uCertify

Industrial Cybersecurity

Start your career by mastering the defense of the critical infrastructure with the definitive industrial cybersecurity course.

(INDUS-CYBSEC.AJ1)
Lessons
Lab
AI Tutor (Add-on)
Get A Free Trial

About This Course

Are you tired of treating complex industrial systems such as IT environments? However, this specialised course offers the rigorous foundation to design, implement & troubleshoot industrial cybersecurity solutions in the environments where downtime is not an option.

Mastering OT cybersecurity is one of the most important things for securing high-end roles in the field of operational technology (OT) security. Therefore, the program is typically aligned with the foundational ISA IEC 62443 standards. 

Skills You’ll Get

  • Architecture & Standards: Master the architecture of Industrial Control Systems (ICS) & implement designs aligned with the key ISA IEC 62443 standard and the Industrial Demilitarized Zone (IDMZ). 
  • Active Monitoring & Threat Hunting: Conquer intrusion detection, security monitoring, and active threat hunting techniques specifically tailored for OT cybersecurity environments. 
  • Assessment & Testing: Grasp the methodologies for performing comprehensive ICS security risk assessment, penetration testing, & red/blue team exercises without disrupting operations. 
  • Response & Forensic: Build a strong theoretical foundation base for performing incident response procedures & forensics designed specifically for the unique sensitivities of SCADA security & industrial environments. 
Download Course Outline

1

Preface

  • Who this course is for
  • What this course covers
2

Introduction and Recap of First Edition

  • Industrial Cybersecurity – second edition
  • Recap of the first edition
  • What is an ICS?
  • Summary
3

A Modern Look at the Industrial Control System Architecture

  • Why proper architecture matters
  • Industrial control system architecture overview
  • Summary
4

The Industrial Demilitarized Zone

  • The IDMZ
  • What makes up an IDMZ design?
  • Example IDMZ broker-service solutions
  • Summary
5

Designing the ICS Architecture with Security in Mind

  • Typical industrial network architecture designs
  • Designing for security
  • Security monitoring
  • Summary
6

Introduction to Security Monitoring

  • Security incidents
  • Passive security monitoring
  • Active security monitoring
  • Threat-hunting exercises
  • Security monitoring data collection methods
  • Putting it all together – introducing SIEM systems
  • Summary
7

Passive Security Monitoring

  • Technical requirements
  • Passive security monitoring explained
  • Security Information and Event Management – SIEM
  • Common passive security monitoring tools
  • Setting up and configuring Security Onion
  • Exercise 1 – Setting up and configuring Security Onion
  • Exercise 2 – Setting up and a configuring a pfSense firewall
  • Exercise 3 – Setting up, configuring, and ...9;s eyeInsight (formerly known as SilentDefense)
  • Summary
8

Active Security Monitoring

  • Technical requirements
  • Understanding active security monitoring
  • Exercise 1 – Scanning network-connected devices
  • Exercise 2 – Manually inspecting an industrial computer
  • Summary
9

Industrial Threat Intelligence

  • Technical requirements
  • Threat intelligence explained
  • Using threat information in industrial environments
  • Acquiring threat information
  • Creating threat intelligence data out of threat information
  • Exercise – Adding an AlienVault OTX threat feed to Security Onion
  • Summary
10

Visualizing, Correlating, and Alerting

  • Technical requirements
  • Holistic cybersecurity monitoring
  • Exercise 1 – Using Wazuh to add Sysmon logging
  • Exercise 2 – Using Wazuh to add PowerShell Script Block Logging
  • Exercise 3 – Adding a Snort IDS to pfSense
  • Exercise 4 – Sending SilentDefense alerts to Security Onion syslog
  • Exercise 5 – Creating a pfSense firewall event dashboard in Kibana
  • Exercise 6 – Creating a breach detection dashboard in Kibana
  • Summary
11

Threat Hunting

  • What is threat hunting?
  • Threat hunting in ICS environments
  • What is needed to perform threat hunting exercises?
  • Threat hunting is about uncovering threats
  • Correlating events and alerts for threat hunting purposes
  • Summary
12

Threat Hunt Scenario 1 – Malware Beaconing

  • Forming the malware beaconing threat hunting hypothesis
  • Detection of beaconing behavior in the ICS environment
  • Investigating/forensics of suspicious endpoints
  • Using indicators of compromise to uncover additional suspect systems
  • Summary
13

Threat Hunt Scenario 2 – Finding Malware and Unwanted Applications

  • Technical requirements
  • Forming the malicious or unwanted applications threat hunting hypothesis
  • Detection of malicious or unwanted applications in the ICS environment
  • Investigation and forensics of suspicious endpoints
  • Using discovered indicators of compromise to search the environment for additional suspect systems
  • Summary
14

Threat Hunt Scenario 3 – Suspicious External Connections

  • Forming the suspicious external connections threat hunting hypothesis
  • Ingress network connections
  • Summary
15

Different Types of Cybersecurity Assessments

  • Understanding the types of cybersecurity assessments
  • Risk assessments
  • Red team exercises
  • Blue team exercises
  • Penetration testing
  • How do ICS/OT security assessments differ from IT?
  • Summary
16

Industrial Control System Risk Assessments

  • Understanding the attack stages and ultimate objectives of ICS cyber attacks
  • Risk assessments
  • Summary
17

Red Team/Blue Team Exercises

  • Red Team versus Blue Team versus pentesting
  • Red Team/Blue Team example exercise, attacking Company Z
  • Summary
18

Penetration Testing ICS Environments

  • Practical view of penetration testing
  • Why ICS environments are easy targets for attackers
  • Typical risks to an ICS environment
  • Modeling pentests around the ICS Kill Chain
  • Pentesting results allow us to prioritize cybersecurity efforts
  • Pentesting industrial environments requires caution
  • Exercise – performing an ICS-centric penetration test
  • Summary
19

Incident Response for the ICS Environment

  • What is an incident?
  • What is incident response?
  • Incident response processes
  • Incident response procedures
  • Example incident report form
  • Summary
20

Lab Setup

  • Discussing the lab architecture
  • Details about the enterprise environment lab setup
  • Details about the industrial environment – lab setup
  • How to simulate (Chinese) attackers
  • Discussing the role of lab firewalls
  • How to install the malware for the lab environment
  • Configuring packet capturing for passive security tools
  • Summary

1

A Modern Look at the Industrial Control System Architecture

  • Designing a Segmented ICS Network Using VLANs
  • Simulating PLC and HMI Communication
2

The Industrial Demilitarized Zone

  • Configuring an IDMZ and Simulating a Patch Server
3

Designing the ICS Architecture with Security in Mind

  • Simulating a Segmented Industrial Network
4

Introduction to Security Monitoring

  • Capturing Packets Using Wireshark
5

Passive Security Monitoring

  • Running Snort in IDS Mode
6

Active Security Monitoring

  • Fingerprinting Using Nmap
  • Profiling a Targeted System
  • Scanning for Vulnerabilities Using Nikto
  • Conducting Vulnerability Scanning Using Nessus
  • Performing File Share Enumeration
  • Using modbus-cli
  • Getting EtherNet/IP Information
7

Visualizing, Correlating, and Alerting

  • Using Wazuh to Add Sysmon Logging
  • Configuring Firewall Rules and Monitoring Network Logs Using pfsense
8

Threat Hunting

  • Performing Intrusion Detection Using Zeek
9

Threat Hunt Scenario 2 – Finding Malware and Unwanted Applications

  • Scanning Files for Malicious Patterns with YARA
10

Threat Hunt Scenario 3 – Suspicious External Connections

  • Viewing Linux Event Logs
11

Different Types of Cybersecurity Assessments

  • Gathering Basic OSINT from a Website
  • Setting Up a Honeypot on Kali Linux
12

Industrial Control System Risk Assessments

  • Exploiting Vulnerable SMB Services (EternalBlue Exploit)
13

Red Team/Blue Team Exercises

  • Cracking Linux Passwords Using John the Ripper
14

Penetration Testing ICS Environments

  • Using Nessus Scan Data in Metasploit
15

Incident Response for the ICS Environment

  • Preparing and Performing Post-Incident Activities
  • Performing Incident Response Activities

Any questions?
Check out the FAQs

  Want to Learn More?

Contact Us Now

OT engineers, network engineers transitioning to industrial roles, security analysts, and anyone responsible for the safety and reliability of SCADA security and other critical industrial systems.

Basic knowledge of networking is helpful, but the course begins by clearly defining what an ICS is and how the OT cybersecurity environment differs from IT, ensuring a strong foundation for all learners.

It covers the full breadth of defense, including rigorous topics like Red/Blue Team exercises, SIEM implementation, and advanced threat hunting scenarios, which are essential for truly modern industrial cybersecurity solutions.

Both; it actually covers the architecture and standards (like ISA IEC 62443) while teaching how to apply hands-on concepts like packet capture, vulnerability scanning, and incident response procedures in a simulated industrial environment.

Ready to Build Industrial Cybersecurity Solutions?

  Translate your defense theories into real-world operational security with this essential industrial cybersecurity program.

$167.99

Buy Now

Related Courses

All Courses