SlideShare a Scribd company logo

Lightning Talk: Security matters @ploneconf 2014

โ€ข
โ€ข
Alexander Loechel
Alexander Loechel

This document discusses several Plone packages for checking vulnerabilities and applying security updates, including plone.app.vulnerabilities, plone.vulnerabilitychecks, and plone.hud. It notes that security is important in content management systems and recommends checking for updates daily and applying patches. The packages discussed aim to check for vulnerabilities during startup, buildouts, and tests and provide version information for administrators. Future work includes sprinting on the packages, keeping vulnerability information up-to-date, and raising awareness of Plone security.

Internet
1 of 9
Download to read offline
Security Matters Alexander Loechel on plone.app.vulneritilities plone.vulnerabilitychecks.* plone.hud PLONE CONFERENCE BRISTOL 2014
Studies on Security โ€ข Security Study on Content Management Systems published by the German Federal Office for Information Security May 2013 โ€ข Take at least 15 min / day / system - Look for updates - Apply Patches
โ€žYou should proceed under the assumption that every Drupal 7 website was compromised unless updated or patched before โ€ฆ after the announcement.โ€œ Drupal Security Team
plone.app.vulnerbilities http://plone.org/hotfixes
plone.hud / plone.app.hud
JSON from plone.org and pypi.python.org
Supply Information โ€ข Check for vulnerabilities on Plone installs: โ€ข plone.vulnerabilitychecks.instance_startup โ€”> disable or warn on startup โ€ข plone.vulnerabilitychecks.buildout โ€”> warn or stop buildout โ€ข plone.vulnerabilitychecks.tests โ€”> For CI Tests โ€ข plone.vulnerabilitycheckes.controlpanel โ€”> Version Information View โ€ข buildout.autoapplyplonehotfixes โ€ข โ€”> github.com/loechel/ โ€ข dependencies: โ€ข plone.vulnerabilitychecks.core โ€”> JSON <โ€” plone.app.vulnerabilities
Future Work โ€ข Sprinting on that โ€ข Include up-to-date lone.app.vulnerabilities in plone.org and keep Information up-to-date โ€ข May a PLIP to include those Packages in the Installers as a out-commented option with documentation โ€ข Make people more aware of Plone Security

Recommended

A New Zero-Day Vulnerability Discovered Every Week in 2015
A New Zero-Day Vulnerability Discovered Every Week in 2015A New Zero-Day Vulnerability Discovered Every Week in 2015
A New Zero-Day Vulnerability Discovered Every Week in 2015RapidSSLOnline.com
ย 
Application Security in the Age of Open Source
Application Security in the Age of Open SourceApplication Security in the Age of Open Source
Application Security in the Age of Open SourceBlack Duck by Synopsys
ย 
Open Source Security
Open Source SecurityOpen Source Security
Open Source SecuritySander Temme
ย 
App locker
App lockerApp locker
App lockerConcentrated Technology
ย 
Tale of Forgotten Disclosure and Lesson learned
Tale of Forgotten Disclosure and Lesson learnedTale of Forgotten Disclosure and Lesson learned
Tale of Forgotten Disclosure and Lesson learnedAnant Shrivastava
ย 
Secure application deployment in Apache CloudStack
Secure application deployment in Apache CloudStackSecure application deployment in Apache CloudStack
Secure application deployment in Apache CloudStackTim Mackey
ย 
ยซOWASP Top 10 hands on workshopยป by Stanislav Breslavskyi
ยซOWASP Top 10 hands on workshopยป by Stanislav Breslavskyi ยซOWASP Top 10 hands on workshopยป by Stanislav Breslavskyi
ยซOWASP Top 10 hands on workshopยป by Stanislav Breslavskyi 0xdec0de
ย 
Hacking Encounters of the 3rd Kind
Hacking Encounters of the 3rd KindHacking Encounters of the 3rd Kind
Hacking Encounters of the 3rd KindImperva
ย 

Recommended

A New Zero-Day Vulnerability Discovered Every Week in 2015
A New Zero-Day Vulnerability Discovered Every Week in 2015A New Zero-Day Vulnerability Discovered Every Week in 2015
A New Zero-Day Vulnerability Discovered Every Week in 2015RapidSSLOnline.com
ย 
Application Security in the Age of Open Source
Application Security in the Age of Open SourceApplication Security in the Age of Open Source
Application Security in the Age of Open SourceBlack Duck by Synopsys
ย 
Open Source Security
Open Source SecurityOpen Source Security
Open Source SecuritySander Temme
ย 
App locker
App lockerApp locker
App lockerConcentrated Technology
ย 
Tale of Forgotten Disclosure and Lesson learned
Tale of Forgotten Disclosure and Lesson learnedTale of Forgotten Disclosure and Lesson learned
Tale of Forgotten Disclosure and Lesson learnedAnant Shrivastava
ย 
Secure application deployment in Apache CloudStack
Secure application deployment in Apache CloudStackSecure application deployment in Apache CloudStack
Secure application deployment in Apache CloudStackTim Mackey
ย 
ยซOWASP Top 10 hands on workshopยป by Stanislav Breslavskyi
ยซOWASP Top 10 hands on workshopยป by Stanislav Breslavskyi ยซOWASP Top 10 hands on workshopยป by Stanislav Breslavskyi
ยซOWASP Top 10 hands on workshopยป by Stanislav Breslavskyi 0xdec0de
ย 
Hacking Encounters of the 3rd Kind
Hacking Encounters of the 3rd KindHacking Encounters of the 3rd Kind
Hacking Encounters of the 3rd KindImperva
ย 
Metasploit
MetasploitMetasploit
Metasploithenelpj
ย 
A Warrior's Journey: Building a Global AppSec Program - OWASP Global AppSec 2020
A Warrior's Journey: Building a Global AppSec Program - OWASP Global AppSec 2020A Warrior's Journey: Building a Global AppSec Program - OWASP Global AppSec 2020
A Warrior's Journey: Building a Global AppSec Program - OWASP Global AppSec 2020Brian Levine
ย 
Security
SecuritySecurity
Securitynkanazawa
ย 
Secure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous deliverySecure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous deliveryTim Mackey
ย 
Wordpress security
Wordpress securityWordpress security
Wordpress securityjhon wilson
ย 
Day 0
Day 0Day 0
Day 0Vivek Rajasekar
ย 
Infrastruktur & Security: Sichere Web-Applikationen durch Hacking-Lab
Infrastruktur & Security: Sichere Web-Applikationen durch Hacking-LabInfrastruktur & Security: Sichere Web-Applikationen durch Hacking-Lab
Infrastruktur & Security: Sichere Web-Applikationen durch Hacking-LabONE Schweiz
ย 
New Era of Software with modern Application Security (v0.6)
New Era of Software with modern Application Security (v0.6)New Era of Software with modern Application Security (v0.6)
New Era of Software with modern Application Security (v0.6)Dinis Cruz
ย 
OISF - AppSec Presentation
OISF - AppSec PresentationOISF - AppSec Presentation
OISF - AppSec PresentationThreatReel Podcast
ย 
My pwk & oscp journey
My pwk & oscp journeyMy pwk & oscp journey
My pwk & oscp journeyM.Syarifudin, ST, OSCP, OSWP
ย 
How to adapt the SDLC to the era of DevSecOps
How to adapt the SDLC to the era of DevSecOpsHow to adapt the SDLC to the era of DevSecOps
How to adapt the SDLC to the era of DevSecOpsZane Lackey
ย 
OpenSourceSecurityTools - UPDATED
OpenSourceSecurityTools - UPDATEDOpenSourceSecurityTools - UPDATED
OpenSourceSecurityTools - UPDATEDSparsh Raj
ย 
New Era of Software with modern Application Security v1.0
New Era of Software with modern Application Security v1.0New Era of Software with modern Application Security v1.0
New Era of Software with modern Application Security v1.0Dinis Cruz
ย 
Avc prot 2012b_en
Avc prot 2012b_enAvc prot 2012b_en
Avc prot 2012b_enAnatoliy Tkachev
ย 
NIC 2017 - Attack and detection in Windows Environments
NIC 2017 - Attack and detection in Windows EnvironmentsNIC 2017 - Attack and detection in Windows Environments
NIC 2017 - Attack and detection in Windows EnvironmentsOddvar Moe
ย 
Mosaic - flexibele layouts voor Plone
Mosaic - flexibele layouts voor PloneMosaic - flexibele layouts voor Plone
Mosaic - flexibele layouts voor Plonekhink
ย 
Why CMS will not die
Why CMS will not dieWhy CMS will not die
Why CMS will not dieMakina Corpus
ย 
Running a Plone product on Substance D
Running a Plone product on Substance DRunning a Plone product on Substance D
Running a Plone product on Substance DMakina Corpus
ย 
Ancient To Modern: Upgrading nearly a decade of Plone in public radio
Ancient To Modern: Upgrading nearly a decade of Plone in public radioAncient To Modern: Upgrading nearly a decade of Plone in public radio
Ancient To Modern: Upgrading nearly a decade of Plone in public radioCristopher Ewing
ย 
Content's quality for Plone editors
Content's quality for Plone editorsContent's quality for Plone editors
Content's quality for Plone editorsMaurizio Delmonte
ย 
Code analysis for a better future
Code analysis for a better futureCode analysis for a better future
Code analysis for a better futuregilforcada
ย 
Historico das Conferencias Python Brasil
Historico das Conferencias Python BrasilHistorico das Conferencias Python Brasil
Historico das Conferencias Python BrasilTania Andrea
ย 

More Related Content

What's hot

Metasploit
MetasploitMetasploit
Metasploithenelpj
ย 
A Warrior's Journey: Building a Global AppSec Program - OWASP Global AppSec 2020
A Warrior's Journey: Building a Global AppSec Program - OWASP Global AppSec 2020A Warrior's Journey: Building a Global AppSec Program - OWASP Global AppSec 2020
A Warrior's Journey: Building a Global AppSec Program - OWASP Global AppSec 2020Brian Levine
ย 
Security
SecuritySecurity
Securitynkanazawa
ย 
Secure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous deliverySecure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous deliveryTim Mackey
ย 
Wordpress security
Wordpress securityWordpress security
Wordpress securityjhon wilson
ย 
Infrastruktur & Security: Sichere Web-Applikationen durch Hacking-Lab
Infrastruktur & Security: Sichere Web-Applikationen durch Hacking-LabInfrastruktur & Security: Sichere Web-Applikationen durch Hacking-Lab
Infrastruktur & Security: Sichere Web-Applikationen durch Hacking-LabONE Schweiz
ย 
New Era of Software with modern Application Security (v0.6)
New Era of Software with modern Application Security (v0.6)New Era of Software with modern Application Security (v0.6)
New Era of Software with modern Application Security (v0.6)Dinis Cruz
ย 
OISF - AppSec Presentation
OISF - AppSec PresentationOISF - AppSec Presentation
OISF - AppSec PresentationThreatReel Podcast
ย 
How to adapt the SDLC to the era of DevSecOps
How to adapt the SDLC to the era of DevSecOpsHow to adapt the SDLC to the era of DevSecOps
How to adapt the SDLC to the era of DevSecOpsZane Lackey
ย 
OpenSourceSecurityTools - UPDATED
OpenSourceSecurityTools - UPDATEDOpenSourceSecurityTools - UPDATED
OpenSourceSecurityTools - UPDATEDSparsh Raj
ย 
New Era of Software with modern Application Security v1.0
New Era of Software with modern Application Security v1.0New Era of Software with modern Application Security v1.0
New Era of Software with modern Application Security v1.0Dinis Cruz
ย 
Avc prot 2012b_en
Avc prot 2012b_enAvc prot 2012b_en
Avc prot 2012b_enAnatoliy Tkachev
ย 
NIC 2017 - Attack and detection in Windows Environments
NIC 2017 - Attack and detection in Windows EnvironmentsNIC 2017 - Attack and detection in Windows Environments
NIC 2017 - Attack and detection in Windows EnvironmentsOddvar Moe
ย 

What's hot (15)

Metasploit
MetasploitMetasploit
Metasploit
ย 
A Warrior's Journey: Building a Global AppSec Program - OWASP Global AppSec 2020
A Warrior's Journey: Building a Global AppSec Program - OWASP Global AppSec 2020A Warrior's Journey: Building a Global AppSec Program - OWASP Global AppSec 2020
A Warrior's Journey: Building a Global AppSec Program - OWASP Global AppSec 2020
ย 
Security
SecuritySecurity
Security
ย 
Secure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous deliverySecure application deployment in the age of continuous delivery
Secure application deployment in the age of continuous delivery
ย 
Wordpress security
Wordpress securityWordpress security
Wordpress security
ย 
Day 0
Day 0Day 0
Day 0
ย 
Infrastruktur & Security: Sichere Web-Applikationen durch Hacking-Lab
Infrastruktur & Security: Sichere Web-Applikationen durch Hacking-LabInfrastruktur & Security: Sichere Web-Applikationen durch Hacking-Lab
Infrastruktur & Security: Sichere Web-Applikationen durch Hacking-Lab
ย 
New Era of Software with modern Application Security (v0.6)
New Era of Software with modern Application Security (v0.6)New Era of Software with modern Application Security (v0.6)
New Era of Software with modern Application Security (v0.6)
ย 
OISF - AppSec Presentation
OISF - AppSec PresentationOISF - AppSec Presentation
OISF - AppSec Presentation
ย 
My pwk & oscp journey
My pwk & oscp journeyMy pwk & oscp journey
My pwk & oscp journey
ย 
How to adapt the SDLC to the era of DevSecOps
How to adapt the SDLC to the era of DevSecOpsHow to adapt the SDLC to the era of DevSecOps
How to adapt the SDLC to the era of DevSecOps
ย 
OpenSourceSecurityTools - UPDATED
OpenSourceSecurityTools - UPDATEDOpenSourceSecurityTools - UPDATED
OpenSourceSecurityTools - UPDATED
ย 
New Era of Software with modern Application Security v1.0
New Era of Software with modern Application Security v1.0New Era of Software with modern Application Security v1.0
New Era of Software with modern Application Security v1.0
ย 
Avc prot 2012b_en
Avc prot 2012b_enAvc prot 2012b_en
Avc prot 2012b_en
ย 
NIC 2017 - Attack and detection in Windows Environments
NIC 2017 - Attack and detection in Windows EnvironmentsNIC 2017 - Attack and detection in Windows Environments
NIC 2017 - Attack and detection in Windows Environments
ย 

Viewers also liked

Mosaic - flexibele layouts voor Plone
Mosaic - flexibele layouts voor PloneMosaic - flexibele layouts voor Plone
Mosaic - flexibele layouts voor Plonekhink
ย 
Why CMS will not die
Why CMS will not dieWhy CMS will not die
Why CMS will not dieMakina Corpus
ย 
Running a Plone product on Substance D
Running a Plone product on Substance DRunning a Plone product on Substance D
Running a Plone product on Substance DMakina Corpus
ย 
Ancient To Modern: Upgrading nearly a decade of Plone in public radio
Ancient To Modern: Upgrading nearly a decade of Plone in public radioAncient To Modern: Upgrading nearly a decade of Plone in public radio
Ancient To Modern: Upgrading nearly a decade of Plone in public radioCristopher Ewing
ย 
Content's quality for Plone editors
Content's quality for Plone editorsContent's quality for Plone editors
Content's quality for Plone editorsMaurizio Delmonte
ย 
Code analysis for a better future
Code analysis for a better futureCode analysis for a better future
Code analysis for a better futuregilforcada
ย 
Historico das Conferencias Python Brasil
Historico das Conferencias Python BrasilHistorico das Conferencias Python Brasil
Historico das Conferencias Python BrasilTania Andrea
ย 
Plone Hosting: A Panel Discussion
Plone Hosting: A Panel DiscussionPlone Hosting: A Panel Discussion
Plone Hosting: A Panel DiscussionJazkarta, Inc.
ย 
The state of Plone Intranet
The state of Plone IntranetThe state of Plone Intranet
The state of Plone IntranetGuido Stevens
ย 
PloneConf 2014 CDN terada
PloneConf 2014 CDN teradaPloneConf 2014 CDN terada
PloneConf 2014 CDN teradaManabu Terada
ย 
Resource registries plone conf 2014
Resource registries plone conf 2014Resource registries plone conf 2014
Resource registries plone conf 2014Ramon Navarro
ย 
The Mountaineers: Scaling the Heights with Plone
The Mountaineers: Scaling the Heights with PloneThe Mountaineers: Scaling the Heights with Plone
The Mountaineers: Scaling the Heights with PloneJazkarta, Inc.
ย 
TTW FTW: Plone as the new wordpress
TTW FTW: Plone as the new wordpressTTW FTW: Plone as the new wordpress
TTW FTW: Plone as the new wordpressDylan Jay
ย 
Plone deployment made easy
Plone deployment made easyPlone deployment made easy
Plone deployment made easyKim Chee Leong
ย 
Plone 5 theming unleashed
Plone 5 theming unleashedPlone 5 theming unleashed
Plone 5 theming unleashedsneridagh
ย 
Plone Intranet Consortium - united we stand, divided we fall
Plone Intranet Consortium - united we stand, divided we fallPlone Intranet Consortium - united we stand, divided we fall
Plone Intranet Consortium - united we stand, divided we fallGuido Stevens
ย 
Social, Digital & Mobile Around The World (January 2014)
Social, Digital & Mobile Around The World (January 2014)Social, Digital & Mobile Around The World (January 2014)
Social, Digital & Mobile Around The World (January 2014)We Are Social Singapore
ย 
Recommender Systems (Machine Learning Summer School 2014 @ CMU)
Recommender Systems (Machine Learning Summer School 2014 @ CMU)Recommender Systems (Machine Learning Summer School 2014 @ CMU)
Recommender Systems (Machine Learning Summer School 2014 @ CMU)Xavier Amatriain
ย 
Digital, Social & Mobile in 2015
Digital, Social & Mobile in 2015Digital, Social & Mobile in 2015
Digital, Social & Mobile in 2015We Are Social Singapore
ย 

Viewers also liked (19)

Mosaic - flexibele layouts voor Plone
Mosaic - flexibele layouts voor PloneMosaic - flexibele layouts voor Plone
Mosaic - flexibele layouts voor Plone
ย 
Why CMS will not die
Why CMS will not dieWhy CMS will not die
Why CMS will not die
ย 
Running a Plone product on Substance D
Running a Plone product on Substance DRunning a Plone product on Substance D
Running a Plone product on Substance D
ย 
Ancient To Modern: Upgrading nearly a decade of Plone in public radio
Ancient To Modern: Upgrading nearly a decade of Plone in public radioAncient To Modern: Upgrading nearly a decade of Plone in public radio
Ancient To Modern: Upgrading nearly a decade of Plone in public radio
ย 
Content's quality for Plone editors
Content's quality for Plone editorsContent's quality for Plone editors
Content's quality for Plone editors
ย 
Code analysis for a better future
Code analysis for a better futureCode analysis for a better future
Code analysis for a better future
ย 
Historico das Conferencias Python Brasil
Historico das Conferencias Python BrasilHistorico das Conferencias Python Brasil
Historico das Conferencias Python Brasil
ย 
Plone Hosting: A Panel Discussion
Plone Hosting: A Panel DiscussionPlone Hosting: A Panel Discussion
Plone Hosting: A Panel Discussion
ย 
The state of Plone Intranet
The state of Plone IntranetThe state of Plone Intranet
The state of Plone Intranet
ย 
PloneConf 2014 CDN terada
PloneConf 2014 CDN teradaPloneConf 2014 CDN terada
PloneConf 2014 CDN terada
ย 
Resource registries plone conf 2014
Resource registries plone conf 2014Resource registries plone conf 2014
Resource registries plone conf 2014
ย 
The Mountaineers: Scaling the Heights with Plone
The Mountaineers: Scaling the Heights with PloneThe Mountaineers: Scaling the Heights with Plone
The Mountaineers: Scaling the Heights with Plone
ย 
TTW FTW: Plone as the new wordpress
TTW FTW: Plone as the new wordpressTTW FTW: Plone as the new wordpress
TTW FTW: Plone as the new wordpress
ย 
Plone deployment made easy
Plone deployment made easyPlone deployment made easy
Plone deployment made easy
ย 
Plone 5 theming unleashed
Plone 5 theming unleashedPlone 5 theming unleashed
Plone 5 theming unleashed
ย 
Plone Intranet Consortium - united we stand, divided we fall
Plone Intranet Consortium - united we stand, divided we fallPlone Intranet Consortium - united we stand, divided we fall
Plone Intranet Consortium - united we stand, divided we fall
ย 
Social, Digital & Mobile Around The World (January 2014)
Social, Digital & Mobile Around The World (January 2014)Social, Digital & Mobile Around The World (January 2014)
Social, Digital & Mobile Around The World (January 2014)
ย 
Recommender Systems (Machine Learning Summer School 2014 @ CMU)
Recommender Systems (Machine Learning Summer School 2014 @ CMU)Recommender Systems (Machine Learning Summer School 2014 @ CMU)
Recommender Systems (Machine Learning Summer School 2014 @ CMU)
ย 
Digital, Social & Mobile in 2015
Digital, Social & Mobile in 2015Digital, Social & Mobile in 2015
Digital, Social & Mobile in 2015
ย 

Similar to Lightning Talk: Security matters @ploneconf 2014

Eirtight writing secure code
Eirtight writing secure codeEirtight writing secure code
Eirtight writing secure codeKieran Dundon
ย 
Antivirus Comparative junio 2014
Antivirus Comparative junio 2014Antivirus Comparative junio 2014
Antivirus Comparative junio 2014Doryan Mathos
ย 
Understanding Plone Security
Understanding Plone SecurityUnderstanding Plone Security
Understanding Plone SecurityFabiano Weimar
ย 
Understanding SELinux For the Win
Understanding SELinux For the WinUnderstanding SELinux For the Win
Understanding SELinux For the Winbmbouter
ย 
The AV-Comparatives Guide to the Best Cybersecurity Solutions of 2017
The AV-Comparatives Guide to the Best Cybersecurity Solutions of 2017The AV-Comparatives Guide to the Best Cybersecurity Solutions of 2017
The AV-Comparatives Guide to the Best Cybersecurity Solutions of 2017Jermund Ottermo
ย 
Common tasks oct 2012
Common tasks oct 2012Common tasks oct 2012
Common tasks oct 2012mike2977
ย 
Avc prot 2016a_en
Avc prot 2016a_enAvc prot 2016a_en
Avc prot 2016a_enAndrey Apuhtin
ย 
Avc prot 2013a_en
Avc prot 2013a_enAvc prot 2013a_en
Avc prot 2013a_enAnatoliy Tkachev
ย 
Securing the Cloud
Securing the CloudSecuring the Cloud
Securing the CloudJohn Kinsella
ย 
Understanding The Known: OWASP A9 Using Components With Known Vulnerabilities
Understanding The Known: OWASP A9 Using Components With Known VulnerabilitiesUnderstanding The Known: OWASP A9 Using Components With Known Vulnerabilities
Understanding The Known: OWASP A9 Using Components With Known VulnerabilitiesAnant Shrivastava
ย 
Conf2014_SplunkSecurityNinjutsu
Conf2014_SplunkSecurityNinjutsuConf2014_SplunkSecurityNinjutsu
Conf2014_SplunkSecurityNinjutsuSplunk
ย 
Getting started with Octopus Deploy
Getting started with Octopus DeployGetting started with Octopus Deploy
Getting started with Octopus DeployKaroline Klever
ย 
YOW! Connected 2014 - Developing Secure iOS Applications
YOW! Connected 2014 - Developing Secure iOS ApplicationsYOW! Connected 2014 - Developing Secure iOS Applications
YOW! Connected 2014 - Developing Secure iOS Applicationseightbit
ย 
Continuous Integration for Beginners
Continuous Integration for BeginnersContinuous Integration for Beginners
Continuous Integration for BeginnersYรผce ร‡elikel
ย 
Yow connected developing secure i os applications
Yow connected developing secure i os applicationsYow connected developing secure i os applications
Yow connected developing secure i os applicationsmgianarakis
ย 
7 testing principles
7 testing principles7 testing principles
7 testing principlesTesting Expert
ย 
100 Security Operation Center Tools.pdf
100 Security Operation Center Tools.pdf100 Security Operation Center Tools.pdf
100 Security Operation Center Tools.pdfMAHESHUMANATHGOPALAK
ย 
SOC-BlueTEam.pdf
SOC-BlueTEam.pdfSOC-BlueTEam.pdf
SOC-BlueTEam.pdfBeratAkit
ย 
100 Security Operation Center Tools.pdf
100 Security Operation Center Tools.pdf100 Security Operation Center Tools.pdf
100 Security Operation Center Tools.pdfEMERSON EDUARDO RODRIGUES
ย 

Similar to Lightning Talk: Security matters @ploneconf 2014 (20)

Eirtight writing secure code
Eirtight writing secure codeEirtight writing secure code
Eirtight writing secure code
ย 
Antivirus Comparative junio 2014
Antivirus Comparative junio 2014Antivirus Comparative junio 2014
Antivirus Comparative junio 2014
ย 
Understanding Plone Security
Understanding Plone SecurityUnderstanding Plone Security
Understanding Plone Security
ย 
Understanding SELinux For the Win
Understanding SELinux For the WinUnderstanding SELinux For the Win
Understanding SELinux For the Win
ย 
The AV-Comparatives Guide to the Best Cybersecurity Solutions of 2017
The AV-Comparatives Guide to the Best Cybersecurity Solutions of 2017The AV-Comparatives Guide to the Best Cybersecurity Solutions of 2017
The AV-Comparatives Guide to the Best Cybersecurity Solutions of 2017
ย 
Common tasks oct 2012
Common tasks oct 2012Common tasks oct 2012
Common tasks oct 2012
ย 
Avc prot 2016a_en
Avc prot 2016a_enAvc prot 2016a_en
Avc prot 2016a_en
ย 
Avc prot 2013a_en
Avc prot 2013a_enAvc prot 2013a_en
Avc prot 2013a_en
ย 
Securing the Cloud
Securing the CloudSecuring the Cloud
Securing the Cloud
ย 
Understanding The Known: OWASP A9 Using Components With Known Vulnerabilities
Understanding The Known: OWASP A9 Using Components With Known VulnerabilitiesUnderstanding The Known: OWASP A9 Using Components With Known Vulnerabilities
Understanding The Known: OWASP A9 Using Components With Known Vulnerabilities
ย 
Conf2014_SplunkSecurityNinjutsu
Conf2014_SplunkSecurityNinjutsuConf2014_SplunkSecurityNinjutsu
Conf2014_SplunkSecurityNinjutsu
ย 
Experience Sharing on School Pentest Project (Updated)
Experience Sharing on School Pentest Project (Updated)Experience Sharing on School Pentest Project (Updated)
Experience Sharing on School Pentest Project (Updated)
ย 
Getting started with Octopus Deploy
Getting started with Octopus DeployGetting started with Octopus Deploy
Getting started with Octopus Deploy
ย 
YOW! Connected 2014 - Developing Secure iOS Applications
YOW! Connected 2014 - Developing Secure iOS ApplicationsYOW! Connected 2014 - Developing Secure iOS Applications
YOW! Connected 2014 - Developing Secure iOS Applications
ย 
Continuous Integration for Beginners
Continuous Integration for BeginnersContinuous Integration for Beginners
Continuous Integration for Beginners
ย 
Yow connected developing secure i os applications
Yow connected developing secure i os applicationsYow connected developing secure i os applications
Yow connected developing secure i os applications
ย 
7 testing principles
7 testing principles7 testing principles
7 testing principles
ย 
100 Security Operation Center Tools.pdf
100 Security Operation Center Tools.pdf100 Security Operation Center Tools.pdf
100 Security Operation Center Tools.pdf
ย 
SOC-BlueTEam.pdf
SOC-BlueTEam.pdfSOC-BlueTEam.pdf
SOC-BlueTEam.pdf
ย 
100 Security Operation Center Tools.pdf
100 Security Operation Center Tools.pdf100 Security Operation Center Tools.pdf
100 Security Operation Center Tools.pdf
ย 

More from Alexander Loechel

Lightning Talk: Regulation (EU) 2018/1724 "Single Digital Gateway" & the "You...
Lightning Talk: Regulation (EU) 2018/1724 "Single Digital Gateway" & the "You...Lightning Talk: Regulation (EU) 2018/1724 "Single Digital Gateway" & the "You...
Lightning Talk: Regulation (EU) 2018/1724 "Single Digital Gateway" & the "You...Alexander Loechel
ย 
The Plone is dead, long live the Plone!
The Plone is dead, long live the Plone!The Plone is dead, long live the Plone!
The Plone is dead, long live the Plone!Alexander Loechel
ย 
We are the Plone Collective. Resistance is futile. Assimilation is inevitable.
We are the Plone Collective. Resistance is futile. Assimilation is inevitable.We are the Plone Collective. Resistance is futile. Assimilation is inevitable.
We are the Plone Collective. Resistance is futile. Assimilation is inevitable.Alexander Loechel
ย 
Plone.org Improvements - Plone Addon Listing
Plone.org Improvements - Plone Addon ListingPlone.org Improvements - Plone Addon Listing
Plone.org Improvements - Plone Addon ListingAlexander Loechel
ย 
Sphinx options to make training documentation easier to understand
Sphinx options to make training documentation easier to understandSphinx options to make training documentation easier to understand
Sphinx options to make training documentation easier to understandAlexander Loechel
ย 
Web Content-Management-Systeme the Past - the Present - the Future
Web Content-Management-Systeme the Past - the Present - the FutureWeb Content-Management-Systeme the Past - the Present - the Future
Web Content-Management-Systeme the Past - the Present - the FutureAlexander Loechel
ย 
Plone, the Python CMS & Web Framework for Advanced Topics and Non-Developers
Plone, the Python CMS & Web Framework for Advanced Topics and Non-DevelopersPlone, the Python CMS & Web Framework for Advanced Topics and Non-Developers
Plone, the Python CMS & Web Framework for Advanced Topics and Non-DevelopersAlexander Loechel
ย 
Plone im Kontext des WCMS Marktes
Plone im Kontext des WCMS MarktesPlone im Kontext des WCMS Marktes
Plone im Kontext des WCMS MarktesAlexander Loechel
ย 
Web Accessibility for Web Developers
Web Accessibility for Web DevelopersWeb Accessibility for Web Developers
Web Accessibility for Web DevelopersAlexander Loechel
ย 
Doing the Impossible
Doing the ImpossibleDoing the Impossible
Doing the ImpossibleAlexander Loechel
ย 
Modern Python Testing
Modern Python TestingModern Python Testing
Modern Python TestingAlexander Loechel
ย 
World Plone Day 2017 - Plone 5.1
World Plone Day 2017 - Plone 5.1World Plone Day 2017 - Plone 5.1
World Plone Day 2017 - Plone 5.1Alexander Loechel
ย 
Plone - A History of Python Web
Plone - A History of Python WebPlone - A History of Python Web
Plone - A History of Python WebAlexander Loechel
ย 

More from Alexander Loechel (14)

Lightning Talk: Regulation (EU) 2018/1724 "Single Digital Gateway" & the "You...
Lightning Talk: Regulation (EU) 2018/1724 "Single Digital Gateway" & the "You...Lightning Talk: Regulation (EU) 2018/1724 "Single Digital Gateway" & the "You...
Lightning Talk: Regulation (EU) 2018/1724 "Single Digital Gateway" & the "You...
ย 
The Plone is dead, long live the Plone!
The Plone is dead, long live the Plone!The Plone is dead, long live the Plone!
The Plone is dead, long live the Plone!
ย 
We are the Plone Collective. Resistance is futile. Assimilation is inevitable.
We are the Plone Collective. Resistance is futile. Assimilation is inevitable.We are the Plone Collective. Resistance is futile. Assimilation is inevitable.
We are the Plone Collective. Resistance is futile. Assimilation is inevitable.
ย 
Plone.org Improvements - Plone Addon Listing
Plone.org Improvements - Plone Addon ListingPlone.org Improvements - Plone Addon Listing
Plone.org Improvements - Plone Addon Listing
ย 
Plone, quo vadis?
Plone, quo vadis?Plone, quo vadis?
Plone, quo vadis?
ย 
Sphinx options to make training documentation easier to understand
Sphinx options to make training documentation easier to understandSphinx options to make training documentation easier to understand
Sphinx options to make training documentation easier to understand
ย 
Web Content-Management-Systeme the Past - the Present - the Future
Web Content-Management-Systeme the Past - the Present - the FutureWeb Content-Management-Systeme the Past - the Present - the Future
Web Content-Management-Systeme the Past - the Present - the Future
ย 
Plone, the Python CMS & Web Framework for Advanced Topics and Non-Developers
Plone, the Python CMS & Web Framework for Advanced Topics and Non-DevelopersPlone, the Python CMS & Web Framework for Advanced Topics and Non-Developers
Plone, the Python CMS & Web Framework for Advanced Topics and Non-Developers
ย 
Plone im Kontext des WCMS Marktes
Plone im Kontext des WCMS MarktesPlone im Kontext des WCMS Marktes
Plone im Kontext des WCMS Marktes
ย 
Web Accessibility for Web Developers
Web Accessibility for Web DevelopersWeb Accessibility for Web Developers
Web Accessibility for Web Developers
ย 
Doing the Impossible
Doing the ImpossibleDoing the Impossible
Doing the Impossible
ย 
Modern Python Testing
Modern Python TestingModern Python Testing
Modern Python Testing
ย 
World Plone Day 2017 - Plone 5.1
World Plone Day 2017 - Plone 5.1World Plone Day 2017 - Plone 5.1
World Plone Day 2017 - Plone 5.1
ย 
Plone - A History of Python Web
Plone - A History of Python WebPlone - A History of Python Web
Plone - A History of Python Web
ย 

Recently uploaded

๐“€คCall On 7877925207 ๐“€ค Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
๐“€คCall On 7877925207 ๐“€ค Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...๐“€คCall On 7877925207 ๐“€ค Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
๐“€คCall On 7877925207 ๐“€ค Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...Neha Pandey
ย 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtrahman018755
ย 
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...SUHANI PANDEY
ย 
All Time Service Available Call Girls Mg Road ๐Ÿ‘Œ โญ๏ธ 6378878445
All Time Service Available Call Girls Mg Road ๐Ÿ‘Œ โญ๏ธ 6378878445All Time Service Available Call Girls Mg Road ๐Ÿ‘Œ โญ๏ธ 6378878445
All Time Service Available Call Girls Mg Road ๐Ÿ‘Œ โญ๏ธ 6378878445ruhi
ย 
Call Girls In Pratap Nagar Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”
Call Girls In Pratap Nagar Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”Call Girls In Pratap Nagar Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”
Call Girls In Pratap Nagar Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”soniya singh
ย 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...singhpriety023
ย 
Call Now โ˜Ž 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now โ˜Ž 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.Call Now โ˜Ž 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now โ˜Ž 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.soniya singh
ย 
Lucknow โคCALL GIRL 88759*99948 โคCALL GIRLS IN Lucknow ESCORT SERVICEโคCALL GIRL
Lucknow โคCALL GIRL 88759*99948 โคCALL GIRLS IN Lucknow ESCORT SERVICEโคCALL GIRLLucknow โคCALL GIRL 88759*99948 โคCALL GIRLS IN Lucknow ESCORT SERVICEโคCALL GIRL
Lucknow โคCALL GIRL 88759*99948 โคCALL GIRLS IN Lucknow ESCORT SERVICEโคCALL GIRLimonikaupta
ย 
Call Girls In Defence Colony Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”
Call Girls In Defence Colony Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”Call Girls In Defence Colony Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”
Call Girls In Defence Colony Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”soniya singh
ย 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...tanu pandey
ย 
Busty DesiโšกCall Girls in Vasundhara Ghaziabad >เผ’8448380779 Escort Service
Busty DesiโšกCall Girls in Vasundhara Ghaziabad >เผ’8448380779 Escort ServiceBusty DesiโšกCall Girls in Vasundhara Ghaziabad >เผ’8448380779 Escort Service
Busty DesiโšกCall Girls in Vasundhara Ghaziabad >เผ’8448380779 Escort ServiceDelhi Call girls
ย 
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...SUHANI PANDEY
ย 
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...SUHANI PANDEY
ย 
Hot Call Girls |Delhi |Hauz Khas โ˜Ž 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas โ˜Ž 9711199171 Book Your One night StandHot Call Girls |Delhi |Hauz Khas โ˜Ž 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas โ˜Ž 9711199171 Book Your One night Standkumarajju5765
ย 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...Escorts Call Girls
ย 
Call Girls In Model Towh Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”
Call Girls In Model Towh Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”Call Girls In Model Towh Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”
Call Girls In Model Towh Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”soniya singh
ย 

Recently uploaded (20)

๐“€คCall On 7877925207 ๐“€ค Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
๐“€คCall On 7877925207 ๐“€ค Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...๐“€คCall On 7877925207 ๐“€ค Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
๐“€คCall On 7877925207 ๐“€ค Ahmedguda Call Girls Hot Model With Sexy Bhabi Ready Fo...
ย 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
ย 
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
VVIP Pune Call Girls Sinhagad WhatSapp Number 8005736733 With Elite Staff And...
ย 
Low Sexy Call Girls In Mohali 9053900678 ๐ŸฅตHave Save And Good Place ๐Ÿฅต
Low Sexy Call Girls In Mohali 9053900678 ๐ŸฅตHave Save And Good Place ๐ŸฅตLow Sexy Call Girls In Mohali 9053900678 ๐ŸฅตHave Save And Good Place ๐Ÿฅต
Low Sexy Call Girls In Mohali 9053900678 ๐ŸฅตHave Save And Good Place ๐Ÿฅต
ย 
All Time Service Available Call Girls Mg Road ๐Ÿ‘Œ โญ๏ธ 6378878445
All Time Service Available Call Girls Mg Road ๐Ÿ‘Œ โญ๏ธ 6378878445All Time Service Available Call Girls Mg Road ๐Ÿ‘Œ โญ๏ธ 6378878445
All Time Service Available Call Girls Mg Road ๐Ÿ‘Œ โญ๏ธ 6378878445
ย 
Call Girls In Pratap Nagar Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”
Call Girls In Pratap Nagar Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”Call Girls In Pratap Nagar Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”
Call Girls In Pratap Nagar Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”
ย 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
ย 
Call Now โ˜Ž 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now โ˜Ž 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.Call Now โ˜Ž 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
Call Now โ˜Ž 8264348440 !! Call Girls in Green Park Escort Service Delhi N.C.R.
ย 
Lucknow โคCALL GIRL 88759*99948 โคCALL GIRLS IN Lucknow ESCORT SERVICEโคCALL GIRL
Lucknow โคCALL GIRL 88759*99948 โคCALL GIRLS IN Lucknow ESCORT SERVICEโคCALL GIRLLucknow โคCALL GIRL 88759*99948 โคCALL GIRLS IN Lucknow ESCORT SERVICEโคCALL GIRL
Lucknow โคCALL GIRL 88759*99948 โคCALL GIRLS IN Lucknow ESCORT SERVICEโคCALL GIRL
ย 
Call Girls In Defence Colony Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”
Call Girls In Defence Colony Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”Call Girls In Defence Colony Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”
Call Girls In Defence Colony Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”
ย 
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
Pune Airport ( Call Girls ) Pune 6297143586 Hot Model With Sexy Bhabi Ready...
ย 
Busty DesiโšกCall Girls in Vasundhara Ghaziabad >เผ’8448380779 Escort Service
Busty DesiโšกCall Girls in Vasundhara Ghaziabad >เผ’8448380779 Escort ServiceBusty DesiโšกCall Girls in Vasundhara Ghaziabad >เผ’8448380779 Escort Service
Busty DesiโšกCall Girls in Vasundhara Ghaziabad >เผ’8448380779 Escort Service
ย 
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
ย 
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
(INDIRA) Call Girl Pune Call Now 8250077686 Pune Escorts 24x7
ย 
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
ย 
Hot Call Girls |Delhi |Hauz Khas โ˜Ž 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas โ˜Ž 9711199171 Book Your One night StandHot Call Girls |Delhi |Hauz Khas โ˜Ž 9711199171 Book Your One night Stand
Hot Call Girls |Delhi |Hauz Khas โ˜Ž 9711199171 Book Your One night Stand
ย 
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
6.High Profile Call Girls In Punjab +919053900678 Punjab Call GirlHigh Profil...
ย 
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
(+971568250507 ))# Young Call Girls in Ajman By Pakistani Call Girls in ...
ย 
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in DubaiRussian Call Girls in %(+971524965298 )# Call Girls in Dubai
Russian Call Girls in %(+971524965298 )# Call Girls in Dubai
ย 
Call Girls In Model Towh Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”
Call Girls In Model Towh Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”Call Girls In Model Towh Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”
Call Girls In Model Towh Delhi ๐Ÿ’ฏCall Us ๐Ÿ”8264348440๐Ÿ”
ย 

Lightning Talk: Security matters @ploneconf 2014

  • 1. Security Matters Alexander Loechel on plone.app.vulneritilities plone.vulnerabilitychecks.* plone.hud PLONE CONFERENCE BRISTOL 2014
  • 2. Studies on Security โ€ข Security Study on Content Management Systems published by the German Federal Office for Information Security May 2013 โ€ข Take at least 15 min / day / system - Look for updates - Apply Patches
  • 3. โ€žYou should proceed under the assumption that every Drupal 7 website was compromised unless updated or patched before โ€ฆ after the announcement.โ€œ Drupal Security Team
  • 6.
  • 7. JSON from plone.org and pypi.python.org
  • 8. Supply Information โ€ข Check for vulnerabilities on Plone installs: โ€ข plone.vulnerabilitychecks.instance_startup โ€”> disable or warn on startup โ€ข plone.vulnerabilitychecks.buildout โ€”> warn or stop buildout โ€ข plone.vulnerabilitychecks.tests โ€”> For CI Tests โ€ข plone.vulnerabilitycheckes.controlpanel โ€”> Version Information View โ€ข buildout.autoapplyplonehotfixes โ€ข โ€”> github.com/loechel/ โ€ข dependencies: โ€ข plone.vulnerabilitychecks.core โ€”> JSON <โ€” plone.app.vulnerabilities
  • 9. Future Work โ€ข Sprinting on that โ€ข Include up-to-date lone.app.vulnerabilities in plone.org and keep Information up-to-date โ€ข May a PLIP to include those Packages in the Installers as a out-commented option with documentation โ€ข Make people more aware of Plone Security