Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Intro to Cybersecurity Workshop

Avatar for John Downey John Downey
July 24, 2017
Technology
0
150

Intro to Cybersecurity Workshop

Avatar for John Downey

John Downey

July 24, 2017
Tweet

More Decks by John Downey

See All by John Downey
Cryptography Pitfalls at CactusCon 2019
Avatar for John Downey jtdowney
0
200
Cryptography Pitfalls at BsidesMSP 2017
Avatar for John Downey jtdowney
0
200
Cryptography Pitfalls at THOTCON 0x8
Avatar for John Downey jtdowney
0
210
Cryptography Pitfalls at ConFoo Montreal 2017
Avatar for John Downey jtdowney
1
370
Cryptography Pitfalls at BSidesPhilly 2016
Avatar for John Downey jtdowney
0
160
Cryptography Pitfalls at LASCON 2016
Avatar for John Downey jtdowney
0
220
Debugging TLS/SSL at DevOps Days Detroit 2016
Avatar for John Downey jtdowney
1
280
Debugging TLS/SSL at DevOpsDays Boston
Avatar for John Downey jtdowney
1
370
Cryptography Pitfalls at Abstractions
Avatar for John Downey jtdowney
0
130

Other Decks in Technology

See All in Technology
20260311 技術SWG活動報告(デジタルアイデンティティ人材育成推進WG Ph2 活動報告会)
Avatar for OpenID Foundation Japan oidfj
0
370
VPCエンドポイント意外とお金かかるなぁ。せや、共有したろ!
Avatar for tommy tommy0124
1
700
最強のAIエージェントを諦めたら品質が上がった話 / how quality improved after giving up on the strongest AI agent
Avatar for kt2 kt2mikan
0
200
Go標準パッケージのI/O処理をながめる
Avatar for matumoto matumoto
0
230
PMとしての意思決定とAI活用状況について
Avatar for LINEヤフーTech (LY Corporation Tech) lycorptech_jp
PRO
0
140
Zeal of the Convert: Taming Shai-Hulud with AI
Avatar for Rami McCarthy ramimac
0
150
AlloyDB 奮闘記
Avatar for hatappi hatappi
0
150
2026-03-11 JAWS-UG 茨城 #12 改めてALBを便利に使う
Avatar for SUZUKI Masashi masasuzu
2
400
脳内メモリ、思ったより揮発性だった
Avatar for koutorino koutorino
0
380
ガバメントクラウドにおけるAWSの長期継続割引について
Avatar for takeda_h takeda_h
2
5.3k
Oracle Cloud Infrastructure IaaS 新機能アップデート 2025/12 - 2026/2
Avatar for oracle4engineer oracle4engineer
PRO
0
170
「お金で解決」が全てではない!大規模WebアプリのCI高速化 #phperkaigi
Avatar for すてにゃん stefafafan
0
100

Featured

See All Featured
The Art of Delivering Value - GDevCon NA Keynote
Avatar for David Neal reverentgeek
16
1.9k
Effective software design: The role of men in debugging patriarchy in IT @ Voxxed Days AMS
Avatar for Kenny Baas-Schwegler baasie
0
260
Stop Working from a Prison Cell
Avatar for Chris Michel hatefulcrawdad
274
21k
Chasing Engaging Ingredients in Design
Avatar for Sebastian Deterding codingconduct
0
140
How to build a perfect <img>
Avatar for Jono Alderson jonoalderson
1
5.3k
Fashionably flexible responsive web design (full day workshop)
Avatar for Andy Clarke malarkey
408
66k
Design in an AI World
Avatar for tapps tapps
0
170
Principles of Awesome APIs and How to Build Them.
Avatar for Keavy McMinn keavy
128
17k
30 Presentation Tips
Avatar for Ian Lurie portentint
PRO
1
260
Marketing Yourself as an Engineer | Alaka | Gurzu
Avatar for Gurzu gurzu
0
150
Exploring the relationship between traditional SERPs and Gen AI search
Avatar for Ray Grieselhuber raygrieselhuber
PRO
2
3.7k
Bash Introduction
Avatar for André Augusto Costa Santos 62gerente
615
210k

Transcript

  1. Intro to Cybersecurity John Downey | @jtdowney http://bit.ly/2tTOeu1 1

  2. Intro to Cybersecurity Information Security John Downey | @jtdowney http://bit.ly/2tTOeu1

    2

  3. whoami 4 John Downey 4 Security Lead at Braintree 4

    All self taught 4 No certifications http://bit.ly/2tTOeu1 3

  4. Managing Risk Risk = Liklihood × Impact http://bit.ly/2tTOeu1 4

  5. Likelihood http://bit.ly/2tTOeu1 5

  6. Threat Actors 4 Skill 4 Motive 4 Opportunity 4 Organization

    http://bit.ly/2tTOeu1 6

  7. Vulnerability 4 Ease of discovery 4 Ease of exploitation 4

    Awareness 4 Zero day http://bit.ly/2tTOeu1 7

  8. Impact http://bit.ly/2tTOeu1 8

  9. Technical Loss 4 Confidentiality 4 Integrity 4 Availability http://bit.ly/2tTOeu1 9

  10. Damages 4 Financial 4 Reputation 4 Leadership Change http://bit.ly/2tTOeu1 10

  11. Mitigation Approach http://bit.ly/2tTOeu1 11

  12. Prevention 4 Segmentation 4 Access control lists 4 Training 4

    Testing 4 Governance http://bit.ly/2tTOeu1 12

  13. Detection 4 Scanning 4 Intrusion detection systems 4 File integrity

    monitoring 4 Antivirus http://bit.ly/2tTOeu1 13

  14. Response 4 Incident response plans 4 Security operations center 4

    Digital forensics 4 Active mitigtaion http://bit.ly/2tTOeu1 14

  15. Case Studies http://bit.ly/2tTOeu1 15

  16. Denial of Service http://bit.ly/2tTOeu1 16

  17. http://bit.ly/2tTOeu1 17

  18. http://bit.ly/2tTOeu1 18

  19. Tips 4 Evaluate the risk 4 Maybe have a plan

    for dealing with a DDoS attack http://bit.ly/2tTOeu1 19

  20. Password Reuse http://bit.ly/2tTOeu1 20

  21. http://bit.ly/2tTOeu1 21

  22. http://bit.ly/2tTOeu1 22

  23. Tips 4 Use a password manager 4 Enable two-factor authentication

    everywhere 4 Resources 4 https://haveibeenpwned.com 4 https://opensource.com/article/17/2/password- management http://bit.ly/2tTOeu1 23

  24. Software Patching http://bit.ly/2tTOeu1 24

  25. http://bit.ly/2tTOeu1 25

  26. http://bit.ly/2tTOeu1 26

  27. Tips 4 Turn on automatic updates 4 Don't dismiss or

    ignore updates 4 Keep all devices up to date 4 Help out those who aren't as security savvy http://bit.ly/2tTOeu1 27

  28. Software Bug http://bit.ly/2tTOeu1 28

  29. http://bit.ly/2tTOeu1 29

  30. Tips 4 OWASP - https://www.owasp.org 4 WebGoat - https://github.com/WebGoat/WebGoat 4

    Hacksplaining - https://www.hacksplaining.com http://bit.ly/2tTOeu1 30

  31. Workshop 4 Verizon Data Breach Report - http://vz.to/2qihidi 4 Hacksplaining

    - https://www.hacksplaining.com 4 WebGoat - https://github.com/WebGoat/WebGoat 4 flAWS - http://flaws.cloud http://bit.ly/2tTOeu1 31

  32. Image Credits 4 https://flic.kr/p/bov2cY 4 https://flic.kr/p/aoSXLS 4 https://flic.kr/p/npSVNU 4 https://en.wikipedia.org/wiki/Information_security

    4 https://en.wikipedia.org/wiki/PAVE_PAWS http://bit.ly/2tTOeu1 32