Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Intro to Cybersecurity Workshop
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
John Downey
July 24, 2017
Technology
150
0
Share
Intro to Cybersecurity Workshop
John Downey
July 24, 2017
More Decks by John Downey
See All by John Downey
Cryptography Pitfalls at CactusCon 2019
jtdowney
0
200
Cryptography Pitfalls at BsidesMSP 2017
jtdowney
0
200
Cryptography Pitfalls at THOTCON 0x8
jtdowney
0
210
Cryptography Pitfalls at ConFoo Montreal 2017
jtdowney
1
370
Cryptography Pitfalls at BSidesPhilly 2016
jtdowney
0
160
Cryptography Pitfalls at LASCON 2016
jtdowney
0
220
Debugging TLS/SSL at DevOps Days Detroit 2016
jtdowney
1
290
Debugging TLS/SSL at DevOpsDays Boston
jtdowney
1
370
Cryptography Pitfalls at Abstractions
jtdowney
0
130
Other Decks in Technology
See All in Technology
Hello UUID
mimifuwacc
0
120
AWS DevOps Agent or Kiro の使いどころを考える_20260402
masakiokuda
0
190
ZOZOTOWNリプレイスでのSkills導入までの流れとこれから
zozotech
PRO
4
3k
ふりかえりがなかった職能横断チームにふりかえりを導入してみて学んだこと 〜チームのふりかえりを「みんなで未来を考える場」にするプロローグ設計〜
masahiro1214shimokawa
0
200
AWSで2番目にリリースされたサービスについてお話しします(諸説あります)
yama3133
0
130
遊びで始めたNew Relic MCP、気づいたらChatOpsなオブザーバビリティボットができてました/From New Relic MCP to a ChatOps Observability Bot
aeonpeople
1
190
システムは「動く」だけでは 足りない - 非機能要件・分散システム・トレードオフの基礎
nwiizo
5
1.8k
AIがコードを書く時代の ジェネレーティブプログラミング
polidog
PRO
3
590
Autonomous Database - Dedicated 技術詳細 / adb-d_technical_detail_jp
oracle4engineer
PRO
5
13k
ログ基盤・プラグイン・ダッシュボード、全部整えた。でも最後は人だった。
makikub
5
1.1k
第26回FA設備技術勉強会 - Claude/Claude_codeでデータ分析 -
happysamurai294
0
390
Network Firewall Proxyで 自前プロキシを消し去ることができるのか
gusandayo
0
210
Featured
See All Featured
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
128
55k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
55
3.3k
Marketing to machines
jonoalderson
1
5.1k
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
25
1.8k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
16
1.9k
How GitHub (no longer) Works
holman
316
150k
From Legacy to Launchpad: Building Startup-Ready Communities
dugsong
0
190
Taking LLMs out of the black box: A practical guide to human-in-the-loop distillation
inesmontani
PRO
3
2.1k
Become a Pro
speakerdeck
PRO
31
5.9k
Embracing the Ebb and Flow
colly
88
5k
Building Adaptive Systems
keathley
44
3k
30 Presentation Tips
portentint
PRO
1
270
Transcript
Intro to Cybersecurity John Downey | @jtdowney http://bit.ly/2tTOeu1 1
Intro to Cybersecurity Information Security John Downey | @jtdowney http://bit.ly/2tTOeu1
2
whoami 4 John Downey 4 Security Lead at Braintree 4
All self taught 4 No certifications http://bit.ly/2tTOeu1 3
Managing Risk Risk = Liklihood × Impact http://bit.ly/2tTOeu1 4
Likelihood http://bit.ly/2tTOeu1 5
Threat Actors 4 Skill 4 Motive 4 Opportunity 4 Organization
http://bit.ly/2tTOeu1 6
Vulnerability 4 Ease of discovery 4 Ease of exploitation 4
Awareness 4 Zero day http://bit.ly/2tTOeu1 7
Impact http://bit.ly/2tTOeu1 8
Technical Loss 4 Confidentiality 4 Integrity 4 Availability http://bit.ly/2tTOeu1 9
Damages 4 Financial 4 Reputation 4 Leadership Change http://bit.ly/2tTOeu1 10
Mitigation Approach http://bit.ly/2tTOeu1 11
Prevention 4 Segmentation 4 Access control lists 4 Training 4
Testing 4 Governance http://bit.ly/2tTOeu1 12
Detection 4 Scanning 4 Intrusion detection systems 4 File integrity
monitoring 4 Antivirus http://bit.ly/2tTOeu1 13
Response 4 Incident response plans 4 Security operations center 4
Digital forensics 4 Active mitigtaion http://bit.ly/2tTOeu1 14
Case Studies http://bit.ly/2tTOeu1 15
Denial of Service http://bit.ly/2tTOeu1 16
http://bit.ly/2tTOeu1 17
http://bit.ly/2tTOeu1 18
Tips 4 Evaluate the risk 4 Maybe have a plan
for dealing with a DDoS attack http://bit.ly/2tTOeu1 19
Password Reuse http://bit.ly/2tTOeu1 20
http://bit.ly/2tTOeu1 21
http://bit.ly/2tTOeu1 22
Tips 4 Use a password manager 4 Enable two-factor authentication
everywhere 4 Resources 4 https://haveibeenpwned.com 4 https://opensource.com/article/17/2/password- management http://bit.ly/2tTOeu1 23
Software Patching http://bit.ly/2tTOeu1 24
http://bit.ly/2tTOeu1 25
http://bit.ly/2tTOeu1 26
Tips 4 Turn on automatic updates 4 Don't dismiss or
ignore updates 4 Keep all devices up to date 4 Help out those who aren't as security savvy http://bit.ly/2tTOeu1 27
Software Bug http://bit.ly/2tTOeu1 28
http://bit.ly/2tTOeu1 29
Tips 4 OWASP - https://www.owasp.org 4 WebGoat - https://github.com/WebGoat/WebGoat 4
Hacksplaining - https://www.hacksplaining.com http://bit.ly/2tTOeu1 30
Workshop 4 Verizon Data Breach Report - http://vz.to/2qihidi 4 Hacksplaining
- https://www.hacksplaining.com 4 WebGoat - https://github.com/WebGoat/WebGoat 4 flAWS - http://flaws.cloud http://bit.ly/2tTOeu1 31
Image Credits 4 https://flic.kr/p/bov2cY 4 https://flic.kr/p/aoSXLS 4 https://flic.kr/p/npSVNU 4 https://en.wikipedia.org/wiki/Information_security
4 https://en.wikipedia.org/wiki/PAVE_PAWS http://bit.ly/2tTOeu1 32
jtdowney
mimifuwacc
masakiokuda
zozotech
masahiro1214shimokawa
yama3133
aeonpeople
nwiizo
polidog
oracle4engineer
makikub
happysamurai294
gusandayo
aki_iinuma
tammyeverts
jonoalderson
honnibal
reverentgeek
holman
dugsong
inesmontani
speakerdeck
colly
keathley
portentint
