Upgrade to Pro — share decks privately, control downloads, hide ads and more …

セキュリティ戦略・発表と総括 / Security Strategies, Presentat...

Avatar for Kenji Saito Kenji Saito
PRO
July 20, 2024
Technology
1
97

セキュリティ戦略・発表と総括 / Security Strategies, Presentation and Conclusions

早稲田大学大学院経営管理研究科「サイバーセキュリティ」2024 夏の第13-14回で使用したスライドです。
Avatar for Kenji Saito

Kenji Saito
PRO

July 20, 2024
Tweet

More Decks by Kenji Saito

See All by Kenji Saito
スマートコントラクトと分散ファイナンス / Smart Contracts and Decentralized Finance
Avatar for Kenji Saito ks91
PRO
0
50
シン・ブロックチェーン / Truth of Blockchain
Avatar for Kenji Saito ks91
PRO
0
77
パスワード/パスフレーズと認証 / Password, Passphrase and Authentication
Avatar for Kenji Saito ks91
PRO
0
32
git と GitHub / git and GitHub
Avatar for Kenji Saito ks91
PRO
0
32
ソフトウェアの開発と保守 / Software Development and Maintenance
Avatar for Kenji Saito ks91
PRO
0
46
インターネットの特徴 / Features of the Internet
Avatar for Kenji Saito ks91
PRO
0
31
インターネットのガバナンス / Governance of the Internet
Avatar for Kenji Saito ks91
PRO
0
29
暗号学的ハッシュ関数 / Cryptographic Hash Function
Avatar for Kenji Saito ks91
PRO
0
35
デジタル署名 / Digital Signature
Avatar for Kenji Saito ks91
PRO
0
30

Other Decks in Technology

See All in Technology
Claude Code Actionを使ったコード品質改善の取り組み
Avatar for Katsunori Kanda potix2
PRO
6
2.2k
Wasm元年
Avatar for asuka askua
0
140
監視のこれまでとこれから/sakura monitoring seminar 2025
Avatar for FUJIWARA Shunichiro fujiwara3
11
3.9k
AIのAIによるAIのための出力評価と改善
Avatar for たまねぎ chocoyama
2
550
AWS Summit Japan 2025 Community Stage - App workflow automation by AWS Step Functions
Avatar for matsuihidetoshi matsuihidetoshi
1
250
エンジニア向け技術スタック情報
Avatar for 株式会社カウシェ kauche
1
250
Node-RED × MCP 勉強会 vol.1
Avatar for 1ft-seabass 1ftseabass
PRO
0
140
セキュリティの民主化は何故必要なのか_AWS WAF 運用の 10 の苦悩から学ぶ
Avatar for Yoichi Satake (Yoh) yoh
1
110
Welcome to the LLM Club
Avatar for Koichi ITO koic
0
170
Oracle Cloud Infrastructure:2025年6月度サービス・アップデート
Avatar for oracle4engineer oracle4engineer
PRO
2
240
Amazon S3標準/ S3 Tables/S3 Express One Zoneを使ったログ分析
Avatar for ShigeruOda shigeruoda
3
470
“社内”だけで完結していた私が、AWS Community Builder になるまで
Avatar for nagisa_53 nagisa53
1
380

Featured

See All Featured
Testing 201, or: Great Expectations
Avatar for Joseph Mastey jmmastey
42
7.5k
What’s in a name? Adding method to the madness
Avatar for Product Marketing Alliance productmarketing
PRO
23
3.5k
Save Time (by Creating Custom Rails Generators)
Avatar for Garrett Dimon garrettdimon
PRO
31
1.2k
RailsConf 2023
Avatar for Aaron Patterson tenderlove
30
1.1k
The Art of Programming - Codeland 2020
Avatar for Erika Heidi erikaheidi
54
13k
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
Avatar for Tammy Everts tammyeverts
5
210
Helping Users Find Their Own Way: Creating Modern Search Experiences
Avatar for Dan Newman danielanewman
29
2.7k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
Avatar for Morgane Peng morganepeng
130
19k
For a Future-Friendly Web
Avatar for Brad Frost brad_frost
179
9.8k
GitHub's CSS Performance
Avatar for Jon Rohan jonrohan
1031
460k
Building a Scalable Design System with Sketch
Avatar for Laura Van Doore lauravandoore
462
33k
CSS Pre-Processors: Stylus, Less & Sass
Avatar for Bermon Painter bermonpainter
357
30k

Transcript

  1. Hardening for cyber security — generated by Stable Diffusion XL

    v1.0 2024 13-14 (WBS) 2024 13-14 — 2024-07-22 – p.1/43

  2. https://speakerdeck.com/ks91/collections/cyber-security-2024-summer 2024 13-14 — 2024-07-22 – p.2/43

  3. 1 6 10 (1) • 2 6 10 (2) •

    3 6 17 • 4 6 17 • 5 6 24 I ( ) • 6 6 24 I ( ) • 7 7 1 • 8 7 1 • 9 7 8 • 10 7 8 • 11 7 15 II ( ) • 12 7 15 II ( ) • 13 7 22 • 14 7 22 • W-IOI / ( ) 2024 13-14 — 2024-07-22 – p.3/43

  4. ( 20 ) 1 • 2 • 3 • 4

    (TCP/IP ) • 5 • 6 • 7 • 8 • 9 • 10 World Wide Web • 11 Web API • 12 • 13 git GitHub • 14 • SSH • (6/24 ) / (2 ) OK / 2024 13-14 — 2024-07-22 – p.4/43

  5. ( ) II 10 2024 13-14 — 2024-07-22 – p.5/43

  6. + 2024 13-14 — 2024-07-22 – p.6/43

  7. 2024 13-14 — 2024-07-22 – p.7/43

  8. 6. II (1) ( ) (2) 2024 7 18 (

    ) 23:59 JST Waseda Moodle (Q & A ) 2024 13-14 — 2024-07-22 – p.8/43

  9. . . . . . . 12 7 (7/20( )

    ) ( ) DDoS ( ∼ ) < ( ∼1,2 ) 2024 13-14 — 2024-07-22 – p.9/43

  10. N ⇒ ^^; 2024 13-14 — 2024-07-22 – p.10/43

  11. A CSIRT ( ) ⇒ AI 2024 13-14 — 2024-07-22

    – p.11/43

  12. L CEO CEO ⇒ MVV OvenAI MVV ( ) Mission

    : Vision : AI Value : W(X) vision value . . . 2024 13-14 — 2024-07-22 – p.12/43

  13. A W WebAPP ks91 ⇒ 2024 13-14 — 2024-07-22 –

    p.13/43

  14. 2024 6 10 ∼7 22 Google 7 2024 13-14 —

    2024-07-22 – p.14/43

  15. 6 10 Google https://lomgrp.co.jp/wp-content/uploads/2024/06/Informationleak_240610.pdf 2024 13-14 — 2024-07-22 – p.15/43

  16. 6 11 WEB 136 5 6 https://news.yahoo.co.jp/articles/71d073180db7d261c1dab9fe554d154f6193c46d 2024 13-14 —

    2024-07-22 – p.16/43

  17. 6 17 https://www.shochiku.co.jp/wp-content/uploads/2024/06/20240617_02.pdf 2024 13-14 — 2024-07-22 – p.17/43

  18. 6 17 https://csw-kawasaki.or.jp/wp-content/uploads/2024/06/20240617 -1.pdf Google ⇒ Google 2024 13-14 —

    2024-07-22 – p.18/43

  19. 6 18 AI https://www.ocha.ac.jp/news/d014901.html Google Forms Google Google 2024 13-14

    — 2024-07-22 – p.19/43

  20. 6 25 https://bravegroup.co.jp/news/6359/ URL 2024 13-14 — 2024-07-22 – p.20/43

  21. 6 26 Google https://www.gifu-pu.ac.jp/news/2024/06/post-268.html 2024 13-14 — 2024-07-22 – p.21/43

  22. 6 28 ( 3.0 ) https://www.soumu.go.jp/menu_news/s-news/01cyber01_02000001_00215.html 2024 13-14 — 2024-07-22

    – p.22/43

  23. 7 1 OpenSSH “regreSSHion” CVE-2024-6387 2024 13-14 — 2024-07-22 –

    p.23/43

  24. 7 9 “regreSSHion” OpenSSH CVE-2024-6409 2024 13-14 — 2024-07-22 –

    p.24/43

  25. 7 9 Zoom High ∼ ( ) https://news.yahoo.co.jp/articles/00fb89f571bf72672e5165cb19049bfc1ade7242 2024 13-14

    — 2024-07-22 – p.25/43

  26. 7 19 Windows CrowdStrike Falcon Sensor https://news.yahoo.co.jp/articles/dee7ebe1e0f5ac28fd833033c454ee3792727046 2024 13-14 —

    2024-07-22 – p.26/43

  27. https://kurashi.com/journal/11074 + CSIRT 2024 13-14 — 2024-07-22 – p.27/43

  28. (1) IPA Ver 3.0 (2023) https://www.meti.go.jp/policy/netsecurity/mng_guide.html IPA Ver 3.0 4

    (2023) https://www.ipa.go.jp/security/economics/csm-practice.html 2024 13-14 — 2024-07-22 – p.28/43

  29. (2) +1 / IPA ( ) Ver2.0 F 2 (2022)

    https://www.meti.go.jp/policy/netsecurity/mng_guide.html ( Ver 2.0) CSIRT Ver.2.1 https://www.nca.gr.jp/activity/imgs/recruit-hr20201211.pdf 2024 13-14 — 2024-07-22 – p.29/43

  30. (3) (2019) https://www.keidanren.or.jp/policy/cybersecurity/CyberRiskHandbook .html 10 NIST 2024 13-14 — 2024-07-22

    – p.30/43

  31. 3 2024 13-14 — 2024-07-22 – p.31/43

  32. 10 1. 2. 3. ( ) 4. 5. 6. PDCA

    7. 8. 9. 10. F 2024 13-14 — 2024-07-22 – p.32/43

  33. 1 IT 2 3 4 5 2024 13-14 — 2024-07-22

    – p.33/43

  34. NIST 5 (Identify) (Protect) (Detect) (Respond) (Recover) 2024 13-14 —

    2024-07-22 – p.34/43

  35. : 5 5 2024 13-14 — 2024-07-22 – p.35/43

  36. (OvenAI) 2024 6 10 OvenAI (BCP) OK 2024 13-14 —

    2024-07-22 – p.36/43

  37. 2024 13-14 — 2024-07-22 – p.37/43

  38. 2024 2024 13-14 — 2024-07-22 – p.38/43

  39. ( ) (1) (2) ( ) ⇒ 2024 13-14 —

    2024-07-22 – p.39/43

  40. ( ) NISC 7 ( ) 2024 13-14 — 2024-07-22

    – p.40/43

  41. 2024 13-14 — 2024-07-22 – p.41/43

  42. 7. 2024 7 29 ( ) 23:59 JST Waseda Moodle

    (Q & A ) 2024 13-14 — 2024-07-22 – p.42/43

  43. 2024 13-14 — 2024-07-22 – p.43/43