business

AppSecDC2012-Sponsor-sideas.gif BayShoreNetworks.png


link= Codenomicon WhiteHat Logo.png AppSecDC2012-HP.jpg WSI - Logo.jpg