Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Intro to Cybersecurity Workshop

John Downey
July 24, 2017
Technology
0
120

Intro to Cybersecurity Workshop

John Downey

July 24, 2017
Tweet

More Decks by John Downey

See All by John Downey
Cryptography Pitfalls at CactusCon 2019
jtdowney
0
150
Cryptography Pitfalls at BsidesMSP 2017
jtdowney
0
160
Cryptography Pitfalls at THOTCON 0x8
jtdowney
0
160
Cryptography Pitfalls at ConFoo Montreal 2017
jtdowney
1
340
Cryptography Pitfalls at BSidesPhilly 2016
jtdowney
0
140
Cryptography Pitfalls at LASCON 2016
jtdowney
0
190
Debugging TLS/SSL at DevOps Days Detroit 2016
jtdowney
1
220
Debugging TLS/SSL at DevOpsDays Boston
jtdowney
1
310
Cryptography Pitfalls at Abstractions
jtdowney
0
90

Other Decks in Technology

See All in Technology
1等無人航空機操縦士一発試験 合格までの道のり ドローンミートアップ@大阪 2024/12/18
excdinc
0
150
組織に自動テストを書く文化を根付かせる戦略(2024冬版) / Building Automated Test Culture 2024 Winter Edition
twada
PRO
12
3.4k
AWS re:Invent 2024 ふりかえり
kongmingstrap
0
130
ブラックフライデーで購入したPixel9で、Gemini Nanoを動かしてみた
marchin1989
1
520
Snowflake女子会#3 Snowpipeの良さを5分で語るよ
lana2548
0
220
20241214_WACATE2024冬_テスト設計技法をチョット俯瞰してみよう
kzsuzuki
3
440
成果を出しながら成長する、アウトプット駆動のキャッチアップ術 / Output-driven catch-up techniques to grow while producing results
aiandrox
0
180
開発生産性向上! 育成を「改善」と捉えるエンジニア育成戦略
shoota
1
230
非機能品質を作り込むための実践アーキテクチャ
knih
3
720
生成AIをより賢く エンジニアのための RAG入門 - Oracle AI Jam Session #20
kutsushitaneko
4
210
社外コミュニティで学び社内に活かす共に学ぶプロジェクトの実践/backlogworld2024
nishiuma
0
250
Oracle Cloud Infrastructure:2024年12月度サービス・アップデート
oracle4engineer
PRO
0
160

Featured

See All Featured
Adopting Sorbet at Scale
ufuk
73
9.1k
The Invisible Side of Design
smashingmag
298
50k
How to Ace a Technical Interview
jacobian
276
23k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
47
5.1k
Measuring & Analyzing Core Web Vitals
bluesmoon
4
170
Embracing the Ebb and Flow
colly
84
4.5k
Building Applications with DynamoDB
mza
91
6.1k
Scaling GitHub
holman
458
140k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
29
2k
Side Projects
sachag
452
42k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
28
9.1k
Java REST API Framework Comparison - PWX 2021
mraible
PRO
28
8.3k

Transcript

  1. Intro to Cybersecurity John Downey | @jtdowney http://bit.ly/2tTOeu1 1

  2. Intro to Cybersecurity Information Security John Downey | @jtdowney http://bit.ly/2tTOeu1

    2

  3. whoami 4 John Downey 4 Security Lead at Braintree 4

    All self taught 4 No certifications http://bit.ly/2tTOeu1 3

  4. Managing Risk Risk = Liklihood × Impact http://bit.ly/2tTOeu1 4

  5. Likelihood http://bit.ly/2tTOeu1 5

  6. Threat Actors 4 Skill 4 Motive 4 Opportunity 4 Organization

    http://bit.ly/2tTOeu1 6

  7. Vulnerability 4 Ease of discovery 4 Ease of exploitation 4

    Awareness 4 Zero day http://bit.ly/2tTOeu1 7

  8. Impact http://bit.ly/2tTOeu1 8

  9. Technical Loss 4 Confidentiality 4 Integrity 4 Availability http://bit.ly/2tTOeu1 9

  10. Damages 4 Financial 4 Reputation 4 Leadership Change http://bit.ly/2tTOeu1 10

  11. Mitigation Approach http://bit.ly/2tTOeu1 11

  12. Prevention 4 Segmentation 4 Access control lists 4 Training 4

    Testing 4 Governance http://bit.ly/2tTOeu1 12

  13. Detection 4 Scanning 4 Intrusion detection systems 4 File integrity

    monitoring 4 Antivirus http://bit.ly/2tTOeu1 13

  14. Response 4 Incident response plans 4 Security operations center 4

    Digital forensics 4 Active mitigtaion http://bit.ly/2tTOeu1 14

  15. Case Studies http://bit.ly/2tTOeu1 15

  16. Denial of Service http://bit.ly/2tTOeu1 16

  17. http://bit.ly/2tTOeu1 17

  18. http://bit.ly/2tTOeu1 18

  19. Tips 4 Evaluate the risk 4 Maybe have a plan

    for dealing with a DDoS attack http://bit.ly/2tTOeu1 19

  20. Password Reuse http://bit.ly/2tTOeu1 20

  21. http://bit.ly/2tTOeu1 21

  22. http://bit.ly/2tTOeu1 22

  23. Tips 4 Use a password manager 4 Enable two-factor authentication

    everywhere 4 Resources 4 https://haveibeenpwned.com 4 https://opensource.com/article/17/2/password- management http://bit.ly/2tTOeu1 23

  24. Software Patching http://bit.ly/2tTOeu1 24

  25. http://bit.ly/2tTOeu1 25

  26. http://bit.ly/2tTOeu1 26

  27. Tips 4 Turn on automatic updates 4 Don't dismiss or

    ignore updates 4 Keep all devices up to date 4 Help out those who aren't as security savvy http://bit.ly/2tTOeu1 27

  28. Software Bug http://bit.ly/2tTOeu1 28

  29. http://bit.ly/2tTOeu1 29

  30. Tips 4 OWASP - https://www.owasp.org 4 WebGoat - https://github.com/WebGoat/WebGoat 4

    Hacksplaining - https://www.hacksplaining.com http://bit.ly/2tTOeu1 30

  31. Workshop 4 Verizon Data Breach Report - http://vz.to/2qihidi 4 Hacksplaining

    - https://www.hacksplaining.com 4 WebGoat - https://github.com/WebGoat/WebGoat 4 flAWS - http://flaws.cloud http://bit.ly/2tTOeu1 31

  32. Image Credits 4 https://flic.kr/p/bov2cY 4 https://flic.kr/p/aoSXLS 4 https://flic.kr/p/npSVNU 4 https://en.wikipedia.org/wiki/Information_security

    4 https://en.wikipedia.org/wiki/PAVE_PAWS http://bit.ly/2tTOeu1 32