Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Intro to Cybersecurity Workshop
Search
John Downey
July 24, 2017
Technology
160
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Intro to Cybersecurity Workshop
John Downey
July 24, 2017
More Decks by John Downey
See All by John Downey
Cryptography Pitfalls at CactusCon 2019
jtdowney
0
200
Cryptography Pitfalls at BsidesMSP 2017
jtdowney
0
210
Cryptography Pitfalls at THOTCON 0x8
jtdowney
0
220
Cryptography Pitfalls at ConFoo Montreal 2017
jtdowney
1
380
Cryptography Pitfalls at BSidesPhilly 2016
jtdowney
0
170
Cryptography Pitfalls at LASCON 2016
jtdowney
0
230
Debugging TLS/SSL at DevOps Days Detroit 2016
jtdowney
1
300
Debugging TLS/SSL at DevOpsDays Boston
jtdowney
1
380
Cryptography Pitfalls at Abstractions
jtdowney
0
140
Other Decks in Technology
See All in Technology
Multi-Agent並列開発を 安全に回すための技術 / Technology for Safely Multi-Agent Parallel Development
tooppoo
0
170
Lightning近況報告
kozy4324
0
220
事業会社における 機械学習・推薦システム技術の活用事例と必要な能力 / ml-recsys-in-layerx-wantedly-2026
yuya4
0
160
AIはどのように 組織のアジリティを変えるのか?
junki
4
1.4k
AI時代のコスト管理を考えよう〜明日から使える実践AWSノウハウ~
yoshimi0227
0
860
從開發到部署全都交給 AI:實作 AI 驅動的自動化流程
appleboy
0
160
AIに障害切り分けを全部やってもらった。 。 。 。
estie
0
140
AI-DLCを “そのまま導入しなかった”話 ~組織に合わせてアジャストした 私たちの実践共有~
hiroramos4
PRO
1
430
スタートアップにAmazon EKSは早すぎる? マルチプロダクト戦略を加速する Platform Engineeringの実践 / Is Amazon EKS Too Soon for Startups? Practical Platform Engineering to Accelerate a Multi-Product Strategy
elmodev09
1
1.8k
フィジカル版Github Onshapeの紹介
shiba_8ro
0
320
飲食店もAIで。レジ締めやハンディシステムをつくってる話 / Using AI for restaurant management
vtryo
0
170
FPGAの開発コンペでZephyrを使ってみた
iotengineer22
0
200
Featured
See All Featured
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
162
16k
Reflections from 52 weeks, 52 projects
jeffersonlam
356
21k
Organizational Design Perspectives: An Ontology of Organizational Design Elements
kimpetersen
PRO
1
750
Darren the Foodie - Storyboard
khoart
PRO
3
3.4k
The State of eCommerce SEO: How to Win in Today's Products SERPs - #SEOweek
aleyda
2
11k
A better future with KSS
kneath
240
18k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
38
2.9k
A Modern Web Designer's Workflow
chriscoyier
698
190k
Future Trends and Review - Lecture 12 - Web Technologies (1019888BNR)
signer
PRO
0
3.6k
How to build a perfect <img>
jonoalderson
1
5.7k
Producing Creativity
orderedlist
PRO
348
40k
What does AI have to do with Human Rights?
axbom
PRO
1
2.2k
Transcript
Intro to Cybersecurity John Downey | @jtdowney http://bit.ly/2tTOeu1 1
Intro to Cybersecurity Information Security John Downey | @jtdowney http://bit.ly/2tTOeu1
2
whoami 4 John Downey 4 Security Lead at Braintree 4
All self taught 4 No certifications http://bit.ly/2tTOeu1 3
Managing Risk Risk = Liklihood × Impact http://bit.ly/2tTOeu1 4
Likelihood http://bit.ly/2tTOeu1 5
Threat Actors 4 Skill 4 Motive 4 Opportunity 4 Organization
http://bit.ly/2tTOeu1 6
Vulnerability 4 Ease of discovery 4 Ease of exploitation 4
Awareness 4 Zero day http://bit.ly/2tTOeu1 7
Impact http://bit.ly/2tTOeu1 8
Technical Loss 4 Confidentiality 4 Integrity 4 Availability http://bit.ly/2tTOeu1 9
Damages 4 Financial 4 Reputation 4 Leadership Change http://bit.ly/2tTOeu1 10
Mitigation Approach http://bit.ly/2tTOeu1 11
Prevention 4 Segmentation 4 Access control lists 4 Training 4
Testing 4 Governance http://bit.ly/2tTOeu1 12
Detection 4 Scanning 4 Intrusion detection systems 4 File integrity
monitoring 4 Antivirus http://bit.ly/2tTOeu1 13
Response 4 Incident response plans 4 Security operations center 4
Digital forensics 4 Active mitigtaion http://bit.ly/2tTOeu1 14
Case Studies http://bit.ly/2tTOeu1 15
Denial of Service http://bit.ly/2tTOeu1 16
http://bit.ly/2tTOeu1 17
http://bit.ly/2tTOeu1 18
Tips 4 Evaluate the risk 4 Maybe have a plan
for dealing with a DDoS attack http://bit.ly/2tTOeu1 19
Password Reuse http://bit.ly/2tTOeu1 20
http://bit.ly/2tTOeu1 21
http://bit.ly/2tTOeu1 22
Tips 4 Use a password manager 4 Enable two-factor authentication
everywhere 4 Resources 4 https://haveibeenpwned.com 4 https://opensource.com/article/17/2/password- management http://bit.ly/2tTOeu1 23
Software Patching http://bit.ly/2tTOeu1 24
http://bit.ly/2tTOeu1 25
http://bit.ly/2tTOeu1 26
Tips 4 Turn on automatic updates 4 Don't dismiss or
ignore updates 4 Keep all devices up to date 4 Help out those who aren't as security savvy http://bit.ly/2tTOeu1 27
Software Bug http://bit.ly/2tTOeu1 28
http://bit.ly/2tTOeu1 29
Tips 4 OWASP - https://www.owasp.org 4 WebGoat - https://github.com/WebGoat/WebGoat 4
Hacksplaining - https://www.hacksplaining.com http://bit.ly/2tTOeu1 30
Workshop 4 Verizon Data Breach Report - http://vz.to/2qihidi 4 Hacksplaining
- https://www.hacksplaining.com 4 WebGoat - https://github.com/WebGoat/WebGoat 4 flAWS - http://flaws.cloud http://bit.ly/2tTOeu1 31
Image Credits 4 https://flic.kr/p/bov2cY 4 https://flic.kr/p/aoSXLS 4 https://flic.kr/p/npSVNU 4 https://en.wikipedia.org/wiki/Information_security
4 https://en.wikipedia.org/wiki/PAVE_PAWS http://bit.ly/2tTOeu1 32