Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Intro to Cybersecurity Workshop

Avatar for John Downey John Downey
July 24, 2017
Technology
0
120

Intro to Cybersecurity Workshop

Avatar for John Downey

John Downey

July 24, 2017
Tweet

More Decks by John Downey

See All by John Downey
Cryptography Pitfalls at CactusCon 2019
Avatar for John Downey jtdowney
0
160
Cryptography Pitfalls at BsidesMSP 2017
Avatar for John Downey jtdowney
0
170
Cryptography Pitfalls at THOTCON 0x8
Avatar for John Downey jtdowney
0
170
Cryptography Pitfalls at ConFoo Montreal 2017
Avatar for John Downey jtdowney
1
340
Cryptography Pitfalls at BSidesPhilly 2016
Avatar for John Downey jtdowney
0
150
Cryptography Pitfalls at LASCON 2016
Avatar for John Downey jtdowney
0
200
Debugging TLS/SSL at DevOps Days Detroit 2016
Avatar for John Downey jtdowney
1
250
Debugging TLS/SSL at DevOpsDays Boston
Avatar for John Downey jtdowney
1
330
Cryptography Pitfalls at Abstractions
Avatar for John Downey jtdowney
0
98

Other Decks in Technology

See All in Technology
Agentic Workflowという選択肢を考える
Avatar for takuya kikuchi tkikuchi1002
1
500
AIのAIによるAIのための出力評価と改善
Avatar for たまねぎ chocoyama
2
550
Witchcraft for Memory
Avatar for pocke pocke
1
310
MySQL5.6から8.4へ 戦いの記録
Avatar for Koji Yoshida kyoshidaxx
1
210
米国国防総省のDevSecOpsライフサイクルをAWSのセキュリティサービスとOSSで実現
Avatar for Shun Yoshie syoshie
2
1.1k
Windows 11 で AWS Documentation MCP Server 接続実践/practical-aws-documentation-mcp-server-connection-on-windows-11
Avatar for emi emiki
0
960
Claude Code Actionを使ったコード品質改善の取り組み
Avatar for Katsunori Kanda potix2
PRO
6
2.2k
急成長を支える基盤作り〜地道な改善からコツコツと〜 #cre_meetup
Avatar for すてにゃん stefafafan
0
120
低レイヤを知りたいPHPerのためのCコンパイラ作成入門 完全版 / Building a C Compiler for PHPers Who Want to Dive into Low-Level Programming - Expanded
Avatar for HASEGAWA Tomoki tomzoh
4
3.2k
生成AIでwebアプリケーションを作ってみた
Avatar for tajimon tajimon
2
150
TechLION vol.41~MySQLユーザ会のほうから来ました / techlion41_mysql
Avatar for sakaik sakaik
0
180
How Community Opened Global Doors
Avatar for hiroramos hiroramos4
PRO
1
120

Featured

See All Featured
Designing for humans not robots
Avatar for Tammie Lister tammielis
253
25k
Become a Pro
Avatar for Speaker Deck speakerdeck
PRO
28
5.4k
Imperfection Machines: The Place of Print at Facebook
Avatar for Scott Boms scottboms
267
13k
Into the Great Unknown - MozCon
Avatar for Noah Learner thekraken
39
1.9k
The Power of CSS Pseudo Elements
Avatar for Geoffrey Crofte geoffreycrofte
77
5.8k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
Avatar for soudai sone soudai
PRO
181
53k
Code Review Best Practice
Avatar for Trisha Gee trishagee
68
18k
The Invisible Side of Design
Avatar for Vitaly Friedman smashingmag
299
51k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
Avatar for Tammy Everts tammyeverts
5
210
Java REST API Framework Comparison - PWX 2021
Avatar for Matt Raible mraible
31
8.6k
Optimising Largest Contentful Paint
Avatar for Harry Roberts csswizardry
37
3.3k
Git: the NoSQL Database
Avatar for Brandon Keepers bkeepers
PRO
430
65k

Transcript

  1. Intro to Cybersecurity John Downey | @jtdowney http://bit.ly/2tTOeu1 1

  2. Intro to Cybersecurity Information Security John Downey | @jtdowney http://bit.ly/2tTOeu1

    2

  3. whoami 4 John Downey 4 Security Lead at Braintree 4

    All self taught 4 No certifications http://bit.ly/2tTOeu1 3

  4. Managing Risk Risk = Liklihood × Impact http://bit.ly/2tTOeu1 4

  5. Likelihood http://bit.ly/2tTOeu1 5

  6. Threat Actors 4 Skill 4 Motive 4 Opportunity 4 Organization

    http://bit.ly/2tTOeu1 6

  7. Vulnerability 4 Ease of discovery 4 Ease of exploitation 4

    Awareness 4 Zero day http://bit.ly/2tTOeu1 7

  8. Impact http://bit.ly/2tTOeu1 8

  9. Technical Loss 4 Confidentiality 4 Integrity 4 Availability http://bit.ly/2tTOeu1 9

  10. Damages 4 Financial 4 Reputation 4 Leadership Change http://bit.ly/2tTOeu1 10

  11. Mitigation Approach http://bit.ly/2tTOeu1 11

  12. Prevention 4 Segmentation 4 Access control lists 4 Training 4

    Testing 4 Governance http://bit.ly/2tTOeu1 12

  13. Detection 4 Scanning 4 Intrusion detection systems 4 File integrity

    monitoring 4 Antivirus http://bit.ly/2tTOeu1 13

  14. Response 4 Incident response plans 4 Security operations center 4

    Digital forensics 4 Active mitigtaion http://bit.ly/2tTOeu1 14

  15. Case Studies http://bit.ly/2tTOeu1 15

  16. Denial of Service http://bit.ly/2tTOeu1 16

  17. http://bit.ly/2tTOeu1 17

  18. http://bit.ly/2tTOeu1 18

  19. Tips 4 Evaluate the risk 4 Maybe have a plan

    for dealing with a DDoS attack http://bit.ly/2tTOeu1 19

  20. Password Reuse http://bit.ly/2tTOeu1 20

  21. http://bit.ly/2tTOeu1 21

  22. http://bit.ly/2tTOeu1 22

  23. Tips 4 Use a password manager 4 Enable two-factor authentication

    everywhere 4 Resources 4 https://haveibeenpwned.com 4 https://opensource.com/article/17/2/password- management http://bit.ly/2tTOeu1 23

  24. Software Patching http://bit.ly/2tTOeu1 24

  25. http://bit.ly/2tTOeu1 25

  26. http://bit.ly/2tTOeu1 26

  27. Tips 4 Turn on automatic updates 4 Don't dismiss or

    ignore updates 4 Keep all devices up to date 4 Help out those who aren't as security savvy http://bit.ly/2tTOeu1 27

  28. Software Bug http://bit.ly/2tTOeu1 28

  29. http://bit.ly/2tTOeu1 29

  30. Tips 4 OWASP - https://www.owasp.org 4 WebGoat - https://github.com/WebGoat/WebGoat 4

    Hacksplaining - https://www.hacksplaining.com http://bit.ly/2tTOeu1 30

  31. Workshop 4 Verizon Data Breach Report - http://vz.to/2qihidi 4 Hacksplaining

    - https://www.hacksplaining.com 4 WebGoat - https://github.com/WebGoat/WebGoat 4 flAWS - http://flaws.cloud http://bit.ly/2tTOeu1 31

  32. Image Credits 4 https://flic.kr/p/bov2cY 4 https://flic.kr/p/aoSXLS 4 https://flic.kr/p/npSVNU 4 https://en.wikipedia.org/wiki/Information_security

    4 https://en.wikipedia.org/wiki/PAVE_PAWS http://bit.ly/2tTOeu1 32