Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Intro to Cybersecurity Workshop

Avatar for John Downey John Downey
July 24, 2017
Technology
0
120

Intro to Cybersecurity Workshop

Avatar for John Downey

John Downey

July 24, 2017
Tweet

More Decks by John Downey

See All by John Downey
Cryptography Pitfalls at CactusCon 2019
Avatar for John Downey jtdowney
0
160
Cryptography Pitfalls at BsidesMSP 2017
Avatar for John Downey jtdowney
0
170
Cryptography Pitfalls at THOTCON 0x8
Avatar for John Downey jtdowney
0
170
Cryptography Pitfalls at ConFoo Montreal 2017
Avatar for John Downey jtdowney
1
340
Cryptography Pitfalls at BSidesPhilly 2016
Avatar for John Downey jtdowney
0
150
Cryptography Pitfalls at LASCON 2016
Avatar for John Downey jtdowney
0
200
Debugging TLS/SSL at DevOps Days Detroit 2016
Avatar for John Downey jtdowney
1
250
Debugging TLS/SSL at DevOpsDays Boston
Avatar for John Downey jtdowney
1
340
Cryptography Pitfalls at Abstractions
Avatar for John Downey jtdowney
0
100

Other Decks in Technology

See All in Technology
【Λ(らむだ)】最近のアプデ情報 / RPALT20250729
Avatar for Λ lambda
0
230
Segment Anything Modelの最新動向:SAM2とその発展系
Avatar for TakatoYoshikawa tenten0727
0
470
「Roblox」の開発環境とその効率化 ~DAU9700万人超の巨大プラットフォームの開発 事始め~
Avatar for Keita Tanji keitatanji
0
110
ビジネス文書に特化した基盤モデル開発 / SaaSxML_Session_2
Avatar for Sansan R&D sansan_randd
0
260
反脆弱性(アンチフラジャイル)とデータ基盤構築
Avatar for CUEBiC Inc. cuebic9bic
3
170
AIに目を奪われすぎて、周りの困っている人間が見えなくなっていませんか?
Avatar for an cap120
1
430
LLMで構造化出力の成功率をグンと上げる方法
Avatar for Keisuke Takiguchi keisuketakiguchi
0
500
Findy Freelance 利用シーン別AI活用例
Avatar for nesskazu ness
0
310
Perlアプリケーションで トレースを実装するまでの 工夫と苦労話
Avatar for masayoshi masayoshi
1
410
LLM 機能を支える Langfuse / ClickHouse のサーバレス化
Avatar for yuu26 yuu26
5
480
Claude Codeから我々が学ぶべきこと
Avatar for Oikon s4yuba
9
2.2k
✨敗北解法コレクション✨〜Expertだった頃に足りなかった知識と技術〜
Avatar for nanachi nanachi
1
550

Featured

See All Featured
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
Avatar for Vitaly Friedman smashingmag
251
21k
The Success of Rails: Ensuring Growth for the Next 100 Years
Avatar for Eileen M. Uchitelle eileencodes
46
7.5k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
Avatar for panda_program panda_program
110
19k
Statistics for Hackers
Avatar for Jake VanderPlas jakevdp
799
220k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
Avatar for Joe Casabona jcasabona
33
2.4k
10 Git Anti Patterns You Should be Aware of
Avatar for Lemi Orhan Ergin lemiorhan
PRO
656
60k
Balancing Empowerment & Direction
Avatar for Lara Hogan lara
1
530
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
Avatar for Eileen M. Uchitelle eileencodes
35
2.5k
Building Adaptive Systems
Avatar for Chris Keathley keathley
43
2.7k
Automating Front-end Workflow
Avatar for Addy Osmani addyosmani
1370
200k
Save Time (by Creating Custom Rails Generators)
Avatar for Garrett Dimon garrettdimon
PRO
31
1.3k
Fight the Zombie Pattern Library - RWD Summit 2016
Avatar for Marcelo Somers marcelosomers
234
17k

Transcript

  1. Intro to Cybersecurity John Downey | @jtdowney http://bit.ly/2tTOeu1 1

  2. Intro to Cybersecurity Information Security John Downey | @jtdowney http://bit.ly/2tTOeu1

    2

  3. whoami 4 John Downey 4 Security Lead at Braintree 4

    All self taught 4 No certifications http://bit.ly/2tTOeu1 3

  4. Managing Risk Risk = Liklihood × Impact http://bit.ly/2tTOeu1 4

  5. Likelihood http://bit.ly/2tTOeu1 5

  6. Threat Actors 4 Skill 4 Motive 4 Opportunity 4 Organization

    http://bit.ly/2tTOeu1 6

  7. Vulnerability 4 Ease of discovery 4 Ease of exploitation 4

    Awareness 4 Zero day http://bit.ly/2tTOeu1 7

  8. Impact http://bit.ly/2tTOeu1 8

  9. Technical Loss 4 Confidentiality 4 Integrity 4 Availability http://bit.ly/2tTOeu1 9

  10. Damages 4 Financial 4 Reputation 4 Leadership Change http://bit.ly/2tTOeu1 10

  11. Mitigation Approach http://bit.ly/2tTOeu1 11

  12. Prevention 4 Segmentation 4 Access control lists 4 Training 4

    Testing 4 Governance http://bit.ly/2tTOeu1 12

  13. Detection 4 Scanning 4 Intrusion detection systems 4 File integrity

    monitoring 4 Antivirus http://bit.ly/2tTOeu1 13

  14. Response 4 Incident response plans 4 Security operations center 4

    Digital forensics 4 Active mitigtaion http://bit.ly/2tTOeu1 14

  15. Case Studies http://bit.ly/2tTOeu1 15

  16. Denial of Service http://bit.ly/2tTOeu1 16

  17. http://bit.ly/2tTOeu1 17

  18. http://bit.ly/2tTOeu1 18

  19. Tips 4 Evaluate the risk 4 Maybe have a plan

    for dealing with a DDoS attack http://bit.ly/2tTOeu1 19

  20. Password Reuse http://bit.ly/2tTOeu1 20

  21. http://bit.ly/2tTOeu1 21

  22. http://bit.ly/2tTOeu1 22

  23. Tips 4 Use a password manager 4 Enable two-factor authentication

    everywhere 4 Resources 4 https://haveibeenpwned.com 4 https://opensource.com/article/17/2/password- management http://bit.ly/2tTOeu1 23

  24. Software Patching http://bit.ly/2tTOeu1 24

  25. http://bit.ly/2tTOeu1 25

  26. http://bit.ly/2tTOeu1 26

  27. Tips 4 Turn on automatic updates 4 Don't dismiss or

    ignore updates 4 Keep all devices up to date 4 Help out those who aren't as security savvy http://bit.ly/2tTOeu1 27

  28. Software Bug http://bit.ly/2tTOeu1 28

  29. http://bit.ly/2tTOeu1 29

  30. Tips 4 OWASP - https://www.owasp.org 4 WebGoat - https://github.com/WebGoat/WebGoat 4

    Hacksplaining - https://www.hacksplaining.com http://bit.ly/2tTOeu1 30

  31. Workshop 4 Verizon Data Breach Report - http://vz.to/2qihidi 4 Hacksplaining

    - https://www.hacksplaining.com 4 WebGoat - https://github.com/WebGoat/WebGoat 4 flAWS - http://flaws.cloud http://bit.ly/2tTOeu1 31

  32. Image Credits 4 https://flic.kr/p/bov2cY 4 https://flic.kr/p/aoSXLS 4 https://flic.kr/p/npSVNU 4 https://en.wikipedia.org/wiki/Information_security

    4 https://en.wikipedia.org/wiki/PAVE_PAWS http://bit.ly/2tTOeu1 32