Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Intro to Cybersecurity Workshop
Search
John Downey
July 24, 2017
Technology
0
110
Intro to Cybersecurity Workshop
John Downey
July 24, 2017
Tweet
Share
More Decks by John Downey
See All by John Downey
Cryptography Pitfalls at CactusCon 2019
jtdowney
0
150
Cryptography Pitfalls at BsidesMSP 2017
jtdowney
0
150
Cryptography Pitfalls at THOTCON 0x8
jtdowney
0
160
Cryptography Pitfalls at ConFoo Montreal 2017
jtdowney
1
330
Cryptography Pitfalls at BSidesPhilly 2016
jtdowney
0
140
Cryptography Pitfalls at LASCON 2016
jtdowney
0
190
Debugging TLS/SSL at DevOps Days Detroit 2016
jtdowney
1
210
Debugging TLS/SSL at DevOpsDays Boston
jtdowney
1
290
Cryptography Pitfalls at Abstractions
jtdowney
0
87
Other Decks in Technology
See All in Technology
20240724_cm_odyssey_hibiyatech
hiashisan
0
110
成長期に歩みを止めないための創業期の開発文化形成
mayah
6
420
サービスの持続的な成長と技術負債について
siva_official
PRO
10
4.4k
[I/O Extended Android 2024] What`s new in Android 2024
kyeongwan
0
220
GoとアクターモデルでES+CQRSを実践! / proto_actor_es_cqrs
ytake
1
160
累計ダウンロード数1億8000万を超えるアプリケーションプラットフォームのレガシーシステム脱却とモダン化への道
kmitsuhashi
0
120
[NIKKEI Tech Talk]Bias for Action!! 実践から学ぶための仕組とコミュニティ / Community for Practice and Learning
kanamasa
0
280
さらに高品質・高速化を目指すAI時代のテスト設計支援と、めざす先 / AI Test Lab vol.1
shift_evolve
0
190
What if...? 처음부터 다시 LLM 어플리케이션을 개발한다면
huffon
0
1k
dxd2024-生成AIに振り回された3か月間の成功と失敗/dxd2024-link-and-motivation
lmi
2
260
AWSで”最小権限の原則”を実現するための考え方 /20240722-ssmjp-aws-least-privilege
opelab
10
4.4k
目標設定は好きですか? アジャイルとともに目標と向き合い続ける方法 / Do you like target Management?
kakehashi
10
3k
Featured
See All Featured
How to name files
jennybc
67
96k
Producing Creativity
orderedlist
PRO
340
39k
Fontdeck: Realign not Redesign
paulrobertlloyd
79
5.1k
Product Roadmaps are Hard
iamctodd
PRO
48
10k
Gamification - CAS2011
davidbonilla
78
4.9k
Building a Scalable Design System with Sketch
lauravandoore
458
32k
A Tale of Four Properties
chriscoyier
155
22k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
90
47k
Automating Front-end Workflow
addyosmani
1362
200k
Imperfection Machines: The Place of Print at Facebook
scottboms
262
13k
Designing on Purpose - Digital PM Summit 2013
jponch
113
6.6k
How To Stay Up To Date on Web Technology
chriscoyier
784
250k
Transcript
Intro to Cybersecurity John Downey | @jtdowney http://bit.ly/2tTOeu1 1
Intro to Cybersecurity Information Security John Downey | @jtdowney http://bit.ly/2tTOeu1
2
whoami 4 John Downey 4 Security Lead at Braintree 4
All self taught 4 No certifications http://bit.ly/2tTOeu1 3
Managing Risk Risk = Liklihood × Impact http://bit.ly/2tTOeu1 4
Likelihood http://bit.ly/2tTOeu1 5
Threat Actors 4 Skill 4 Motive 4 Opportunity 4 Organization
http://bit.ly/2tTOeu1 6
Vulnerability 4 Ease of discovery 4 Ease of exploitation 4
Awareness 4 Zero day http://bit.ly/2tTOeu1 7
Impact http://bit.ly/2tTOeu1 8
Technical Loss 4 Confidentiality 4 Integrity 4 Availability http://bit.ly/2tTOeu1 9
Damages 4 Financial 4 Reputation 4 Leadership Change http://bit.ly/2tTOeu1 10
Mitigation Approach http://bit.ly/2tTOeu1 11
Prevention 4 Segmentation 4 Access control lists 4 Training 4
Testing 4 Governance http://bit.ly/2tTOeu1 12
Detection 4 Scanning 4 Intrusion detection systems 4 File integrity
monitoring 4 Antivirus http://bit.ly/2tTOeu1 13
Response 4 Incident response plans 4 Security operations center 4
Digital forensics 4 Active mitigtaion http://bit.ly/2tTOeu1 14
Case Studies http://bit.ly/2tTOeu1 15
Denial of Service http://bit.ly/2tTOeu1 16
http://bit.ly/2tTOeu1 17
http://bit.ly/2tTOeu1 18
Tips 4 Evaluate the risk 4 Maybe have a plan
for dealing with a DDoS attack http://bit.ly/2tTOeu1 19
Password Reuse http://bit.ly/2tTOeu1 20
http://bit.ly/2tTOeu1 21
http://bit.ly/2tTOeu1 22
Tips 4 Use a password manager 4 Enable two-factor authentication
everywhere 4 Resources 4 https://haveibeenpwned.com 4 https://opensource.com/article/17/2/password- management http://bit.ly/2tTOeu1 23
Software Patching http://bit.ly/2tTOeu1 24
http://bit.ly/2tTOeu1 25
http://bit.ly/2tTOeu1 26
Tips 4 Turn on automatic updates 4 Don't dismiss or
ignore updates 4 Keep all devices up to date 4 Help out those who aren't as security savvy http://bit.ly/2tTOeu1 27
Software Bug http://bit.ly/2tTOeu1 28
http://bit.ly/2tTOeu1 29
Tips 4 OWASP - https://www.owasp.org 4 WebGoat - https://github.com/WebGoat/WebGoat 4
Hacksplaining - https://www.hacksplaining.com http://bit.ly/2tTOeu1 30
Workshop 4 Verizon Data Breach Report - http://vz.to/2qihidi 4 Hacksplaining
- https://www.hacksplaining.com 4 WebGoat - https://github.com/WebGoat/WebGoat 4 flAWS - http://flaws.cloud http://bit.ly/2tTOeu1 31
Image Credits 4 https://flic.kr/p/bov2cY 4 https://flic.kr/p/aoSXLS 4 https://flic.kr/p/npSVNU 4 https://en.wikipedia.org/wiki/Information_security
4 https://en.wikipedia.org/wiki/PAVE_PAWS http://bit.ly/2tTOeu1 32