About Session

Technical Level: Intermediate

Seats are limited, so be sure to register for the workshop when you register for the conference.

This workshop on Hardening will give insights on the various aspects of a hardening process, the ins and outs of hardening will be explained, how to perform hardening, why the concerned hardening settings are important and what to strengthen to reduce potential attack vectors. Potential consequences of the hardening steps taken will be explained, and students will be guided towards creating a (basic) hardening script and system policies to assist in doing the actual hardening for similar systems within their environments. The potential pitfalls you might run into while performing hardening of standalone or domain-joined systems will be explained as well.

The workshop covers operating systems such as Windows 10 and Windows Server (as it is the most used operating system to provide Human Machine Interfaces to operators) but also Linux elements, network components security and industrial control system devices will be explained. Attendees will understand after the workshop how to verify hardening using common security tools and will understand what steps are to be taken for the hardening of systems and environments. Through real-world scenario-based exercises, attendees will get a thorough understanding of what can and should be done to protect their industrial environments.

This workshop is divided into 4 parts of 40 min, each part including a lab (except for part 1).

Workshop attendees should bring a laptop with a working virtualisation software installed (any is good, preferably VMWare), with as virtual machines default installations of Windows 11 or Windows 2019 / 2022 server. Windows LTSC as an image can be used as well.

Part 1:

• The Hardening process explained
• Problems you might run into during performing hardening
• Hardening & IEC62443