Digital Forensics and Incident Response for PLCs

Attacks against industrial control systems (ICS) are on the rise. To effectively respond to this emerging threat, organizations must be aware of the challenges that come along with performing digital forensics and incident response (DFIR) for ICS. This course is designed to give ICS security personnel the skills needed to identify and understand threats targeting ICS devices that use embedded operating systems such as VxWorks and Windows CE.

This fast-paced technical course offers learners hands- on experience investigating targeted attacks and guides them through the steps required to analyze and triage compromised ICS.

Learning Objectives

After completing this course, learners should be able to:

  • Learn to investigate targeted attacks against ICS
  • Understand the steps required to triage compromised ICS

Who Should Attend

Incident response team members, threat hunters and information security professionals.


Background in ICS, PLCs and other embedded devices and operating systems. Background in forensic analysis, network traffic analysis, log analysis, security assessments and penetration testing, security architecture, and system administration.


1 day

Instructor-Led Training Instructor-Led Training

Courses cannot be purchased or accessed from this site.

If you would like to register for this course, please contact your FireEye account manager.

Thank you.