SlideShare a Scribd company logo

Security Primer

Download as PPTX, PDF
P
puleen

Presentation for the Yorkville Media Centre on Web and Application Security

TechnologyNews & Politics
1 of 12
“To Serve & Protect” Puleen Patel November 6, 2010
 Introduction  Traditional View  The Map of The Web  Digital View  Types of Breaches  Security Terminologies  Questions
 My name is Puleen,  Technology is my passion  During the day a Canadian Bank lets me apply, learn and grow my passion  At other times
 Protection of Content ◦ Belongings  Jewels, Car, Money… ◦ Information  Financial, Bills, Will… ◦ Communication  Voice conversations, Messages, Letters…
 Protection of Content ◦ Physical Assets  Servers, Workstations, Laptops… ◦ Software & Intellectual Assets  Applications, Code, Databases… ◦ Channels  IM, Email, Web, Mobile… ◦ Social *NEW*  Facebook, MySpace, Flickr, Picasa…
 Network ◦ IP Spoofing / Maquerading ◦ Packet Sniffing ◦ Denial of Service Attacks ◦ …  Application ◦ Login / Password ◦ Email ◦ SQL Injection ◦ Session Hijacking ◦ Cross-Site Scripting ◦ Phishing ◦ …
 Encryption ◦ Secure Socket Layer (SSL / HTTPS) ◦ Secure FTP (SFTP) ◦ Secure Email (Digital Signatures) ◦ Public Key Interchange (PKI / Digital Certificates)  Firewalls / Gateways  Virtual Private Networks (VPN)
 In 2007, parent company of Winner / HomeSense had 2 million visa card numbers in Canada and 20 million globally stolen by fraudsters  Phishing sites attempt to send emails that take users to legitimate looking websites which are setup to capture confidential information  May 2010, a security exploit was discovered which allowed capturing Facebook friends list, email addresses and other data by way of Cross Site Scripting (XSS)  IT security breaches at Canadian firms account for an average annual loss of $834,149, a figure that reflects a 97 per cent increase from the $423,469 average cost reported in 2008, according to a national study released Tuesday.
 http://puleen.com  http://blog.puleen.com  puleen@gmail.com  @puleen
 Making Sense of Security - http://www.technicalinfo.net/index.html  Web Application Security - http://www.phpwact.org/security/web_application_security  Apache Security - http://www.apachesecurity.net/  IT Security Best Practices - http://www.internet.com/IT/Security/BestPractices  Best Computer Security Practices of Home, Home Office, Small Business and Telecommuters - http://www.sans.org/reading_room/whitepapers/hsoffice/co mputer-security-practices-home-home-office-small- business-telecommuters_616  Security Best Practices for Twitter applications - http://dev.twitter.com/pages/security_best_practices

Recommended

Cyber Safety Class 9
Cyber Safety Class 9Cyber Safety Class 9
Cyber Safety Class 9
NehaRohtagi1
 
Informatics practices (1)
Informatics practices (1)Informatics practices (1)
Informatics practices (1)
abdul talha
 
PreventingPhishing
PreventingPhishingPreventingPhishing
PreventingPhishing
KioWare Kiosk Software
 
Krishna cyber safety
Krishna cyber safetyKrishna cyber safety
Krishna cyber safety
Jana Jiwan Secondary School, Khairahani-2, Chainpur
 
001 ho basic computer
001 ho basic computer001 ho basic computer
001 ho basic computer
Franklin Sondakh
 
Exploring Data Privacy - SQL Saturday Louisville 2011
Exploring Data Privacy - SQL Saturday Louisville 2011Exploring Data Privacy - SQL Saturday Louisville 2011
Exploring Data Privacy - SQL Saturday Louisville 2011
John Magnabosco
 
Hackers Hit Web Host
Hackers Hit Web HostHackers Hit Web Host
Hackers Hit Web Host
webhostingguy
 
INTERNET PRIVACY
INTERNET PRIVACYINTERNET PRIVACY
INTERNET PRIVACY
Milan Kapoor
 

Recommended

Cyber Safety Class 9
Cyber Safety Class 9Cyber Safety Class 9
Cyber Safety Class 9
NehaRohtagi1
 
Informatics practices (1)
Informatics practices (1)Informatics practices (1)
Informatics practices (1)
abdul talha
 
PreventingPhishing
PreventingPhishingPreventingPhishing
PreventingPhishing
KioWare Kiosk Software
 
Krishna cyber safety
Krishna cyber safetyKrishna cyber safety
Krishna cyber safety
Jana Jiwan Secondary School, Khairahani-2, Chainpur
 
001 ho basic computer
001 ho basic computer001 ho basic computer
001 ho basic computer
Franklin Sondakh
 
Exploring Data Privacy - SQL Saturday Louisville 2011
Exploring Data Privacy - SQL Saturday Louisville 2011Exploring Data Privacy - SQL Saturday Louisville 2011
Exploring Data Privacy - SQL Saturday Louisville 2011
John Magnabosco
 
Hackers Hit Web Host
Hackers Hit Web HostHackers Hit Web Host
Hackers Hit Web Host
webhostingguy
 
INTERNET PRIVACY
INTERNET PRIVACYINTERNET PRIVACY
INTERNET PRIVACY
Milan Kapoor
 
Cyber crime (do's&dont's)
Cyber crime (do's&dont's)Cyber crime (do's&dont's)
Cyber crime (do's&dont's)
Nigel D'souza
 
Steven Leahy_IT 543_Unit 1 Assignment
Steven Leahy_IT 543_Unit 1 AssignmentSteven Leahy_IT 543_Unit 1 Assignment
Steven Leahy_IT 543_Unit 1 Assignment
Steven Leahy
 
Online Security and How to Make Money Online
Online Security and How to Make Money Online Online Security and How to Make Money Online
Online Security and How to Make Money Online
Nader Alkeinay
 
Cyper crime
Cyper crimeCyper crime
Cyper crime
kirupasuchi1996
 
CyberCrime attacks on Small Businesses
CyberCrime attacks on Small BusinessesCyberCrime attacks on Small Businesses
CyberCrime attacks on Small Businesses
Jose L. Quiñones-Borrero
 
Cybersecurity for children
Cybersecurity for childrenCybersecurity for children
Cybersecurity for children
Saurav Jha
 
Personal Data Security in a Digital World
Personal Data Security in a Digital WorldPersonal Data Security in a Digital World
Personal Data Security in a Digital World
alxdvs
 
Guidelines For Ethical Nudging In Password Authentication
Guidelines For Ethical Nudging In Password AuthenticationGuidelines For Ethical Nudging In Password Authentication
Guidelines For Ethical Nudging In Password Authentication
SM Nurnobi
 
Is your privacy, private?
Is your privacy, private?Is your privacy, private?
Is your privacy, private?
DionShawMSPM
 
Cyber Privacy & Password Protection
Cyber Privacy & Password ProtectionCyber Privacy & Password Protection
Cyber Privacy & Password Protection
Nikhil D
 
Data privacy over internet
Data privacy over internetData privacy over internet
Data privacy over internet
devashishicai
 
Matt Luallen Explains What, How and Responding to Identity Theft
Matt Luallen Explains What, How and Responding to Identity TheftMatt Luallen Explains What, How and Responding to Identity Theft
Matt Luallen Explains What, How and Responding to Identity Theft
guest3151b0
 
Steps and Tips to Protect Yourself and your Private Information while Online....
Steps and Tips to Protect Yourself and your Private Information while Online....Steps and Tips to Protect Yourself and your Private Information while Online....
Steps and Tips to Protect Yourself and your Private Information while Online....
Abzetdin Adamov
 
Wk online trust solutions overview january 2012
Wk online trust solutions overview january 2012Wk online trust solutions overview january 2012
Wk online trust solutions overview january 2012
Creus Moreira Carlos
 
100812 internet security2.0
100812 internet security2.0100812 internet security2.0
100812 internet security2.0
dkp205
 
ID Theft and Computer Security 2008
ID Theft and Computer Security 2008ID Theft and Computer Security 2008
ID Theft and Computer Security 2008
Donald E. Hester
 
Hackers
HackersHackers
Hackers
Alvaro Cipriano
 
Hackers
HackersHackers
Hackers
yozusaki
 
Hackers
HackersHackers
Hackers
guesta04f59b
 
Leading Practices in Information Security & Privacy
Leading Practices in Information Security & PrivacyLeading Practices in Information Security & Privacy
Leading Practices in Information Security & Privacy
Donny Shimamoto
 
Dean carey - data loss-prevention - atlseccon2011
Dean carey - data loss-prevention - atlseccon2011Dean carey - data loss-prevention - atlseccon2011
Dean carey - data loss-prevention - atlseccon2011
Atlantic Security Conference
 
E-commerce & Security
E-commerce & SecurityE-commerce & Security
E-commerce & Security
NetstarterSL
 

More Related Content

What's hot

Steven Leahy_IT 543_Unit 1 Assignment
Steven Leahy_IT 543_Unit 1 AssignmentSteven Leahy_IT 543_Unit 1 Assignment
Steven Leahy_IT 543_Unit 1 Assignment
Steven Leahy
 
Personal Data Security in a Digital World
Personal Data Security in a Digital WorldPersonal Data Security in a Digital World
Personal Data Security in a Digital World
alxdvs
 

What's hot (9)

Cyber crime (do's&dont's)
Cyber crime (do's&dont's)Cyber crime (do's&dont's)
Cyber crime (do's&dont's)
 
Steven Leahy_IT 543_Unit 1 Assignment
Steven Leahy_IT 543_Unit 1 AssignmentSteven Leahy_IT 543_Unit 1 Assignment
Steven Leahy_IT 543_Unit 1 Assignment
 
Online Security and How to Make Money Online
Online Security and How to Make Money Online Online Security and How to Make Money Online
Online Security and How to Make Money Online
 
Cyper crime
Cyper crimeCyper crime
Cyper crime
 
CyberCrime attacks on Small Businesses
CyberCrime attacks on Small BusinessesCyberCrime attacks on Small Businesses
CyberCrime attacks on Small Businesses
 
Cybersecurity for children
Cybersecurity for childrenCybersecurity for children
Cybersecurity for children
 
Personal Data Security in a Digital World
Personal Data Security in a Digital WorldPersonal Data Security in a Digital World
Personal Data Security in a Digital World
 
Guidelines For Ethical Nudging In Password Authentication
Guidelines For Ethical Nudging In Password AuthenticationGuidelines For Ethical Nudging In Password Authentication
Guidelines For Ethical Nudging In Password Authentication
 
Is your privacy, private?
Is your privacy, private?Is your privacy, private?
Is your privacy, private?
 

Similar to Security Primer

Wk online trust solutions overview january 2012
Wk online trust solutions overview january 2012Wk online trust solutions overview january 2012
Wk online trust solutions overview january 2012
Creus Moreira Carlos
 
Leading Practices in Information Security & Privacy
Leading Practices in Information Security & PrivacyLeading Practices in Information Security & Privacy
Leading Practices in Information Security & Privacy
Donny Shimamoto
 
E-commerce & Security
E-commerce & SecurityE-commerce & Security
E-commerce & Security
NetstarterSL
 

Similar to Security Primer (20)

Cyber Privacy & Password Protection
Cyber Privacy & Password ProtectionCyber Privacy & Password Protection
Cyber Privacy & Password Protection
 
Data privacy over internet
Data privacy over internetData privacy over internet
Data privacy over internet
 
Matt Luallen Explains What, How and Responding to Identity Theft
Matt Luallen Explains What, How and Responding to Identity TheftMatt Luallen Explains What, How and Responding to Identity Theft
Matt Luallen Explains What, How and Responding to Identity Theft
 
Steps and Tips to Protect Yourself and your Private Information while Online....
Steps and Tips to Protect Yourself and your Private Information while Online....Steps and Tips to Protect Yourself and your Private Information while Online....
Steps and Tips to Protect Yourself and your Private Information while Online....
 
Wk online trust solutions overview january 2012
Wk online trust solutions overview january 2012Wk online trust solutions overview january 2012
Wk online trust solutions overview january 2012
 
100812 internet security2.0
100812 internet security2.0100812 internet security2.0
100812 internet security2.0
 
ID Theft and Computer Security 2008
ID Theft and Computer Security 2008ID Theft and Computer Security 2008
ID Theft and Computer Security 2008
 
Hackers
HackersHackers
Hackers
 
Hackers
HackersHackers
Hackers
 
Hackers
HackersHackers
Hackers
 
Leading Practices in Information Security & Privacy
Leading Practices in Information Security & PrivacyLeading Practices in Information Security & Privacy
Leading Practices in Information Security & Privacy
 
Dean carey - data loss-prevention - atlseccon2011
Dean carey - data loss-prevention - atlseccon2011Dean carey - data loss-prevention - atlseccon2011
Dean carey - data loss-prevention - atlseccon2011
 
E-commerce & Security
E-commerce & SecurityE-commerce & Security
E-commerce & Security
 
Phishing Whaling and Hacking Case Studies.pptx
Phishing Whaling and Hacking Case Studies.pptxPhishing Whaling and Hacking Case Studies.pptx
Phishing Whaling and Hacking Case Studies.pptx
 
Security And Privacy Cagliari 2012
Security And Privacy Cagliari 2012Security And Privacy Cagliari 2012
Security And Privacy Cagliari 2012
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
 
ccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdfccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdf
 
Introduction to security
Introduction to securityIntroduction to security
Introduction to security
 
Cyber Security Seminar
Cyber Security SeminarCyber Security Seminar
Cyber Security Seminar
 
Phishing
PhishingPhishing
Phishing
 

Recently uploaded

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 

Recently uploaded (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 

Security Primer

  • 1. “To Serve & Protect” Puleen Patel November 6, 2010
  • 2.  Introduction  Traditional View  The Map of The Web  Digital View  Types of Breaches  Security Terminologies  Questions
  • 3.  My name is Puleen,  Technology is my passion  During the day a Canadian Bank lets me apply, learn and grow my passion  At other times
  • 4.  Protection of Content ◦ Belongings  Jewels, Car, Money… ◦ Information  Financial, Bills, Will… ◦ Communication  Voice conversations, Messages, Letters…
  • 5.
  • 6.  Protection of Content ◦ Physical Assets  Servers, Workstations, Laptops… ◦ Software & Intellectual Assets  Applications, Code, Databases… ◦ Channels  IM, Email, Web, Mobile… ◦ Social *NEW*  Facebook, MySpace, Flickr, Picasa…
  • 7.  Network ◦ IP Spoofing / Maquerading ◦ Packet Sniffing ◦ Denial of Service Attacks ◦ …  Application ◦ Login / Password ◦ Email ◦ SQL Injection ◦ Session Hijacking ◦ Cross-Site Scripting ◦ Phishing ◦ …
  • 8.  Encryption ◦ Secure Socket Layer (SSL / HTTPS) ◦ Secure FTP (SFTP) ◦ Secure Email (Digital Signatures) ◦ Public Key Interchange (PKI / Digital Certificates)  Firewalls / Gateways  Virtual Private Networks (VPN)
  • 9.  In 2007, parent company of Winner / HomeSense had 2 million visa card numbers in Canada and 20 million globally stolen by fraudsters  Phishing sites attempt to send emails that take users to legitimate looking websites which are setup to capture confidential information  May 2010, a security exploit was discovered which allowed capturing Facebook friends list, email addresses and other data by way of Cross Site Scripting (XSS)  IT security breaches at Canadian firms account for an average annual loss of $834,149, a figure that reflects a 97 per cent increase from the $423,469 average cost reported in 2008, according to a national study released Tuesday.
  • 10.
  • 12.  Making Sense of Security - http://www.technicalinfo.net/index.html  Web Application Security - http://www.phpwact.org/security/web_application_security  Apache Security - http://www.apachesecurity.net/  IT Security Best Practices - http://www.internet.com/IT/Security/BestPractices  Best Computer Security Practices of Home, Home Office, Small Business and Telecommuters - http://www.sans.org/reading_room/whitepapers/hsoffice/co mputer-security-practices-home-home-office-small- business-telecommuters_616  Security Best Practices for Twitter applications - http://dev.twitter.com/pages/security_best_practices