SCADA Forensics

This intensive 3-day course provides cybersecurity professionals with the practical skills to perform digital forensics in Industrial Control Systems (ICS) and SCADA environments. Through hands-on labs and real-world breach simulations, participants will learn to collect, preserve, and analyze forensic evidence from critical infrastructure systems after a cyber incident.

Using realistic ICS network topologies and simulated attacks on devices like PLCs and RTUs, students will reconstruct attack chains, identify indicators of compromise (IOCs), and analyze artifacts across field devices, engineering workstations, and HMI systems. The course emphasizes the unique constraints and risks of working in operational technology (OT) networks.

Coming soon!

Course curriculum in progress

  1. Chapter name

  2. Chapter name

  3. Chapter name

About this course

Requirements

While not mandatory, it is recommended that participants have the following tools installed to fully engage with the hands-on exercises:

  • RemNux
  • Kali Linux
  • Tsurugi

These tools will enhance your ability to work effectively with the course materials and practical exercises.

Additional Training

View more trainings