Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
A6_11 Years of Working on Testing Email Securit...
Search
JPAAWG
November 14, 2019
0
230
A6_11 Years of Working on Testing Email Security Products / How I See Changes in the Society Through It
JPAAWG
November 14, 2019
Tweet
Share
More Decks by JPAAWG
See All by JPAAWG
Google & ⽶国Yahoo!の迷惑メール 対策強化について
jpaawg
1
3.7k
A14_Future of DNS DoH / DoT_1
jpaawg
0
530
A14_Future of DNS DoH / DoT_2
jpaawg
0
190
A14_Future of DNS DoH / DoT_3
jpaawg
0
230
A15_DMARC Case Study
jpaawg
0
440
A16_Meeting for Japanese ISPs (Part 2)
jpaawg
0
410
B15_Abuse Desk Best Practices
jpaawg
1
1.8k
B14_Sharing Knowledge of Domain, Spam and DNS Investigation
jpaawg
0
190
A13_General Data Protection Regulation (GDPR) How does it impact Asia?
jpaawg
0
280
Featured
See All Featured
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
44
2.5k
Embracing the Ebb and Flow
colly
87
4.8k
The World Runs on Bad Software
bkeepers
PRO
70
11k
Learning to Love Humans: Emotional Interface Design
aarron
273
40k
Improving Core Web Vitals using Speculation Rules API
sergeychernyshev
18
1.1k
The Illustrated Children's Guide to Kubernetes
chrisshort
48
50k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
139
34k
Imperfection Machines: The Place of Print at Facebook
scottboms
268
13k
Fashionably flexible responsive web design (full day workshop)
malarkey
407
66k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
29
2.9k
GitHub's CSS Performance
jonrohan
1032
460k
Building Applications with DynamoDB
mza
96
6.6k
Transcript
None
QUALITIA?? ݄ɹઃཱ ࣾһɺ໊ ΫϥυܕαʔϏε͔Βࣗࣾӡ༻·Ͱɺ ϝʔϧϝʔϧपΓͷηΩϡϦςΟɾαʔϏεΛఏ ڙ͢Δ τʔλϧϝοηʔδϯάιϦϡʔγϣϯΧϯύχʔ IUUQTXXXRVBMJUJBDPKQ
MY NAME IS MASAKAZU YOSHIKAWA גࣜձࣾΫΦϦςΟΞ ࣭ཧ෦ॴଐ ςετνʔϜϦʔμʔ/ςετΤϯδχΞ/ࣾϑΝγϦςʔλʔ 1981ੜ·Εɺ౦౦ژग़ ө૾੍࡞ܥͷઐֶߍଔۀޙɺ2001͔Βആ༏ͱͯ͠׆ಈΛ։࢝ɻ
༷ʑͳΞϧόΠτΛసʑͱ͠ͳ͕Βആ༏ۀΛଓ͚Δதɺ2008ΫΦϦςΟΞʹςελʔ ͷΞϧόΠτͱͯ͠ೖࣾɻ ആ༏ۀഇۀޙɺਖ਼ࣾһʹͳΔɻ ݱࡏςετνʔϜͷϚωδϝϯτΛϝΠϯʹࣾϑΝγϦςʔλʔͱͯ͠ͷۀߦͬ ͍ͯΔɻ ඇΤϯδχΞͳ͕Βɺࣗͷಘҙ(ιϑτεΩϧ)Λϑϧ׆༻͠ɺνʔϜϏϧσΟϯ άɺϑΝγϦςʔγϣϯɺςετϓϩδΣΫτϚωʔδϝϯτɺϦʔμʔۀͳͲΛߦ ͍ɻແཧཧITۀքʹίϛοτͯ͠11ɻ 1ࣇͷɻझຯDJɻ
TODAY’S MENU • 11ؒɺϝʔϧͷςετΛߦ͖ͬͯͨาΈ • าΈ͔Βײ͡Δ࣌ͷมԽʢΫϨʔϜ/ϦΫΤετʣ • าΈ͔Βײ͡Δ࣌ͷมԽʢϝʔϧΕʣ • ·ͱΊ
11ؒɺϝʔϧͷςετΛߦ͖ͬͯͨาΈ ϑϦʔλʔ&ֶੜத৺ͷ4.5ਓͷςετνʔϜ 21໊ͷ࣭ཧ෦ आۚ·ΈΕͷශऀͷόΠτΔؾͷͳ͍ձࣾһ ࣗݾ৫Խ͞Εͨ׆ྗʹᷓΕͨϚωʔδϟʔ
ΫΦϦςΟΞͷ࣭ཧ෦ʹ͍ͭͯ 開ൃチーム1 テストチーム1 ςετઃܭɺςετɺҊ݅ཧɺ֎෦ઃܭɺαϙʔτͷαϙʔτɺӡ༻ͷαϙʔτ 11ؒɺϝʔϧͷςετΛߦ͖ͬͯͨาΈ 開ൃチーム2 テストチーム2 1チームあたり5-8名 ओͳۀ༰
0 18.75 37.5 56.25 75 2008 2009 2010 2011 2012
2013 2014 2015 2016 2017 2018 2019 ɹɹ11ؒɺϝʔϧͷςετΛߦ͖ͬͯͨาΈ (2008) ITۀքΛΔ ࣗ༝ʹಇ͚Δ ͷറΓ͕ͳ͍ ऩೖ͕ͦΕͳΓʹೖΔ ࣾһ໊̍ ςελʔ̐.໊̑ ݴΘΕͨ͜ͱΛΔ͚ͩͷ෦ୂ Google Chrome͕ϩʔϯν SaaSͷࢢن͕̍ஹԁ͑ iPhone ຊͰൢച։࢝
0 20 40 60 80 2008 2009 2010 2011 2012
2013 2014 2015 2016 2017 2018 2019 ςετઃܭΛ࢝ΊΔ ΞϧόΠτ͔ΒࣾһʹͳΔྲྀΕ͕࢝ΊΔ 2010ɺΫϥυαʔϏε։࢝ ԋܶΛΊΔɻ ݁ࠗ͢Δɻ ͲΜͲΜϞνϕʔγϣϯ͕Լ͕Δ స৬Λߟ͑࢝ΊΔ ɹ11ؒɺϝʔϧͷςετΛߦ͖ͬͯͨาΈ(2009,2010) Twitter͕ϒʔϜʹͳΔ GsuiteͰGmailͷఏڙ͕։࢝ ػີใ͕૬͍࣍ͰWikiLeaksͰެ։ ใηΩϡϦςΟͷةػҙ͕ࣝߴ·Δ
0 20 40 60 80 2008 2009 2010 2011 2012
2013 2014 2015 2016 2017 2018 2019 ࡂʼస৬ߟ͑͢ ܁Γฦ͠ͷຖʹϯβϦ ϓϥΠϕʔτׂͱॆ࣮ ɺΑ͘Ա͍͑ͯͳ͍ ਓखෆɺ༑ਓΛ̏ਓհ ɹ11ؒɺϝʔϧͷςετΛߦ͖ͬͯͨาΈ(2011,2012) O365 OUTLOOK / Chatwork / LINE͕ϩʔϯν δϣϒεࢮڈ
0 20 40 60 80 2008 2009 2010 2011 2012
2013 2014 2015 2016 2017 2018 2019 ৽ͷاըɺ֎෦ઃܭ ΫϥυαʔϏεͷڥߏஙͳͲ ςετҎ֎ͷۀ͕૿͑ͯ͘Δ QCνʔϜ͕̎ͭʹ͔ΕΔ ࢠڙ͕ੜ·ΕΔ ࣾһʹͳΔϦʔμʔʹͳ͍ͬͯ͘ ਓΛ·ͱΊΔεΩϧΛࣄʹ׆͔ͤΔΑ͏ͳΔ ૬มΘΒͣϞνϕʔγϣϯ͍·· ɹ11ؒɺϝʔϧͷςετΛߦ͖ͬͯͨาΈ(2013,2014) Slack͕ϩʔϯν LINEϢʔβʔɺੈքͰ3ԯਓΛಥഁɻ େྔͷෆਖ਼ϩάΠϯࣄ݅
0 20 40 60 80 2008 2009 2010 2011 2012
2013 2014 2015 2016 2017 2018 2019 ܦӦ౷߹ʼΫΦϦςΟΞʹͳΔ ৽͍͠෩͕ঃʑʹਧ͍ͯ͘Δ ΞϧόΠτθϩʹͳΔ ৽ଔ࠾༻ κʔϯόϒϧظ ே·Ͱࣄ ϑοΫΞοϓ͞ΕΔ Ϧʔμʔۀͷ૿Ճ པΒΕΔ ɹ11ؒɺϝʔϧͷςετΛߦ͖ͬͯͨาΈ(2015,2016,2017) ૯লΑΓɺશࠃͷ1761ͷํ࣏ࣗମʹର͠ ʮใηΩϡϦςΟʔڧਟԽܭըʯ͕ൃྩ اۀͷجװܥγεςϜͷΫϥυԽ͕ຊ֨తʹ
0 25 50 75 100 2008 2009 2010 2011 2012
2013 2014 2015 2016 2017 2018 2019 νʔϜ࠶ฤ ॏͳΔࢼߦࡨޡ ࣗ৴͕ੜ·Εͯ͘Δ ΧΠθϯ ͓ษڧ ධՁΛ͞ΕΔ νʔϜϏϧσΟϯά ֎ग़ Management3.0 ɹ11ؒɺϝʔϧͷςετΛߦ͖ͬͯͨาΈ(2018,2019) γΣΞϦϯάΤίϊϛʔͷαʔϏε͕ຊͰຊ֨Խ ΧΧΦτʔΫɺϝʔϧαʔϏε։࢝ʢЌ൛ʣ Slack͕ϝʔϧͷࢧ͚ͯAstroΛങऩ
11ؒɺϝʔϧͷςετΛߦ͖ͬͯͨาΈ ϑϦʔλʔ&ֶੜத৺ͷ4.5ਓͷςετνʔϜ 21໊ͷ࣭ཧ෦ आۚ·ΈΕͷශऀͷόΠτΔؾͷͳ͍ձࣾһ ࣗݾ৫Խ͞Εͨ׆ྗʹᷓΕͨϚωʔδϟʔ
ɹɹɹาΈ͔Βײ͡Δ࣌ͷมԽʢΫϨʔϜ/ϦΫΤετʣ HTMLϝʔϧૹड৴ͷΫϨʔϜ͕૿Ճ ࡉ͔͍ϦΫΤετ͕དྷͳ͘ͳͬͨ ͔ͯ͠͠ɺ͋Μ·Γͬͯͳ͍ʁ
าΈ͔Βײ͡Δ࣌ͷมԽʢϝʔϧΕʣ
ରऀɿΫΦϦςΟΞࣾһ ճɿ115ਓத82໊ Q1 ϓϥΠϕʔτͰEϝʔϧΛར༻͍ͯ͠·͔͢ʁ Q2 ͲͷΑ͏ͳ༻్ͰEϝʔϧΛར༻͍ͯ͠·͔͢ʁ Q3 EϝʔϧͷϝϦοτΛڭ͍͑ͯͩ͘͞ Q4 EϝʔϧͷσϝϦοτΛڭ͍͑ͯͩ͘͞
าΈ͔Βײ͡Δ࣌ͷมԽʢϝʔϧΕʣ
าΈ͔Βײ͡Δ࣌ͷมԽʢϝʔϧΕʣ 40%͕΄΅ར༻͍ͯ͠ͳ͍ɻ ར༻͍ͯ͠ͳ͍ 4050த৺ 20த৺ ̒̌ˋ͕ར༻͍ͯ͠Δ සൟʹར༻͍ͯ͠Δ ̍̑% ͨ·ʹར༻͍ͯ͠Δ ̐̎%
΄΅ར༻͍ͯ͠ͳ͍ ̎̔% ར༻͍ͯ͠ͳ͍ 15%
ͲͷΑ͏ͳ༻్ͰEϝʔϧΛར༻͍ͯ͠·͔͢ʁ プライベートの中での、フォーマルなやりとり Ҭͷ࣏ࣗձͷΓऔΓɻ ࢠڙͷֶߍ͔Βͷ࿈བྷ ݸਓతࣄͷΓऔΓ(ྫɿࣥචʣ DJɾLIVEͷΦϑΝʔ ϝʔϧҎ֎ʹ࿈བྷखஈ͕ͳ͍૬खͱ Ψϥέʔར༻ͷਓ ͷਓ メールしかやってない⼈ରԠ
ྫྷ੩ʹߟ͑ΔͱIDొͱ͔௨ϝʔϧͱ͔ϝϧϚΨ͔Γɺૹ৴ຆͲ͍ͯ͠ͳ͍ɻ සൟʹૹ৴͍ͯ͠ͳ͍ɺड৴ͷҝʹ͍ͬͯΔͷଟ͍ɻ 受信しかしてない⼈
EϝʔϧͷϝϦοτΛڭ͍͑ͯͩ͘͞ νϟοτͱҧͬͯྲྀΕ͍͔ͯͳ͍͜ͱɻ ͋ͱͰ֬ೝग़དྷΔʢνϟοτྲྀΕͯ͠·͏ʣ ৼΓ͚͕Ͱ͖Δ ଞࣾΛհ͞ͳ͍ϝοηʔδϯάͰ།ҰɺҰൠʹීٴ͍ͯ͠Δ ର֎తͳϏδωεͰͷίϛϡχέʔγϣϯπʔϧe-mail Ѽઌͷઃఆ͕ॊೈʹߦ͑Δʢ୯ൃɺෳɺCcɺBccͳͲʣ هͱͯ͠Γ͍͢ɺޙʑݕࡧ͍͢͠ɻ ཤྺͷݕࡧ͕ʢൺֱతʣ͍͢͠ チャットと違って整理できるし情報流れないよ系
ݕ索しやすいよ系 Slackの告に物申す系 EϝʔϧͷϝϦοτͱ͍͏࣭ʹରͯ͠ɺνϟοτSNSͳ ͲͷϝοηʔδαʔϏεʹର͢ΔϝϦοτ͕΄ͱΜͲͩͬͨ
EϝʔϧͷσϝϦοτΛڭ͍͑ͯͩ͘͞ ͨ͘͞ΜདྷΔͱॏཁͳͷ͕ຒΕΔ͋ͱͰ֬ೝग़དྷΔ ৼΓ͚͕໘ɺLINEͳΒͦͷਓͱͷΓऔΓΛ͙͢ʹ֬ೝͰ͖Δɻ ϑΥʔϚϧա͗Δ Τνέοτ͕͏Δ͍͞ ϝʔϧͷॻ͖ํͱ͔໘͍͘͞ ηΩϡϦςΟϦεΫ͕ଘࡏɻ SPAM͕͘Δ ΞυϨεͷྲྀग़͢͠͞ʹΑΔ໎ϝʔϧͷଟൃɻ メールは整理が⾯倒、情報が埋もれる系
セキュリティリスク系 マナー系 ΈΜͳϝʔϧͰ൧৯ͬͯΔͤ͘ʹѱޱଟ͗͢ɻ εϐʔυײ͕ͳ͍ɻ Ϩεϙϯε͕ѱ͍ɻ ૹड৴͕͍ ใͷΞΫηε͕໘ スピード系
NAGARERU VS UMORERU νϟοτ(Slack)ྲྀΕΔ ϝʔϧຒΕΔ ྲྀΕΔΜ͡Όͳͯ͘ྲྀ͍ͯ͠Δ͚ͩͰ͢Α ຒΕΔΜ͡Όͳͯ͘ຒΕͳ͍Α ͏ʹ͢Δͷ͕ࣾձਓͷϚφʔͩ ͲͬͪͲͬͪͰ͢Αɻ ྲྀΕͳ͍Α͏ʹͯ͠ɺຒΕͳ͍Α͏ʹ͠·͠ΐ͏
·ͱΊ าΈ͔Βײ͡Δ࣌ͷมԽʢϝʔϧΕʣ ϝʔϧΛݏ͏ਓɺϝʔϧʹͩ͜ΘΔਓͷओு͕ɺͲͬͪͲͬͪͩͬͨɻ ϝʔϧͷ༻༻్Ϗδωε໘Ҏ֎࣮֬ʹมΘ͖͍ͬͯͯΔɻ SlackLINEͱͦΜͳʹൺֱ͢Δ͖Ͱͳ͍ͷͰʁ ʢʑͷίϛχϡέʔγϣϯΛ౪ΒΕ͚ͨͩʣ ͜ͷΞϯέʔτ݁ՌΛੳ͍͚ͯ͠ɺΑΓྑ͍ϝʔϥʔ͕࡞Εͦ͏ɻ
·ͱΊ̎ าΈ͔Βײ͡Δ࣌ͷมԽʢϝʔϧΕʣ ʑͷίϛχϡέʔγϣϯҎ֎ΛڧԽɻ ʑͷίϛχϡέʔγϣϯͱϝʔϧΛͭͳ͙ ෳࡶʹͳΓա͍͗ͯΔͷͰɺՄೳͳݶΓγϯϓϧʹ͍ͯ͘͠
͓·͚
ϝʔϧ/ηΩϡϦςΟۀքͷߴྸԽ
DONEC QUIS NUNC
None
ϝʔϧɺਆ༫ɺςΫϊͷڞ௨ ָ͕ࣗͨͪ͠Έա͗ͯɺएखΛஔ͍͖ͯ΅Γʹ͖͍ͯͨ͠ɻ एखҭͷϓϥΠΦϦςΟ͕ա͗ͨ ੲ͔Γ͍ͯ͠Δ
·ͱΊ • ϝʔϧ/ηΩϡϦςΟʔۀքɺ͓ݎ͍ۀք͕ͩɺதॊೈɻ ͓ݎ͍͔Βͦ͜ɺॊೈͳͷ͔Εͳ͍ ָ͠͞ࣄͷΓ͕͍ΛͬͱएऀʹΞϐʔϧ͍͖ͯ͘͠ ɾϝʔϧແ͘ͳΒͳ͍ΑɻωΨςΟϒΊ·͠ΐ͏
PLAY WORK
ͭͳ͕Γ·͠ΐ͏ Masakazu Yoshikawa https://www.facebook.com/ masakazu.yoshikawa.7 QUALITIA FACEBOOK PAGE https://www.facebook.com/QualitiaCo QUALITIA
Twitter https://twitter.com/QUALITIA_Co QUALITIA Twitter(ٕज़ใܥ) https://twitter.com/qualitia_cdev
࣭ίʔφʔ