The Armis to catch a hacker lab will walk users through a realistic exercise based upon real-life incidents with with sophisticated Advanced Persistent Threat (APTs) Actors. These threat actors will move laterally across the network and exploit common visibility gaps to reach their target objectives. This lab will show users how Armis can be leveraged to see this movement.

CH3M1C41_SP1LL (Chemical Spill) is a Red-Team Capture the Flag (CTF) game where you will be the attacker within an Operational Technology (OT) network. You will need to use diverse red-team skills such as network discovery, web application attacks, and password cracking and combine them with OT knowledge to shut down the production of a chemical.

Armis foundation lab will teach users how to leverage the Armis console to view complete asset visibility across a multitude of environments including On-premise, virtual, cloud, and wireless. It will aslo explore a range of devices and categories seen within the console, starting from a high-level category overview, and then drilling down further to see the device enrichment that is populated for each device. Then, inspecting a device example will show users the wealth of data that Armis can provide for each asset and the activity associated with each one. Users will then experience the simplicity of device enrichment and management that Armis can accomplish passively and without the use of agents.

Claroty is monitoring a virtual chemical manufacturing process environment and a simulated substation on a flat network. The environment contains a virtual plant using the MODBUS communications protocol (1 HMI, 1 PLC, 6 I/Os), a virtual substation using the IEC 104 communications protocol (1 HMI, 4 RTUs), and an instance of Claroty. This lab enables a user to familiarize and test Claroty's ability to passively discover hosts, map networks, baseline traffic and issue alerts on a simulated OT environment.

Armis OT Security lab will teach users how to explore a range of OT devices and categories seen within the console, starting from a high-level category overview to the Purdue level. Then users will explore how to leverage Armis Query Language to perform investigations. You will also see some of the security capabilities that the Armis platform provides the the Armis Knowledge Base and the Armis Vulnerability Management (AVM).

Nozomi Guardian™ is monitoring a virtual chemical manufacturing process environment on a flat network. The environment contains a virtual plant (1 HMI, 1 PLC, 6 I/Os), and an instance of Nozomi Guardian. This lab enables a user to familiarize and test Guardian's ability to passively discover hosts, map networks, baseline traffic and issue alerts on a simulated OT environment.