Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Intro to Cybersecurity Workshop

58376779023f009fc13d160bb3e82515?s=47 John Downey
July 24, 2017
Technology
0
100

Intro to Cybersecurity Workshop

58376779023f009fc13d160bb3e82515?s=128

John Downey

July 24, 2017
Tweet

More Decks by John Downey

See All by John Downey
Cryptography Pitfalls at CactusCon 2019
58376779023f009fc13d160bb3e82515?s=48 jtdowney
0
79
Cryptography Pitfalls at BsidesMSP 2017
58376779023f009fc13d160bb3e82515?s=48 jtdowney
0
100
Cryptography Pitfalls at THOTCON 0x8
58376779023f009fc13d160bb3e82515?s=48 jtdowney
0
150
Cryptography Pitfalls at ConFoo Montreal 2017
58376779023f009fc13d160bb3e82515?s=48 jtdowney
1
230
Cryptography Pitfalls at BSidesPhilly 2016
58376779023f009fc13d160bb3e82515?s=48 jtdowney
0
75
Cryptography Pitfalls at LASCON 2016
58376779023f009fc13d160bb3e82515?s=48 jtdowney
0
110
Debugging TLS/SSL at DevOps Days Detroit 2016
58376779023f009fc13d160bb3e82515?s=48 jtdowney
1
150
Debugging TLS/SSL at DevOpsDays Boston
58376779023f009fc13d160bb3e82515?s=48 jtdowney
1
260
Cryptography Pitfalls at Abstractions
58376779023f009fc13d160bb3e82515?s=48 jtdowney
0
70

Other Decks in Technology

See All in Technology
Settlement simulation testing to ensure correct settlement processing
23e9a5be8e46efd1cf6a07694a047237?s=48 applepine1125
2
1.1k
Sysdig Secure/Falcoの活用術! ~Kubernetes基盤の脅威モデリングとランタイムセキュリティの強化~
41202c03511a51064abb970da0ca9fad?s=48 owlinux1000
0
240
Backlog × RPAでいろいろ捗った話
87470304247051028bed32895e4816cd?s=48 z_tetsu
0
380
EC/CRMの自社サービス開発をマネジメントするようになって1年でやってきたこととこれから / devio2022-takano-sho-road-to-good-development-team-management
Fee058832252e72722b8b03073ff6324?s=48 masaru_b_cl
0
410
Learning to Solve Hard Minimal Problems
2c88806cbaab6024dc95b9a654c99d86?s=48 takmin
1
320
AutoMLを利用した機械学習モデル構築時に意識すること
61c616e83bef28a1cd2666439ebf334b?s=48 sbtechnight
0
160
Cloud Foundryの移行先はどこか? オープンソースPaaS探し
49844569246a6d183a5551bb74895e2a?s=48 kolinz
0
350
データをコネコネ!メール配信用データ生成の仕組み
Cdb7fe48c050935995f8a6a58a5ceba9?s=48 kappezoro
0
120
Step-by-Step MLOps and Microsoft Products
0fa6038e477031fcca028bab0efe07e3?s=48 shisyu_gaku
1
550
インフラのテストに VPC Reachability Analyzer は外せないという話
3e77f9dbec6a87756d1dbdddab283aee?s=48 nulabinc
PRO
2
710
質の良い”カイゼン”の為の質の良い「振り返り」
Bf7fe621f4fe1615c228ef8a79b87282?s=48 shirayanagiryuji
0
120
A3-1 IBM Championが本音で語る「IBM Cloud」
49844569246a6d183a5551bb74895e2a?s=48 kolinz
0
310

Featured

See All Featured
It's Worth the Effort
Ba530e786553390f3fb271848485681c?s=48 3n
172
26k
Creatively Recalculating Your Daily Design Routine
48c098b6579220a67a6ba949be6e4b5a?s=48 revolveconf
207
10k
Automating Front-end Workflow
96270e4c3e5e9806cf7245475c00b275?s=48 addyosmani
1351
200k
The Illustrated Children's Guide to Kubernetes
0438ae60cde4c7add6f9da48f28c15cc?s=48 chrisshort
18
40k
Music & Morning Musume
A60068bce2e73de3a37ca9d2dbe36092?s=48 bryan
35
4.3k
Infographics Made Easy
282d599b414022eba5096510f675b6e2?s=48 chrislema
233
17k
GitHub's CSS Performance
64827b31aef81498662e8af4bd6d5157?s=48 jonrohan
1020
420k
How New CSS Is Changing Everything About Graphic Design on the Web
D83926c323d4f9289f947b4b4e76b939?s=48 jensimmons
213
11k
Git: the NoSQL Database
20bfe76b3d6105641f879fe45cfc9272?s=48 bkeepers
PRO
415
59k
What the flash - Photography Introduction
5ce91fa49a613cbc3e20d5f96856473f?s=48 edds
62
10k
A better future with KSS
5f2da528927a2ec9ba4fec2069cbc958?s=48 kneath
226
16k
The World Runs on Bad Software
20bfe76b3d6105641f879fe45cfc9272?s=48 bkeepers
PRO
57
5.4k

Transcript

  1. Intro to Cybersecurity John Downey | @jtdowney http://bit.ly/2tTOeu1 1

  2. Intro to Cybersecurity Information Security John Downey | @jtdowney http://bit.ly/2tTOeu1

    2

  3. whoami 4 John Downey 4 Security Lead at Braintree 4

    All self taught 4 No certifications http://bit.ly/2tTOeu1 3

  4. Managing Risk Risk = Liklihood × Impact http://bit.ly/2tTOeu1 4

  5. Likelihood http://bit.ly/2tTOeu1 5

  6. Threat Actors 4 Skill 4 Motive 4 Opportunity 4 Organization

    http://bit.ly/2tTOeu1 6

  7. Vulnerability 4 Ease of discovery 4 Ease of exploitation 4

    Awareness 4 Zero day http://bit.ly/2tTOeu1 7

  8. Impact http://bit.ly/2tTOeu1 8

  9. Technical Loss 4 Confidentiality 4 Integrity 4 Availability http://bit.ly/2tTOeu1 9

  10. Damages 4 Financial 4 Reputation 4 Leadership Change http://bit.ly/2tTOeu1 10

  11. Mitigation Approach http://bit.ly/2tTOeu1 11

  12. Prevention 4 Segmentation 4 Access control lists 4 Training 4

    Testing 4 Governance http://bit.ly/2tTOeu1 12

  13. Detection 4 Scanning 4 Intrusion detection systems 4 File integrity

    monitoring 4 Antivirus http://bit.ly/2tTOeu1 13

  14. Response 4 Incident response plans 4 Security operations center 4

    Digital forensics 4 Active mitigtaion http://bit.ly/2tTOeu1 14

  15. Case Studies http://bit.ly/2tTOeu1 15

  16. Denial of Service http://bit.ly/2tTOeu1 16

  17. http://bit.ly/2tTOeu1 17

  18. http://bit.ly/2tTOeu1 18

  19. Tips 4 Evaluate the risk 4 Maybe have a plan

    for dealing with a DDoS attack http://bit.ly/2tTOeu1 19

  20. Password Reuse http://bit.ly/2tTOeu1 20

  21. http://bit.ly/2tTOeu1 21

  22. http://bit.ly/2tTOeu1 22

  23. Tips 4 Use a password manager 4 Enable two-factor authentication

    everywhere 4 Resources 4 https://haveibeenpwned.com 4 https://opensource.com/article/17/2/password- management http://bit.ly/2tTOeu1 23

  24. Software Patching http://bit.ly/2tTOeu1 24

  25. http://bit.ly/2tTOeu1 25

  26. http://bit.ly/2tTOeu1 26

  27. Tips 4 Turn on automatic updates 4 Don't dismiss or

    ignore updates 4 Keep all devices up to date 4 Help out those who aren't as security savvy http://bit.ly/2tTOeu1 27

  28. Software Bug http://bit.ly/2tTOeu1 28

  29. http://bit.ly/2tTOeu1 29

  30. Tips 4 OWASP - https://www.owasp.org 4 WebGoat - https://github.com/WebGoat/WebGoat 4

    Hacksplaining - https://www.hacksplaining.com http://bit.ly/2tTOeu1 30

  31. Workshop 4 Verizon Data Breach Report - http://vz.to/2qihidi 4 Hacksplaining

    - https://www.hacksplaining.com 4 WebGoat - https://github.com/WebGoat/WebGoat 4 flAWS - http://flaws.cloud http://bit.ly/2tTOeu1 31

  32. Image Credits 4 https://flic.kr/p/bov2cY 4 https://flic.kr/p/aoSXLS 4 https://flic.kr/p/npSVNU 4 https://en.wikipedia.org/wiki/Information_security

    4 https://en.wikipedia.org/wiki/PAVE_PAWS http://bit.ly/2tTOeu1 32