Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Intro to Cybersecurity Workshop
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
John Downey
July 24, 2017
Technology
0
140
Intro to Cybersecurity Workshop
John Downey
July 24, 2017
Tweet
Share
More Decks by John Downey
See All by John Downey
Cryptography Pitfalls at CactusCon 2019
jtdowney
0
190
Cryptography Pitfalls at BsidesMSP 2017
jtdowney
0
190
Cryptography Pitfalls at THOTCON 0x8
jtdowney
0
200
Cryptography Pitfalls at ConFoo Montreal 2017
jtdowney
1
360
Cryptography Pitfalls at BSidesPhilly 2016
jtdowney
0
160
Cryptography Pitfalls at LASCON 2016
jtdowney
0
210
Debugging TLS/SSL at DevOps Days Detroit 2016
jtdowney
1
270
Debugging TLS/SSL at DevOpsDays Boston
jtdowney
1
360
Cryptography Pitfalls at Abstractions
jtdowney
0
120
Other Decks in Technology
See All in Technology
Cosmos World Foundation Model Platform for Physical AI
takmin
0
890
All About Sansan – for New Global Engineers
sansan33
PRO
1
1.3k
顧客との商談議事録をみんなで読んで顧客解像度を上げよう
shibayu36
0
240
15 years with Rails and DDD (AI Edition)
andrzejkrzywda
0
190
ClickHouseはどのように大規模データを活用したAIエージェントを全社展開しているのか
mikimatsumoto
0
230
AzureでのIaC - Bicep? Terraform? それ早く言ってよ会議
torumakabe
1
560
ZOZOにおけるAI活用の現在 ~開発組織全体での取り組みと試行錯誤~
zozotech
PRO
5
5.5k
【Oracle Cloud ウェビナー】[Oracle AI Database + AWS] Oracle Database@AWSで広がるクラウドの新たな選択肢とAI時代のデータ戦略
oracle4engineer
PRO
2
150
Webhook best practices for rock solid and resilient deployments
glaforge
1
290
変化するコーディングエージェントとの現実的な付き合い方 〜Cursor安定択説と、ツールに依存しない「資産」〜
empitsu
4
1.4k
2026年、サーバーレスの現在地 -「制約と戦う技術」から「当たり前の実行基盤」へ- /serverless2026
slsops
2
250
茨城の思い出を振り返る ~CDKのセキュリティを添えて~ / 20260201 Mitsutoshi Matsuo
shift_evolve
PRO
1
280
Featured
See All Featured
Designing for humans not robots
tammielis
254
26k
Avoiding the “Bad Training, Faster” Trap in the Age of AI
tmiket
0
76
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
10
1.1k
DevOps and Value Stream Thinking: Enabling flow, efficiency and business value
helenjbeal
1
94
WCS-LA-2024
lcolladotor
0
450
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
31
3.1k
GraphQLの誤解/rethinking-graphql
sonatard
74
11k
The SEO Collaboration Effect
kristinabergwall1
0
350
Game over? The fight for quality and originality in the time of robots
wayneb77
1
120
Art, The Web, and Tiny UX
lynnandtonic
304
21k
Leadership Guide Workshop - DevTernity 2021
reverentgeek
1
200
Between Models and Reality
mayunak
1
190
Transcript
Intro to Cybersecurity John Downey | @jtdowney http://bit.ly/2tTOeu1 1
Intro to Cybersecurity Information Security John Downey | @jtdowney http://bit.ly/2tTOeu1
2
whoami 4 John Downey 4 Security Lead at Braintree 4
All self taught 4 No certifications http://bit.ly/2tTOeu1 3
Managing Risk Risk = Liklihood × Impact http://bit.ly/2tTOeu1 4
Likelihood http://bit.ly/2tTOeu1 5
Threat Actors 4 Skill 4 Motive 4 Opportunity 4 Organization
http://bit.ly/2tTOeu1 6
Vulnerability 4 Ease of discovery 4 Ease of exploitation 4
Awareness 4 Zero day http://bit.ly/2tTOeu1 7
Impact http://bit.ly/2tTOeu1 8
Technical Loss 4 Confidentiality 4 Integrity 4 Availability http://bit.ly/2tTOeu1 9
Damages 4 Financial 4 Reputation 4 Leadership Change http://bit.ly/2tTOeu1 10
Mitigation Approach http://bit.ly/2tTOeu1 11
Prevention 4 Segmentation 4 Access control lists 4 Training 4
Testing 4 Governance http://bit.ly/2tTOeu1 12
Detection 4 Scanning 4 Intrusion detection systems 4 File integrity
monitoring 4 Antivirus http://bit.ly/2tTOeu1 13
Response 4 Incident response plans 4 Security operations center 4
Digital forensics 4 Active mitigtaion http://bit.ly/2tTOeu1 14
Case Studies http://bit.ly/2tTOeu1 15
Denial of Service http://bit.ly/2tTOeu1 16
http://bit.ly/2tTOeu1 17
http://bit.ly/2tTOeu1 18
Tips 4 Evaluate the risk 4 Maybe have a plan
for dealing with a DDoS attack http://bit.ly/2tTOeu1 19
Password Reuse http://bit.ly/2tTOeu1 20
http://bit.ly/2tTOeu1 21
http://bit.ly/2tTOeu1 22
Tips 4 Use a password manager 4 Enable two-factor authentication
everywhere 4 Resources 4 https://haveibeenpwned.com 4 https://opensource.com/article/17/2/password- management http://bit.ly/2tTOeu1 23
Software Patching http://bit.ly/2tTOeu1 24
http://bit.ly/2tTOeu1 25
http://bit.ly/2tTOeu1 26
Tips 4 Turn on automatic updates 4 Don't dismiss or
ignore updates 4 Keep all devices up to date 4 Help out those who aren't as security savvy http://bit.ly/2tTOeu1 27
Software Bug http://bit.ly/2tTOeu1 28
http://bit.ly/2tTOeu1 29
Tips 4 OWASP - https://www.owasp.org 4 WebGoat - https://github.com/WebGoat/WebGoat 4
Hacksplaining - https://www.hacksplaining.com http://bit.ly/2tTOeu1 30
Workshop 4 Verizon Data Breach Report - http://vz.to/2qihidi 4 Hacksplaining
- https://www.hacksplaining.com 4 WebGoat - https://github.com/WebGoat/WebGoat 4 flAWS - http://flaws.cloud http://bit.ly/2tTOeu1 31
Image Credits 4 https://flic.kr/p/bov2cY 4 https://flic.kr/p/aoSXLS 4 https://flic.kr/p/npSVNU 4 https://en.wikipedia.org/wiki/Information_security
4 https://en.wikipedia.org/wiki/PAVE_PAWS http://bit.ly/2tTOeu1 32
jtdowney
takmin
sansan33
shibayu36
andrzejkrzywda
mikimatsumoto
torumakabe
zozotech
oracle4engineer
glaforge
empitsu
slsops
shift_evolve
tammielis
tmiket
addyosmani
.png){kind=avatar}
helenjbeal
lcolladotor
danielanewman
sonatard
kristinabergwall1
wayneb77
lynnandtonic
reverentgeek
mayunak
