Upgrade to Pro — share decks privately, control downloads, hide ads and more …

セキュリティ戦略・発表と総括 / Security Strategies, Presentat...

Avatar for Kenji Saito Kenji Saito PRO
July 20, 2024
Technology
0
110

セキュリティ戦略・発表と総括 / Security Strategies, Presentation and Conclusions

早稲田大学大学院経営管理研究科「サイバーセキュリティ」2024 夏の第13-14回で使用したスライドです。

Avatar for Kenji Saito

Kenji Saito PRO

July 20, 2024
Tweet

More Decks by Kenji Saito

See All by Kenji Saito
ウェブサービスデザイン 2 / Web Service Design 2
Avatar for Kenji Saito ks91
PRO
0
7
Learning to Govern the Orbital Commons: A Serious Game on Incentivizing Debris Removal
Avatar for Kenji Saito ks91
PRO
0
3
FinTech 13-14 : FinTech Ideathon and Poster
Avatar for Kenji Saito ks91
PRO
0
90
講師自己紹介 / Lecturer Self-Introduction
Avatar for Kenji Saito ks91
PRO
0
18
講師研究紹介 / Lecturer Research Profile
Avatar for Kenji Saito ks91
PRO
0
12
NPO とは何か (を考えるワールドカフェ) / What is an NPO? (A World Café for Reflection)
Avatar for Kenji Saito ks91
PRO
0
70
FinTech 11-12 : Cyber-Physical Society and Future of Finance
Avatar for Kenji Saito ks91
PRO
0
67
AI 前提社会のキャッチ=22 (または私は如何にして民主主義、文書主義、人道的活動...) / Catch-22 in an AI-Premised Society (or How I Came to Democracy, Documentation, Humanitarian Activities...)
Avatar for Kenji Saito ks91
PRO
0
10
ウェブサービスデザイン 1 / Web Service Design 1
Avatar for Kenji Saito ks91
PRO
0
9

Other Decks in Technology

See All in Technology
信頼性が求められる業務のAIAgentのアーキテクチャ設計の勘所と課題
Avatar for Koji Miyata miyatakoji
0
180
事業状況で変化する最適解。進化し続ける開発組織とアーキテクチャ
Avatar for recruiting@caddi.jp caddi_eng
1
8.3k
その意思決定、まだ続けるんですか? ~痛みを超えて未来を作る、AI時代の撤退とピボットの技術~
Avatar for Michiru Kato applism118
42
24k
メッセージ駆動が可能にする結合の最適化
Avatar for かとじゅん j5ik2o
9
1.6k
ECS組み込みのBlue/Greenデプロイを動かしてELB側の動きを観察してみる
Avatar for 矢儀丈博 yuki_ink
3
420
改竄して学ぶコンテナサプライチェーンセキュリティ ~コンテナイメージの完全性を目指して~/tampering-container-supplychain-security
Avatar for mochizuki875 mochizuki875
1
400
入社したばかりでもできる、 アクセシビリティ改善の第一歩
Avatar for una unachang113
2
360
現地速報!Microsoft Ignite 2025 M365 Copilotアップデートレポート
Avatar for Kaz Asada | しがない情シス kasada
2
1.8k
持続可能なアクセシビリティ開発
Avatar for azukiazusa azukiazusa1
6
350
Introduction to Sansan for Engineers / エンジニア向け会社紹介
Avatar for Sansan, Inc. sansan33
PRO
5
45k
AI時代の戦略的アーキテクチャ 〜Adaptable AI をアーキテクチャで実現する〜 / Enabling Adaptable AI Through Strategic Architecture
Avatar for 株式会社ビットキー / Bitkey Inc. bitkey
PRO
15
11k
巨大モノリスのリプレイス──機能整理とハイブリッドアーキテクチャで挑んだ再構築戦略
Avatar for ZOZO Developers zozotech
PRO
0
370

Featured

See All Featured
For a Future-Friendly Web
Avatar for Brad Frost brad_frost
180
10k
Unsuck your backbone
Avatar for Amy Palamountain ammeep
671
58k
Building Flexible Design Systems
Avatar for Yesenia Perez-Cruz yeseniaperezcruz
329
39k
Practical Orchestrator
Avatar for Shlomi Noach shlominoach
190
11k
Stop Working from a Prison Cell
Avatar for Chris Michel hatefulcrawdad
273
21k
The Straight Up "How To Draw Better" Workshop
Avatar for Dennis Kardys denniskardys
239
140k
YesSQL, Process and Tooling at Scale
Avatar for Rocio Delgado rocio
174
15k
We Have a Design System, Now What?
Avatar for Morgane Peng morganepeng
54
7.9k
Put a Button on it: Removing Barriers to Going Fast.
Avatar for kastner kastner
60
4.1k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
Avatar for Tammy Everts tammyeverts
55
3.1k
Measuring & Analyzing Core Web Vitals
Avatar for Philip Tellis bluesmoon
9
680
Fantastic passwords and where to find them - at NoRuKo
Avatar for Phil Nash philnash
52
3.5k

Transcript

  1. Hardening for cyber security — generated by Stable Diffusion XL

    v1.0 2024 13-14 (WBS) 2024 13-14 — 2024-07-22 – p.1/43

  2. https://speakerdeck.com/ks91/collections/cyber-security-2024-summer 2024 13-14 — 2024-07-22 – p.2/43

  3. 1 6 10 (1) • 2 6 10 (2) •

    3 6 17 • 4 6 17 • 5 6 24 I ( ) • 6 6 24 I ( ) • 7 7 1 • 8 7 1 • 9 7 8 • 10 7 8 • 11 7 15 II ( ) • 12 7 15 II ( ) • 13 7 22 • 14 7 22 • W-IOI / ( ) 2024 13-14 — 2024-07-22 – p.3/43

  4. ( 20 ) 1 • 2 • 3 • 4

    (TCP/IP ) • 5 • 6 • 7 • 8 • 9 • 10 World Wide Web • 11 Web API • 12 • 13 git GitHub • 14 • SSH • (6/24 ) / (2 ) OK / 2024 13-14 — 2024-07-22 – p.4/43

  5. ( ) II 10 2024 13-14 — 2024-07-22 – p.5/43

  6. + 2024 13-14 — 2024-07-22 – p.6/43

  7. 2024 13-14 — 2024-07-22 – p.7/43

  8. 6. II (1) ( ) (2) 2024 7 18 (

    ) 23:59 JST Waseda Moodle (Q & A ) 2024 13-14 — 2024-07-22 – p.8/43

  9. . . . . . . 12 7 (7/20( )

    ) ( ) DDoS ( ∼ ) < ( ∼1,2 ) 2024 13-14 — 2024-07-22 – p.9/43

  10. N ⇒ ^^; 2024 13-14 — 2024-07-22 – p.10/43

  11. A CSIRT ( ) ⇒ AI 2024 13-14 — 2024-07-22

    – p.11/43

  12. L CEO CEO ⇒ MVV OvenAI MVV ( ) Mission

    : Vision : AI Value : W(X) vision value . . . 2024 13-14 — 2024-07-22 – p.12/43

  13. A W WebAPP ks91 ⇒ 2024 13-14 — 2024-07-22 –

    p.13/43

  14. 2024 6 10 ∼7 22 Google 7 2024 13-14 —

    2024-07-22 – p.14/43

  15. 6 10 Google https://lomgrp.co.jp/wp-content/uploads/2024/06/Informationleak_240610.pdf 2024 13-14 — 2024-07-22 – p.15/43

  16. 6 11 WEB 136 5 6 https://news.yahoo.co.jp/articles/71d073180db7d261c1dab9fe554d154f6193c46d 2024 13-14 —

    2024-07-22 – p.16/43

  17. 6 17 https://www.shochiku.co.jp/wp-content/uploads/2024/06/20240617_02.pdf 2024 13-14 — 2024-07-22 – p.17/43

  18. 6 17 https://csw-kawasaki.or.jp/wp-content/uploads/2024/06/20240617 -1.pdf Google ⇒ Google 2024 13-14 —

    2024-07-22 – p.18/43

  19. 6 18 AI https://www.ocha.ac.jp/news/d014901.html Google Forms Google Google 2024 13-14

    — 2024-07-22 – p.19/43

  20. 6 25 https://bravegroup.co.jp/news/6359/ URL 2024 13-14 — 2024-07-22 – p.20/43

  21. 6 26 Google https://www.gifu-pu.ac.jp/news/2024/06/post-268.html 2024 13-14 — 2024-07-22 – p.21/43

  22. 6 28 ( 3.0 ) https://www.soumu.go.jp/menu_news/s-news/01cyber01_02000001_00215.html 2024 13-14 — 2024-07-22

    – p.22/43

  23. 7 1 OpenSSH “regreSSHion” CVE-2024-6387 2024 13-14 — 2024-07-22 –

    p.23/43

  24. 7 9 “regreSSHion” OpenSSH CVE-2024-6409 2024 13-14 — 2024-07-22 –

    p.24/43

  25. 7 9 Zoom High ∼ ( ) https://news.yahoo.co.jp/articles/00fb89f571bf72672e5165cb19049bfc1ade7242 2024 13-14

    — 2024-07-22 – p.25/43

  26. 7 19 Windows CrowdStrike Falcon Sensor https://news.yahoo.co.jp/articles/dee7ebe1e0f5ac28fd833033c454ee3792727046 2024 13-14 —

    2024-07-22 – p.26/43

  27. https://kurashi.com/journal/11074 + CSIRT 2024 13-14 — 2024-07-22 – p.27/43

  28. (1) IPA Ver 3.0 (2023) https://www.meti.go.jp/policy/netsecurity/mng_guide.html IPA Ver 3.0 4

    (2023) https://www.ipa.go.jp/security/economics/csm-practice.html 2024 13-14 — 2024-07-22 – p.28/43

  29. (2) +1 / IPA ( ) Ver2.0 F 2 (2022)

    https://www.meti.go.jp/policy/netsecurity/mng_guide.html ( Ver 2.0) CSIRT Ver.2.1 https://www.nca.gr.jp/activity/imgs/recruit-hr20201211.pdf 2024 13-14 — 2024-07-22 – p.29/43

  30. (3) (2019) https://www.keidanren.or.jp/policy/cybersecurity/CyberRiskHandbook .html 10 NIST 2024 13-14 — 2024-07-22

    – p.30/43

  31. 3 2024 13-14 — 2024-07-22 – p.31/43

  32. 10 1. 2. 3. ( ) 4. 5. 6. PDCA

    7. 8. 9. 10. F 2024 13-14 — 2024-07-22 – p.32/43

  33. 1 IT 2 3 4 5 2024 13-14 — 2024-07-22

    – p.33/43

  34. NIST 5 (Identify) (Protect) (Detect) (Respond) (Recover) 2024 13-14 —

    2024-07-22 – p.34/43

  35. : 5 5 2024 13-14 — 2024-07-22 – p.35/43

  36. (OvenAI) 2024 6 10 OvenAI (BCP) OK 2024 13-14 —

    2024-07-22 – p.36/43

  37. 2024 13-14 — 2024-07-22 – p.37/43

  38. 2024 2024 13-14 — 2024-07-22 – p.38/43

  39. ( ) (1) (2) ( ) ⇒ 2024 13-14 —

    2024-07-22 – p.39/43

  40. ( ) NISC 7 ( ) 2024 13-14 — 2024-07-22

    – p.40/43

  41. 2024 13-14 — 2024-07-22 – p.41/43

  42. 7. 2024 7 29 ( ) 23:59 JST Waseda Moodle

    (Q & A ) 2024 13-14 — 2024-07-22 – p.42/43

  43. 2024 13-14 — 2024-07-22 – p.43/43