Industrial cybersecurity firm Claroty this week announced the availability of AccessDB Parser, an open source tool that allows researchers to analyze Microsoft Access database files associated with SCADA applications.
AccessDB Parser was initially developed to improve the scanning capabilities of Claroty Continuous Threat Detection (CTD)’s Application DB (AppDB), which is designed to provide a non-intrusive way to identify and manage assets in OT networks by parsing configuration files and other artifacts associated with industrial control systems (ICS).
Provided as a Python library, AccessDB Parser allows users to easily automate the process of reading and analyzing any .mdb or .accdb Access database file.
“This can be very helpful to go over a large number of files and extract the needed data or perform the relevant tests very easily,” Uri Katz, a senior researcher at Claroty, who led the development of the tool, told SecurityWeek.
Asked to share specific examples of issues that can be uncovered using the open source tool, Katz explained, “Project files usually contain important information about the SCADA environment, including what assets are in the network, what programs are those assets running, and some configuration data relevant to those assets.
“After testing and processing a few dozens of such project files in our lab, we detected a deviation related to some mis-configuration in some of the project files we had in our lab. Since we used our python library, it was relatively easy to spot the mis-configuration since we could automate the entire process.”
Learn more about ICS security tools at SecurityWeek’s 2020 ICS Cyber Security Conference and SecurityWeek’s Security Summits virtual event series
Katz pointed out t ..
Support the originator by clicking the read the rest link below.
