ICS CYBERSECURITY ACADEMY

Industrial Control Systems cybersecurity training & resources

Our trainings

We offer trainings from 1 to 4 days long, covering everything required to kickstart your ICS cybersecurity journey!

We deliver our trainings in English or French through different means:

  • Public training sessions at security conferences, like BlackHat Las Vegas
  • Public training sessions with training companies, like HS2 in France
  • Private training session,  either on-site worldwide or remotely, dedicated to your company
  • Elearning to learn at your own pace, with fully online on-demand labs!

We currently offer variations of two training classes:

  • Build, Break, Secure: our flagship class that was taught worldwide and is still evolving. This class is ideal for anyone starting in ICS cybersecurity, from and IT or OT background.
  • Hack the connected plant! : Still in development, this training class will premiere in 2025. This class will focus on modern and new technologies for ICS: SD-WAN, machine learning and AI, soft-PLCs, edge devices, and will prepare you for what’s to come in ICS in the coming years!

Get in touch at contact@ics-cybersecurity.academy or use the form below to know more!

 

List of our past trainings

  • HS2 10/2024
  • Black Hat US 2024
  • HS2 04/2024
  • HS2 12/2023
  • Black Hat US 2023
  • Advanced Security Trainings 2023
  • HS2 11/2022
  • Black Hat US 2022
  • HS2 2021
  • Black Hat US 2021
  • Private training 2021
  • Troopers 2021
  • HS2 2020
  • DeepSec 2019
  • CS3STHLM 2019
  • Hack in Paris 2019
  • BlackHat Asia 2019
  • CS3STHLM 2018
  • Hack In Paris 2018
  • Hack In Paris 2015

Hack the connected plant!

Tired of legacy ICS systems? Attend this training to hack the next generation of Industrial Control Systems! No more Modbus, no more standard PLC, no more Purdue model!


This training is designed to show what the future might look like for Industrial Control Systems, and how it will impact cybersecurity.

Read More “Hack the connected plant!”

[canceled]BlackHat Asia Virtual training [April 16th-19th 2024] Build, Break, Secure (fully remote)

Discover the world of Industrial Control Systems with an attack mindset! In this training, we will follow a hands-on approach, growing from a very simple local process to a realistic ICS environment with 3 words in mind:
Build: how does it work?
Break: what are the weaknesses and how to exploit it?
🔒 Secure: what can we do to fix it?

This course is fully remote via Zoom, at Singapore time

Read More “[canceled]BlackHat Asia Virtual training [April 16th-19th 2024] Build, Break, Secure (fully remote)”

BlackHat US [August 3th-6th 2024] Build, Break, Secure (In-person in Vegas!)

Discover the world of Industrial Control Systems with an attack mindset! In this training, we will follow a hands-on approach, growing from a very simple local process to a realistic ICS environment with 3 words in mind:
Build: how does it work?
Break: what are the weaknesses and how to exploit it?
🔒 Secure: what can we do to fix it?

Read More “BlackHat US [August 3th-6th 2024] Build, Break, Secure (In-person in Vegas!)”

BlackHat US [August 5th-10th 2023] Build, Break, Secure (In-person in Vegas!)

Discover the world of Industrial Control Systems with an attack mindset! In this training, we will follow a hands-on approach, growing from a very simple local process to a realistic ICS environment with 3 words in mind:
Build: how does it work?
Break: what are the weaknesses and how to exploit it?
🔒 Secure: what can we do to fix it?

Read More “BlackHat US [August 5th-10th 2023] Build, Break, Secure (In-person in Vegas!)”

BlackHat US [August 6th-9th 2022] Build, Break, Secure (In-person in Vegas!)

Discover the world of Industrial Control Systems with an attack mindset! In this training, we will follow a hands-on approach, growing from a very simple local process to a realistic ICS environment with 3 words in mind:
Build: how does it work?
Break: what are the weaknesses and how to exploit it?
🔒 Secure: what can we do to fix it?

This training will take place over 4 days, allowing a full day for the CTF and an additional case study on how to secure ICS.


You will perform a lot of lab sessions, including: programming a PLC in ladder logic, analyzing network captures of ICS protocols, perform Modbus (serial & tcp) requests, using Metasploit to compromise a Windows host and gather sensitive information from an Active Directory, and much more! The last half-day is dedicated to the Capture-the-Flag, in which you will apply the newly acquired techniques to compromise a corporate network, pivot to the ICS network and take control of the process to capture a flag with a robotic arm.
Moreover, the training doesn’t stop on the third day! With the WhiskICS training kit, you’ll be able to redo all the exercises after the training and continue experimenting with ICS security on your own.

Read More “BlackHat US [August 6th-9th 2022] Build, Break, Secure (In-person in Vegas!)”

BlackHat US [ July 31st to August 3rd, 2021] Build, Break, Secure (Live remote)

Discover the world of Industrial Control Systems with an attack mindset! In this training, we will follow a hands-on approach, growing from a very simple local process to a realistic ICS environment with 3 words in mind:
Build: how does it work?
Break: what are the weaknesses and how to exploit it?
🔒 Secure: what can we do to fix it?

This training will take place over 4 days, allowing a full day for the CTF and an additional case study on how to secure ICS.


You will perform a lot of lab sessions, including: programming a PLC in ladder logic, analyzing network captures of ICS protocols, perform Modbus (serial & tcp) requests, using Metasploit to compromise a Windows host and gather sensitive information from an Active Directory, and much more! The last half-day is dedicated to the Capture-the-Flag, in which you will apply the newly acquired techniques to compromise a corporate network, pivot to the ICS network and take control of the process to capture a flag with a robotic arm.
Moreover, the training doesn’t stop on the third day! With the WhiskICS training kit, you’ll be able to redo all the exercises after the training and continue experimenting with ICS security on your own.

Read More “BlackHat US [ July 31st to August 3rd, 2021] Build, Break, Secure (Live remote)”

[CANCELED] X33FCON [ June 21-25, 2021] Build, Break, Secure (Live remote)

Discover the world of Industrial Control Systems with an attack mindset! In this training, we will follow a hands-on approach, growing from a very simple local process to a realistic ICS environment with 3 words in mind:
Build: how does it work?
Break: what are the weaknesses and how to exploit it?
🔒 Secure: what can we do to fix it?

This training will take place over 5 half-days.


You will perform a lot of lab sessions, including: programming a PLC in ladder logic, analyzing network captures of ICS protocols, perform Modbus (serial & tcp) requests, using Metasploit to compromise a Windows host and gather sensitive information from an Active Directory, and much more! The last half-day is dedicated to the Capture-the-Flag, in which you will apply the newly acquired techniques to compromise a corporate network, pivot to the ICS network and take control of the process to capture a flag with a robotic arm.
Moreover, the training doesn’t stop on the third day! With the WhiskICS training kit, you’ll be able to redo all the exercises after the training and continue experimenting with ICS security on your own.

Read More “[CANCELED] X33FCON [ June 21-25, 2021] Build, Break, Secure (Live remote)”

TROOPERS [March 29th-31th] Build, Break, Secure (Live remote)

Discover the world of Industrial Control Systems with an attack mindset! In this training, we will follow a hands-on approach, growing from a very simple local process to a realistic ICS environment with 3 words in mind:
Build: how does it work?
Break: what are the weaknesses and how to exploit it?
🔒 Secure: what can we do to fix it?


You will perform a lot of lab sessions, including: programming a PLC in ladder logic, analyzing network captures of ICS protocols, perform Modbus (serial & tcp) requests, using Metasploit to compromise a Windows host and gather sensitive information from an Active Directory, and much more! The last half-day is dedicated to the Capture-the-Flag, in which you will apply the newly acquired techniques to compromise a corporate network, pivot to the ICS network and take control of the process to capture a flag with a robotic arm.
Moreover, the training doesn’t stop on the third day! With the WhiskICS training kit, you’ll be able to redo all the exercises after the training and continue experimenting with ICS security on your own.

Read More “TROOPERS [March 29th-31th] Build, Break, Secure (Live remote)”

ICS: Build, Break, Secure

Discover the world of Industrial Control Systems with an attack mindset! We will follow a hands-on approach, growing from a very simple local process to a realistic ICS environment with 3 words in mind:

  • Build: how does it work?
  • Break: what are the weaknesses and how to exploit it?
  • Secure: what can we do to fix it?

Read More “ICS: Build, Break, Secure”