Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
セキュリティ戦略・発表と総括 / Security Strategies, Presentat...
Search
Kenji Saito
PRO
July 20, 2024
Technology
0
110
セキュリティ戦略・発表と総括 / Security Strategies, Presentation and Conclusions
早稲田大学大学院経営管理研究科「サイバーセキュリティ」2024 夏の第13-14回で使用したスライドです。
Kenji Saito
PRO
July 20, 2024
Tweet
Share
More Decks by Kenji Saito
See All by Kenji Saito
FinTech 3-4 : Internet Technology and Governance
ks91
PRO
0
19
民主主義と博愛(Humanitarianism) / Democracy and Humanitarianism
ks91
PRO
0
1
ブロックチェーン概論 / Introduction to Blockchain
ks91
PRO
0
6
ブロックチェーンと分散ファイナンス概論 / Introduction to Blockchain and Decentralized Finance
ks91
PRO
0
47
Proof of Authenticity of General IoT Information with Tamper-Evident Sensors and Blockchain
ks91
PRO
0
5
FinTech 1-2 : Overview of FinTech
ks91
PRO
0
14
デジタルトランスフォーメーションと民主主義 / Digital Transformation and Democracy
ks91
PRO
0
19
We Never Took the Kobayashi Maru Test Until Now. What Do You Think of Our Solutions? — Journeys of the Mind Through a No-Win Game
ks91
PRO
0
24
思いつきが武器になる:研究というゲームを始めよう / Ideas Are Your Equipments : Let the Game of Research Begin!
ks91
PRO
0
79
Other Decks in Technology
See All in Technology
Azure Well-Architected Framework入門
tomokusaba
1
310
BirdCLEF+2025 Noir 5位解法紹介
myso
0
200
データエンジニアがこの先生きのこるには...?
10xinc
0
450
社内報はAIにやらせよう / Let AI handle the company newsletter
saka2jp
3
280
生成AIを活用したZennの取り組み事例
ryosukeigarashi
0
210
AI駆動開発を推進するためにサービス開発チームで 取り組んでいること
noayaoshiro
0
190
PLaMoの事後学習を支える技術 / PFN LLMセミナー
pfn
PRO
9
3.9k
From Prompt to Product @ How to Web 2025, Bucharest, Romania
janwerner
0
120
ZOZOのAI活用実践〜社内基盤からサービス応用まで〜
zozotech
PRO
0
180
o11yで育てる、強い内製開発組織
_awache
3
120
バイブコーディングと継続的デプロイメント
nwiizo
2
430
成長自己責任時代のあるきかた/How to navigate the era of personal responsibility for growth
kwappa
3
280
Featured
See All Featured
Into the Great Unknown - MozCon
thekraken
40
2.1k
RailsConf 2023
tenderlove
30
1.2k
How To Stay Up To Date on Web Technology
chriscoyier
791
250k
BBQ
matthewcrist
89
9.8k
Documentation Writing (for coders)
carmenintech
75
5k
Producing Creativity
orderedlist
PRO
347
40k
Building Applications with DynamoDB
mza
96
6.6k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
231
53k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
114
20k
Being A Developer After 40
akosma
91
590k
Music & Morning Musume
bryan
46
6.8k
Reflections from 52 weeks, 52 projects
jeffersonlam
352
21k
Transcript
Hardening for cyber security — generated by Stable Diffusion XL
v1.0 2024 13-14 (WBS) 2024 13-14 — 2024-07-22 – p.1/43
https://speakerdeck.com/ks91/collections/cyber-security-2024-summer 2024 13-14 — 2024-07-22 – p.2/43
1 6 10 (1) • 2 6 10 (2) •
3 6 17 • 4 6 17 • 5 6 24 I ( ) • 6 6 24 I ( ) • 7 7 1 • 8 7 1 • 9 7 8 • 10 7 8 • 11 7 15 II ( ) • 12 7 15 II ( ) • 13 7 22 • 14 7 22 • W-IOI / ( ) 2024 13-14 — 2024-07-22 – p.3/43
( 20 ) 1 • 2 • 3 • 4
(TCP/IP ) • 5 • 6 • 7 • 8 • 9 • 10 World Wide Web • 11 Web API • 12 • 13 git GitHub • 14 • SSH • (6/24 ) / (2 ) OK / 2024 13-14 — 2024-07-22 – p.4/43
( ) II 10 2024 13-14 — 2024-07-22 – p.5/43
+ 2024 13-14 — 2024-07-22 – p.6/43
2024 13-14 — 2024-07-22 – p.7/43
6. II (1) ( ) (2) 2024 7 18 (
) 23:59 JST Waseda Moodle (Q & A ) 2024 13-14 — 2024-07-22 – p.8/43
. . . . . . 12 7 (7/20( )
) ( ) DDoS ( ∼ ) < ( ∼1,2 ) 2024 13-14 — 2024-07-22 – p.9/43
N ⇒ ^^; 2024 13-14 — 2024-07-22 – p.10/43
A CSIRT ( ) ⇒ AI 2024 13-14 — 2024-07-22
– p.11/43
L CEO CEO ⇒ MVV OvenAI MVV ( ) Mission
: Vision : AI Value : W(X) vision value . . . 2024 13-14 — 2024-07-22 – p.12/43
A W WebAPP ks91 ⇒ 2024 13-14 — 2024-07-22 –
p.13/43
2024 6 10 ∼7 22 Google 7 2024 13-14 —
2024-07-22 – p.14/43
6 10 Google https://lomgrp.co.jp/wp-content/uploads/2024/06/Informationleak_240610.pdf 2024 13-14 — 2024-07-22 – p.15/43
6 11 WEB 136 5 6 https://news.yahoo.co.jp/articles/71d073180db7d261c1dab9fe554d154f6193c46d 2024 13-14 —
2024-07-22 – p.16/43
6 17 https://www.shochiku.co.jp/wp-content/uploads/2024/06/20240617_02.pdf 2024 13-14 — 2024-07-22 – p.17/43
6 17 https://csw-kawasaki.or.jp/wp-content/uploads/2024/06/20240617 -1.pdf Google ⇒ Google 2024 13-14 —
2024-07-22 – p.18/43
6 18 AI https://www.ocha.ac.jp/news/d014901.html Google Forms Google Google 2024 13-14
— 2024-07-22 – p.19/43
6 25 https://bravegroup.co.jp/news/6359/ URL 2024 13-14 — 2024-07-22 – p.20/43
6 26 Google https://www.gifu-pu.ac.jp/news/2024/06/post-268.html 2024 13-14 — 2024-07-22 – p.21/43
6 28 ( 3.0 ) https://www.soumu.go.jp/menu_news/s-news/01cyber01_02000001_00215.html 2024 13-14 — 2024-07-22
– p.22/43
7 1 OpenSSH “regreSSHion” CVE-2024-6387 2024 13-14 — 2024-07-22 –
p.23/43
7 9 “regreSSHion” OpenSSH CVE-2024-6409 2024 13-14 — 2024-07-22 –
p.24/43
7 9 Zoom High ∼ ( ) https://news.yahoo.co.jp/articles/00fb89f571bf72672e5165cb19049bfc1ade7242 2024 13-14
— 2024-07-22 – p.25/43
7 19 Windows CrowdStrike Falcon Sensor https://news.yahoo.co.jp/articles/dee7ebe1e0f5ac28fd833033c454ee3792727046 2024 13-14 —
2024-07-22 – p.26/43
https://kurashi.com/journal/11074 + CSIRT 2024 13-14 — 2024-07-22 – p.27/43
(1) IPA Ver 3.0 (2023) https://www.meti.go.jp/policy/netsecurity/mng_guide.html IPA Ver 3.0 4
(2023) https://www.ipa.go.jp/security/economics/csm-practice.html 2024 13-14 — 2024-07-22 – p.28/43
(2) +1 / IPA ( ) Ver2.0 F 2 (2022)
https://www.meti.go.jp/policy/netsecurity/mng_guide.html ( Ver 2.0) CSIRT Ver.2.1 https://www.nca.gr.jp/activity/imgs/recruit-hr20201211.pdf 2024 13-14 — 2024-07-22 – p.29/43
(3) (2019) https://www.keidanren.or.jp/policy/cybersecurity/CyberRiskHandbook .html 10 NIST 2024 13-14 — 2024-07-22
– p.30/43
3 2024 13-14 — 2024-07-22 – p.31/43
10 1. 2. 3. ( ) 4. 5. 6. PDCA
7. 8. 9. 10. F 2024 13-14 — 2024-07-22 – p.32/43
1 IT 2 3 4 5 2024 13-14 — 2024-07-22
– p.33/43
NIST 5 (Identify) (Protect) (Detect) (Respond) (Recover) 2024 13-14 —
2024-07-22 – p.34/43
: 5 5 2024 13-14 — 2024-07-22 – p.35/43
(OvenAI) 2024 6 10 OvenAI (BCP) OK 2024 13-14 —
2024-07-22 – p.36/43
2024 13-14 — 2024-07-22 – p.37/43
2024 2024 13-14 — 2024-07-22 – p.38/43
( ) (1) (2) ( ) ⇒ 2024 13-14 —
2024-07-22 – p.39/43
( ) NISC 7 ( ) 2024 13-14 — 2024-07-22
– p.40/43
2024 13-14 — 2024-07-22 – p.41/43
7. 2024 7 29 ( ) 23:59 JST Waseda Moodle
(Q & A ) 2024 13-14 — 2024-07-22 – p.42/43
2024 13-14 — 2024-07-22 – p.43/43