Indegy CTO to Disclose Zero Day SCADA Vulnerability at the ICS Cyber Security Conference

Session Will Explain How Flaw in Schneider Electric Software Enables Attackers to Remotely Control Industrial Processes




Mille Gandelsman, CTO of Indegy, has led engineering efforts for Stratoscale and spent several years managing cybersecurity research for Israel’s elite intelligence corps. Gandelsman is an IDF Talpiot graduate and has over 15 years of hands-on experience in ICS and cybersecurity.


Imagine an attack on critical infrastructures that could evade virtually all existing security measures, including network firewalls, AV, application whitelisting, etc., and generically affect SCADA implementations in multiple industries. In this session, ICS security expert Mille Gandelsman will discuss a vulnerability discovered by Indegy researchers in a widely used Schneider Electric software application that would enable just such an attack. He will explain:
-- Why the vulnerable software tool is present in every ICS network in the world that uses Schneider-Electric controllers
-- How the vulnerability allows for remote code execution in Schneider Electric’s flagship Unity Pro software platform
-- What makes this vulnerability a threat across virtually any industrial sector
-- The shortcomings of IT and ICS security measures that make external threats like this almost impossible to detect and protect against


2016 Industrial Control Systems Cyber Security Conference, Georgia Tech Hotel and Conference Center, Atlanta, Georgia


Tuesday, October 25 from 12:00 - 12:45pm



To schedule a conversation with Mille Gandelsman, contact Marc Gendron at or 781-237-0341. For more info or to register, please visit:


About ICS Cyber Security Conference

Since 2002, the ICS Cyber Security Conference has gathered ICS cyber security stakeholders across various industries and attracts operations and control engineers, IT, government, vendors and academics. The ICS Cyber Security Conference will address the myriad cyber threats facing operators of ICS around the world, and will address topics covering ICSs, including protection for SCADA systems, plant control systems, engineering workstations, substation equipment, programmable logic controllers (PLCs), and other field control system devices.

About Indegy

Indegy provides real-time situational awareness, visibility and security for Industrial Control Systems (ICS) used across critical infrastructures -- energy, water utilities, petrochemical plants, manufacturing facilities, etc. The Indegy platform monitors control-plane activity to ensure the reliability of ICS networks and protect against cyber attacks, malicious insiders and operational mistakes. The company was named one of the 10 Most Promising Cyber Security Startups by Forbes Israel, is a TiE50 winner and Network World Hot Security Startup to Watch. For more information visit, and follow us on Twitter and LinkedIn.


For Indegy
Marc Gendron, 781-237-0341

Release Summary

Indegy CTO to disclose at ICS Conference a security vulnerability in Schneider Electric software that enables attackers to remotely control industrial processes across multiple industries


For Indegy
Marc Gendron, 781-237-0341