Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Intro to Cybersecurity Workshop

Avatar for John Downey John Downey
July 24, 2017
Technology
0
120

Intro to Cybersecurity Workshop

Avatar for John Downey

John Downey

July 24, 2017
Tweet

More Decks by John Downey

See All by John Downey
Cryptography Pitfalls at CactusCon 2019
Avatar for John Downey jtdowney
0
160
Cryptography Pitfalls at BsidesMSP 2017
Avatar for John Downey jtdowney
0
170
Cryptography Pitfalls at THOTCON 0x8
Avatar for John Downey jtdowney
0
170
Cryptography Pitfalls at ConFoo Montreal 2017
Avatar for John Downey jtdowney
1
340
Cryptography Pitfalls at BSidesPhilly 2016
Avatar for John Downey jtdowney
0
150
Cryptography Pitfalls at LASCON 2016
Avatar for John Downey jtdowney
0
200
Debugging TLS/SSL at DevOps Days Detroit 2016
Avatar for John Downey jtdowney
1
250
Debugging TLS/SSL at DevOpsDays Boston
Avatar for John Downey jtdowney
1
340
Cryptography Pitfalls at Abstractions
Avatar for John Downey jtdowney
0
100

Other Decks in Technology

See All in Technology
Gaze-LLE: Gaze Target Estimation via Large-Scale Learned Encoders
Avatar for Kazuyuki Miyazawa kzykmyzw
0
270
Amazon Bedrock AgentCore でプロモーション用動画生成エージェントを開発する
Avatar for Kiminori Yokoi nasuvitz
6
340
AIは変更差分からユニットテスト_結合テスト_システムテストでテストすべきことが出せるのか?
Avatar for Matsu mineo_matsuya
5
2.9k
広島発!スタートアップ開発の裏側
Avatar for Sankyo Toshio tsankyo
0
130
[CV勉強会@関東 CVPR2025 読み会] MegaSaM: Accurate, Fast, and Robust Structure and Motion from Casual Dynamic Videos (Li+, CVPR2025)
Avatar for abemii_ abemii
0
170
React Server ComponentsでAPI不要の開発体験
Avatar for polidog polidog
PRO
1
360
リモートワークで心掛けていること 〜AI活用編〜
Avatar for naoki85 naoki85
0
200
R-SCoRe: Revisiting Scene Coordinate Regression for Robust Large-Scale Visual Localization
Avatar for Takuya MINAGAWA takmin
0
300
開発と脆弱性と脆弱性診断についての話
Avatar for su3158 su3158
1
800
[CVPR2025論文読み会] Linguistics-aware Masked Image Modeling for Self-supervised Scene Text Recognition
Avatar for So Uchida s_aiueo32
0
190
20250818_KGX・One Hokkaidoコラボイベント
Avatar for tohge05 tohgeyukihiro
0
130
Amazon Inspector コードセキュリティで手軽に実現するシフトレフト
Avatar for mai miya maimyyym
0
150

Featured

See All Featured
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
Avatar for Sam Stephenson sstephenson
161
15k
Practical Tips for Bootstrapping Information Extraction Pipelines
Avatar for Matthew Honnibal honnibal
PRO
23
1.4k
Fight the Zombie Pattern Library - RWD Summit 2016
Avatar for Marcelo Somers marcelosomers
234
17k
How To Stay Up To Date on Web Technology
Avatar for Chris Coyier chriscoyier
790
250k
Unsuck your backbone
Avatar for Amy Palamountain ammeep
671
58k
Building Adaptive Systems
Avatar for Chris Keathley keathley
43
2.7k
Java REST API Framework Comparison - PWX 2021
Avatar for Matt Raible mraible
33
8.8k
GraphQLとの向き合い方2022年版
Avatar for Yosuke Kurami quramy
49
14k
Sharpening the Axe: The Primacy of Toolmaking
Avatar for Bryan Cantrill bcantrill
44
2.4k
Thoughts on Productivity
Avatar for Jon Yablonski jonyablonski
69
4.8k
Stop Working from a Prison Cell
Avatar for Chris Michel hatefulcrawdad
271
21k
Art, The Web, and Tiny UX
Avatar for Lynn Fisher lynnandtonic
302
21k

Transcript

  1. Intro to Cybersecurity John Downey | @jtdowney http://bit.ly/2tTOeu1 1

  2. Intro to Cybersecurity Information Security John Downey | @jtdowney http://bit.ly/2tTOeu1

    2

  3. whoami 4 John Downey 4 Security Lead at Braintree 4

    All self taught 4 No certifications http://bit.ly/2tTOeu1 3

  4. Managing Risk Risk = Liklihood × Impact http://bit.ly/2tTOeu1 4

  5. Likelihood http://bit.ly/2tTOeu1 5

  6. Threat Actors 4 Skill 4 Motive 4 Opportunity 4 Organization

    http://bit.ly/2tTOeu1 6

  7. Vulnerability 4 Ease of discovery 4 Ease of exploitation 4

    Awareness 4 Zero day http://bit.ly/2tTOeu1 7

  8. Impact http://bit.ly/2tTOeu1 8

  9. Technical Loss 4 Confidentiality 4 Integrity 4 Availability http://bit.ly/2tTOeu1 9

  10. Damages 4 Financial 4 Reputation 4 Leadership Change http://bit.ly/2tTOeu1 10

  11. Mitigation Approach http://bit.ly/2tTOeu1 11

  12. Prevention 4 Segmentation 4 Access control lists 4 Training 4

    Testing 4 Governance http://bit.ly/2tTOeu1 12

  13. Detection 4 Scanning 4 Intrusion detection systems 4 File integrity

    monitoring 4 Antivirus http://bit.ly/2tTOeu1 13

  14. Response 4 Incident response plans 4 Security operations center 4

    Digital forensics 4 Active mitigtaion http://bit.ly/2tTOeu1 14

  15. Case Studies http://bit.ly/2tTOeu1 15

  16. Denial of Service http://bit.ly/2tTOeu1 16

  17. http://bit.ly/2tTOeu1 17

  18. http://bit.ly/2tTOeu1 18

  19. Tips 4 Evaluate the risk 4 Maybe have a plan

    for dealing with a DDoS attack http://bit.ly/2tTOeu1 19

  20. Password Reuse http://bit.ly/2tTOeu1 20

  21. http://bit.ly/2tTOeu1 21

  22. http://bit.ly/2tTOeu1 22

  23. Tips 4 Use a password manager 4 Enable two-factor authentication

    everywhere 4 Resources 4 https://haveibeenpwned.com 4 https://opensource.com/article/17/2/password- management http://bit.ly/2tTOeu1 23

  24. Software Patching http://bit.ly/2tTOeu1 24

  25. http://bit.ly/2tTOeu1 25

  26. http://bit.ly/2tTOeu1 26

  27. Tips 4 Turn on automatic updates 4 Don't dismiss or

    ignore updates 4 Keep all devices up to date 4 Help out those who aren't as security savvy http://bit.ly/2tTOeu1 27

  28. Software Bug http://bit.ly/2tTOeu1 28

  29. http://bit.ly/2tTOeu1 29

  30. Tips 4 OWASP - https://www.owasp.org 4 WebGoat - https://github.com/WebGoat/WebGoat 4

    Hacksplaining - https://www.hacksplaining.com http://bit.ly/2tTOeu1 30

  31. Workshop 4 Verizon Data Breach Report - http://vz.to/2qihidi 4 Hacksplaining

    - https://www.hacksplaining.com 4 WebGoat - https://github.com/WebGoat/WebGoat 4 flAWS - http://flaws.cloud http://bit.ly/2tTOeu1 31

  32. Image Credits 4 https://flic.kr/p/bov2cY 4 https://flic.kr/p/aoSXLS 4 https://flic.kr/p/npSVNU 4 https://en.wikipedia.org/wiki/Information_security

    4 https://en.wikipedia.org/wiki/PAVE_PAWS http://bit.ly/2tTOeu1 32