Hacks Happen


Jeremiah Grossman
WhiteHat Security founder  CTO
blog: http://jeremiahgrossman.blogspot.com/
email: jeremia...
0wN3d!!1
   2
           2
1998’ best practices
Don’t write your own crypto algorithms
Don’t run web servers as root
Use Secure Sockets Layer (SSL)
H...
What’s input validation?




                     4
                           4
http://www.w3.org/Security/Faq/
                                  5
                                      5
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)
Upcoming SlideShare
Loading in...5
×

Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)

1,634

Published on

Conservative estimates put the total annual IT security spending in the US at $50 billion and e-crime losses at $100 billion. We’re losing two dollars for every dollar spent. Those numbers are said to be worse on a global scale. Newly passed laws, industry regulation, and press coverage have certainly raised the profile of the problem, but where have these actions really gotten us?

Websites are riddled with easy to exploit vulnerabilities, millions of desktops are infected with botnet connected malware, and cyber-attacks are more targeted, numerous, and financially motivated than ever! All the statistics we have seem to be moving in the wrong direction. And the more effort we invest the harder it is to tell if the situation is getting better or worse.

These days we have a lot more experts and less expertise. More products and less coverage. More best practices and less security. More news and less information. This environment type of environment is exactly why hacks happen every minute of every hour of every day. Its time to take a second look at what we know, reconsider what we think we know, and possibly come to a whole new set of assumptions.

Published in: Economy & Finance, Technology
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,634
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
66
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

Hacks Happen - (Keynote) Stanford Emerging Threats and Defenses Symposium (07232008)

  1. 1. Hacks Happen Jeremiah Grossman WhiteHat Security founder CTO blog: http://jeremiahgrossman.blogspot.com/ email: jeremiah@whitehatsec.com © 2008 WhiteHat Security, Inc. 1
  2. 2. 0wN3d!!1 2 2
  3. 3. 1998’ best practices Don’t write your own crypto algorithms Don’t run web servers as root Use Secure Sockets Layer (SSL) Have proper file system permissions Wait, how does this make a website secure? 3 3
  4. 4. What’s input validation? 4 4
  5. 5. http://www.w3.org/Security/Faq/ 5 5
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×