ICS CYBERSECURITY ACADEMY

BlackHat US 2026 [August 01-04] From PLC to the Cloud: Legacy & modern ics security

Industrial Control Systems (ICS) are rapidly evolving. Modern plants mix legacy PLCs with software-based controllers, cloud services, Zero-Trust networks, and IIoT — creating new attack paths and new defense challenges.

In this fully hands-on 4-day training, you’ll learn by doing: programming PLCs in ladder, analyzing and exploiting ICS protocols (Modbus, S7, OPC-UA, MQTT), breaking engineering services, assessing Windows/AD assets in OT networks, attacking and hardening soft-PLCs, and navigating cloud-connected architectures including AWS.

You’ll apply everything through two guided Capture-the-Flags: one simulating a traditional on-prem industrial network, and one built around modern, cloud-integrated ICS. Expect end-to-end scenarios including Active Directory compromise, protocol manipulation, PLC logic attacks, cloud privilege escalation, and cyber-physical impact on simulated processes.

Whether you’re a pentester, defender, or ICS engineer, you will leave with actionable skills to assess and secure real industrial environments, modern or legacy.

BlackHat US [August 2th-5th 2025] Build, Break, Secure (In-person in Vegas!)

Discover the world of Industrial Control Systems with an attack mindset! In this training, we will follow a hands-on approach, growing from a very simple local process to a realistic ICS environment with 3 words in mind:
✅ Build: how does it work?
⚡ Break: what are the weaknesses and how to exploit it?
🔒 Secure: what can we do to fix it?

[DEFCON Training 2025] – Hack the connected plant!

Tired of legacy ICS systems? Attend this training to hack the next generation of Industrial Control Systems! No more Modbus, no more standard PLC, no more Purdue model!

This training is designed to show what the future might look like for Industrial Control Systems, and how it will impact cybersecurity.

BlackHat US [August 3th-6th 2024] Build, Break, Secure (In-person in Vegas!)

BlackHat US [August 5th-10th 2023] Build, Break, Secure (In-person in Vegas!)

BlackHat US [August 6th-9th 2022] Build, Break, Secure (In-person in Vegas!)

This training will take place over 4 days, allowing a full day for the CTF and an additional case study on how to secure ICS.

You will perform a lot of lab sessions, including: programming a PLC in ladder logic, analyzing network captures of ICS protocols, perform Modbus (serial & tcp) requests, using Metasploit to compromise a Windows host and gather sensitive information from an Active Directory, and much more! The last half-day is dedicated to the Capture-the-Flag, in which you will apply the newly acquired techniques to compromise a corporate network, pivot to the ICS network and take control of the process to capture a flag with a robotic arm.
Moreover, the training doesn’t stop on the third day! With the WhiskICS training kit, you’ll be able to redo all the exercises after the training and continue experimenting with ICS security on your own.