Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
A6_11 Years of Working on Testing Email Securit...
Search
JPAAWG
November 14, 2019
0
230
A6_11 Years of Working on Testing Email Security Products / How I See Changes in the Society Through It
JPAAWG
November 14, 2019
Tweet
Share
More Decks by JPAAWG
See All by JPAAWG
Google & ⽶国Yahoo!の迷惑メール 対策強化について
jpaawg
1
3.7k
A14_Future of DNS DoH / DoT_1
jpaawg
0
530
A14_Future of DNS DoH / DoT_2
jpaawg
0
190
A14_Future of DNS DoH / DoT_3
jpaawg
0
230
A15_DMARC Case Study
jpaawg
0
440
A16_Meeting for Japanese ISPs (Part 2)
jpaawg
0
410
B15_Abuse Desk Best Practices
jpaawg
1
1.8k
B14_Sharing Knowledge of Domain, Spam and DNS Investigation
jpaawg
0
190
A13_General Data Protection Regulation (GDPR) How does it impact Asia?
jpaawg
0
280
Featured
See All Featured
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
53
2.9k
Java REST API Framework Comparison - PWX 2021
mraible
33
8.8k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
30
9.7k
Code Reviewing Like a Champion
maltzj
525
40k
A designer walks into a library…
pauljervisheath
207
24k
Art, The Web, and Tiny UX
lynnandtonic
303
21k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
358
30k
Unsuck your backbone
ammeep
671
58k
How to train your dragon (web standard)
notwaldorf
96
6.2k
BBQ
matthewcrist
89
9.8k
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
656
61k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
507
140k
Transcript
None
QUALITIA?? ݄ɹઃཱ ࣾһɺ໊ ΫϥυܕαʔϏε͔Βࣗࣾӡ༻·Ͱɺ ϝʔϧϝʔϧपΓͷηΩϡϦςΟɾαʔϏεΛఏ ڙ͢Δ τʔλϧϝοηʔδϯάιϦϡʔγϣϯΧϯύχʔ IUUQTXXXRVBMJUJBDPKQ
MY NAME IS MASAKAZU YOSHIKAWA גࣜձࣾΫΦϦςΟΞ ࣭ཧ෦ॴଐ ςετνʔϜϦʔμʔ/ςετΤϯδχΞ/ࣾϑΝγϦςʔλʔ 1981ੜ·Εɺ౦౦ژग़ ө૾੍࡞ܥͷઐֶߍଔۀޙɺ2001͔Βആ༏ͱͯ͠׆ಈΛ։࢝ɻ
༷ʑͳΞϧόΠτΛసʑͱ͠ͳ͕Βആ༏ۀΛଓ͚Δதɺ2008ΫΦϦςΟΞʹςελʔ ͷΞϧόΠτͱͯ͠ೖࣾɻ ആ༏ۀഇۀޙɺਖ਼ࣾһʹͳΔɻ ݱࡏςετνʔϜͷϚωδϝϯτΛϝΠϯʹࣾϑΝγϦςʔλʔͱͯ͠ͷۀߦͬ ͍ͯΔɻ ඇΤϯδχΞͳ͕Βɺࣗͷಘҙ(ιϑτεΩϧ)Λϑϧ׆༻͠ɺνʔϜϏϧσΟϯ άɺϑΝγϦςʔγϣϯɺςετϓϩδΣΫτϚωʔδϝϯτɺϦʔμʔۀͳͲΛߦ ͍ɻແཧཧITۀքʹίϛοτͯ͠11ɻ 1ࣇͷɻझຯDJɻ
TODAY’S MENU • 11ؒɺϝʔϧͷςετΛߦ͖ͬͯͨาΈ • าΈ͔Βײ͡Δ࣌ͷมԽʢΫϨʔϜ/ϦΫΤετʣ • าΈ͔Βײ͡Δ࣌ͷมԽʢϝʔϧΕʣ • ·ͱΊ
11ؒɺϝʔϧͷςετΛߦ͖ͬͯͨาΈ ϑϦʔλʔ&ֶੜத৺ͷ4.5ਓͷςετνʔϜ 21໊ͷ࣭ཧ෦ आۚ·ΈΕͷශऀͷόΠτΔؾͷͳ͍ձࣾһ ࣗݾ৫Խ͞Εͨ׆ྗʹᷓΕͨϚωʔδϟʔ
ΫΦϦςΟΞͷ࣭ཧ෦ʹ͍ͭͯ 開ൃチーム1 テストチーム1 ςετઃܭɺςετɺҊ݅ཧɺ֎෦ઃܭɺαϙʔτͷαϙʔτɺӡ༻ͷαϙʔτ 11ؒɺϝʔϧͷςετΛߦ͖ͬͯͨาΈ 開ൃチーム2 テストチーム2 1チームあたり5-8名 ओͳۀ༰
0 18.75 37.5 56.25 75 2008 2009 2010 2011 2012
2013 2014 2015 2016 2017 2018 2019 ɹɹ11ؒɺϝʔϧͷςετΛߦ͖ͬͯͨาΈ (2008) ITۀքΛΔ ࣗ༝ʹಇ͚Δ ͷറΓ͕ͳ͍ ऩೖ͕ͦΕͳΓʹೖΔ ࣾһ໊̍ ςελʔ̐.໊̑ ݴΘΕͨ͜ͱΛΔ͚ͩͷ෦ୂ Google Chrome͕ϩʔϯν SaaSͷࢢن͕̍ஹԁ͑ iPhone ຊͰൢച։࢝
0 20 40 60 80 2008 2009 2010 2011 2012
2013 2014 2015 2016 2017 2018 2019 ςετઃܭΛ࢝ΊΔ ΞϧόΠτ͔ΒࣾһʹͳΔྲྀΕ͕࢝ΊΔ 2010ɺΫϥυαʔϏε։࢝ ԋܶΛΊΔɻ ݁ࠗ͢Δɻ ͲΜͲΜϞνϕʔγϣϯ͕Լ͕Δ స৬Λߟ͑࢝ΊΔ ɹ11ؒɺϝʔϧͷςετΛߦ͖ͬͯͨาΈ(2009,2010) Twitter͕ϒʔϜʹͳΔ GsuiteͰGmailͷఏڙ͕։࢝ ػີใ͕૬͍࣍ͰWikiLeaksͰެ։ ใηΩϡϦςΟͷةػҙ͕ࣝߴ·Δ
0 20 40 60 80 2008 2009 2010 2011 2012
2013 2014 2015 2016 2017 2018 2019 ࡂʼస৬ߟ͑͢ ܁Γฦ͠ͷຖʹϯβϦ ϓϥΠϕʔτׂͱॆ࣮ ɺΑ͘Ա͍͑ͯͳ͍ ਓखෆɺ༑ਓΛ̏ਓհ ɹ11ؒɺϝʔϧͷςετΛߦ͖ͬͯͨาΈ(2011,2012) O365 OUTLOOK / Chatwork / LINE͕ϩʔϯν δϣϒεࢮڈ
0 20 40 60 80 2008 2009 2010 2011 2012
2013 2014 2015 2016 2017 2018 2019 ৽ͷاըɺ֎෦ઃܭ ΫϥυαʔϏεͷڥߏஙͳͲ ςετҎ֎ͷۀ͕૿͑ͯ͘Δ QCνʔϜ͕̎ͭʹ͔ΕΔ ࢠڙ͕ੜ·ΕΔ ࣾһʹͳΔϦʔμʔʹͳ͍ͬͯ͘ ਓΛ·ͱΊΔεΩϧΛࣄʹ׆͔ͤΔΑ͏ͳΔ ૬มΘΒͣϞνϕʔγϣϯ͍·· ɹ11ؒɺϝʔϧͷςετΛߦ͖ͬͯͨาΈ(2013,2014) Slack͕ϩʔϯν LINEϢʔβʔɺੈքͰ3ԯਓΛಥഁɻ େྔͷෆਖ਼ϩάΠϯࣄ݅
0 20 40 60 80 2008 2009 2010 2011 2012
2013 2014 2015 2016 2017 2018 2019 ܦӦ౷߹ʼΫΦϦςΟΞʹͳΔ ৽͍͠෩͕ঃʑʹਧ͍ͯ͘Δ ΞϧόΠτθϩʹͳΔ ৽ଔ࠾༻ κʔϯόϒϧظ ே·Ͱࣄ ϑοΫΞοϓ͞ΕΔ Ϧʔμʔۀͷ૿Ճ པΒΕΔ ɹ11ؒɺϝʔϧͷςετΛߦ͖ͬͯͨาΈ(2015,2016,2017) ૯লΑΓɺશࠃͷ1761ͷํ࣏ࣗମʹର͠ ʮใηΩϡϦςΟʔڧਟԽܭըʯ͕ൃྩ اۀͷجװܥγεςϜͷΫϥυԽ͕ຊ֨తʹ
0 25 50 75 100 2008 2009 2010 2011 2012
2013 2014 2015 2016 2017 2018 2019 νʔϜ࠶ฤ ॏͳΔࢼߦࡨޡ ࣗ৴͕ੜ·Εͯ͘Δ ΧΠθϯ ͓ษڧ ධՁΛ͞ΕΔ νʔϜϏϧσΟϯά ֎ग़ Management3.0 ɹ11ؒɺϝʔϧͷςετΛߦ͖ͬͯͨาΈ(2018,2019) γΣΞϦϯάΤίϊϛʔͷαʔϏε͕ຊͰຊ֨Խ ΧΧΦτʔΫɺϝʔϧαʔϏε։࢝ʢЌ൛ʣ Slack͕ϝʔϧͷࢧ͚ͯAstroΛങऩ
11ؒɺϝʔϧͷςετΛߦ͖ͬͯͨาΈ ϑϦʔλʔ&ֶੜத৺ͷ4.5ਓͷςετνʔϜ 21໊ͷ࣭ཧ෦ आۚ·ΈΕͷශऀͷόΠτΔؾͷͳ͍ձࣾһ ࣗݾ৫Խ͞Εͨ׆ྗʹᷓΕͨϚωʔδϟʔ
ɹɹɹาΈ͔Βײ͡Δ࣌ͷมԽʢΫϨʔϜ/ϦΫΤετʣ HTMLϝʔϧૹड৴ͷΫϨʔϜ͕૿Ճ ࡉ͔͍ϦΫΤετ͕དྷͳ͘ͳͬͨ ͔ͯ͠͠ɺ͋Μ·Γͬͯͳ͍ʁ
าΈ͔Βײ͡Δ࣌ͷมԽʢϝʔϧΕʣ
ରऀɿΫΦϦςΟΞࣾһ ճɿ115ਓத82໊ Q1 ϓϥΠϕʔτͰEϝʔϧΛར༻͍ͯ͠·͔͢ʁ Q2 ͲͷΑ͏ͳ༻్ͰEϝʔϧΛར༻͍ͯ͠·͔͢ʁ Q3 EϝʔϧͷϝϦοτΛڭ͍͑ͯͩ͘͞ Q4 EϝʔϧͷσϝϦοτΛڭ͍͑ͯͩ͘͞
าΈ͔Βײ͡Δ࣌ͷมԽʢϝʔϧΕʣ
าΈ͔Βײ͡Δ࣌ͷมԽʢϝʔϧΕʣ 40%͕΄΅ར༻͍ͯ͠ͳ͍ɻ ར༻͍ͯ͠ͳ͍ 4050த৺ 20த৺ ̒̌ˋ͕ར༻͍ͯ͠Δ සൟʹར༻͍ͯ͠Δ ̍̑% ͨ·ʹར༻͍ͯ͠Δ ̐̎%
΄΅ར༻͍ͯ͠ͳ͍ ̎̔% ར༻͍ͯ͠ͳ͍ 15%
ͲͷΑ͏ͳ༻్ͰEϝʔϧΛར༻͍ͯ͠·͔͢ʁ プライベートの中での、フォーマルなやりとり Ҭͷ࣏ࣗձͷΓऔΓɻ ࢠڙͷֶߍ͔Βͷ࿈བྷ ݸਓతࣄͷΓऔΓ(ྫɿࣥචʣ DJɾLIVEͷΦϑΝʔ ϝʔϧҎ֎ʹ࿈བྷखஈ͕ͳ͍૬खͱ Ψϥέʔར༻ͷਓ ͷਓ メールしかやってない⼈ରԠ
ྫྷ੩ʹߟ͑ΔͱIDొͱ͔௨ϝʔϧͱ͔ϝϧϚΨ͔Γɺૹ৴ຆͲ͍ͯ͠ͳ͍ɻ සൟʹૹ৴͍ͯ͠ͳ͍ɺड৴ͷҝʹ͍ͬͯΔͷଟ͍ɻ 受信しかしてない⼈
EϝʔϧͷϝϦοτΛڭ͍͑ͯͩ͘͞ νϟοτͱҧͬͯྲྀΕ͍͔ͯͳ͍͜ͱɻ ͋ͱͰ֬ೝग़དྷΔʢνϟοτྲྀΕͯ͠·͏ʣ ৼΓ͚͕Ͱ͖Δ ଞࣾΛհ͞ͳ͍ϝοηʔδϯάͰ།ҰɺҰൠʹීٴ͍ͯ͠Δ ର֎తͳϏδωεͰͷίϛϡχέʔγϣϯπʔϧe-mail Ѽઌͷઃఆ͕ॊೈʹߦ͑Δʢ୯ൃɺෳɺCcɺBccͳͲʣ هͱͯ͠Γ͍͢ɺޙʑݕࡧ͍͢͠ɻ ཤྺͷݕࡧ͕ʢൺֱతʣ͍͢͠ チャットと違って整理できるし情報流れないよ系
ݕ索しやすいよ系 Slackの告に物申す系 EϝʔϧͷϝϦοτͱ͍͏࣭ʹରͯ͠ɺνϟοτSNSͳ ͲͷϝοηʔδαʔϏεʹର͢ΔϝϦοτ͕΄ͱΜͲͩͬͨ
EϝʔϧͷσϝϦοτΛڭ͍͑ͯͩ͘͞ ͨ͘͞ΜདྷΔͱॏཁͳͷ͕ຒΕΔ͋ͱͰ֬ೝग़དྷΔ ৼΓ͚͕໘ɺLINEͳΒͦͷਓͱͷΓऔΓΛ͙͢ʹ֬ೝͰ͖Δɻ ϑΥʔϚϧա͗Δ Τνέοτ͕͏Δ͍͞ ϝʔϧͷॻ͖ํͱ͔໘͍͘͞ ηΩϡϦςΟϦεΫ͕ଘࡏɻ SPAM͕͘Δ ΞυϨεͷྲྀग़͢͠͞ʹΑΔ໎ϝʔϧͷଟൃɻ メールは整理が⾯倒、情報が埋もれる系
セキュリティリスク系 マナー系 ΈΜͳϝʔϧͰ൧৯ͬͯΔͤ͘ʹѱޱଟ͗͢ɻ εϐʔυײ͕ͳ͍ɻ Ϩεϙϯε͕ѱ͍ɻ ૹड৴͕͍ ใͷΞΫηε͕໘ スピード系
NAGARERU VS UMORERU νϟοτ(Slack)ྲྀΕΔ ϝʔϧຒΕΔ ྲྀΕΔΜ͡Όͳͯ͘ྲྀ͍ͯ͠Δ͚ͩͰ͢Α ຒΕΔΜ͡Όͳͯ͘ຒΕͳ͍Α ͏ʹ͢Δͷ͕ࣾձਓͷϚφʔͩ ͲͬͪͲͬͪͰ͢Αɻ ྲྀΕͳ͍Α͏ʹͯ͠ɺຒΕͳ͍Α͏ʹ͠·͠ΐ͏
·ͱΊ าΈ͔Βײ͡Δ࣌ͷมԽʢϝʔϧΕʣ ϝʔϧΛݏ͏ਓɺϝʔϧʹͩ͜ΘΔਓͷओு͕ɺͲͬͪͲͬͪͩͬͨɻ ϝʔϧͷ༻༻్Ϗδωε໘Ҏ֎࣮֬ʹมΘ͖͍ͬͯͯΔɻ SlackLINEͱͦΜͳʹൺֱ͢Δ͖Ͱͳ͍ͷͰʁ ʢʑͷίϛχϡέʔγϣϯΛ౪ΒΕ͚ͨͩʣ ͜ͷΞϯέʔτ݁ՌΛੳ͍͚ͯ͠ɺΑΓྑ͍ϝʔϥʔ͕࡞Εͦ͏ɻ
·ͱΊ̎ าΈ͔Βײ͡Δ࣌ͷมԽʢϝʔϧΕʣ ʑͷίϛχϡέʔγϣϯҎ֎ΛڧԽɻ ʑͷίϛχϡέʔγϣϯͱϝʔϧΛͭͳ͙ ෳࡶʹͳΓա͍͗ͯΔͷͰɺՄೳͳݶΓγϯϓϧʹ͍ͯ͘͠
͓·͚
ϝʔϧ/ηΩϡϦςΟۀքͷߴྸԽ
DONEC QUIS NUNC
None
ϝʔϧɺਆ༫ɺςΫϊͷڞ௨ ָ͕ࣗͨͪ͠Έա͗ͯɺएखΛஔ͍͖ͯ΅Γʹ͖͍ͯͨ͠ɻ एखҭͷϓϥΠΦϦςΟ͕ա͗ͨ ੲ͔Γ͍ͯ͠Δ
·ͱΊ • ϝʔϧ/ηΩϡϦςΟʔۀքɺ͓ݎ͍ۀք͕ͩɺதॊೈɻ ͓ݎ͍͔Βͦ͜ɺॊೈͳͷ͔Εͳ͍ ָ͠͞ࣄͷΓ͕͍ΛͬͱएऀʹΞϐʔϧ͍͖ͯ͘͠ ɾϝʔϧແ͘ͳΒͳ͍ΑɻωΨςΟϒΊ·͠ΐ͏
PLAY WORK
ͭͳ͕Γ·͠ΐ͏ Masakazu Yoshikawa https://www.facebook.com/ masakazu.yoshikawa.7 QUALITIA FACEBOOK PAGE https://www.facebook.com/QualitiaCo QUALITIA
Twitter https://twitter.com/QUALITIA_Co QUALITIA Twitter(ٕज़ใܥ) https://twitter.com/qualitia_cdev
࣭ίʔφʔ