Security Primer

530 views
470 views

Published on

Presentation for the Yorkville Media Centre on Web and Application Security

Published in: Technology, News & Politics
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
530
On SlideShare
0
From Embeds
0
Number of Embeds
33
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Security Primer

  1. 1. “To Serve & Protect” Puleen Patel November 6, 2010
  2. 2.  Introduction  Traditional View  The Map of The Web  Digital View  Types of Breaches  Security Terminologies  Questions
  3. 3.  My name is Puleen,  Technology is my passion  During the day a Canadian Bank lets me apply, learn and grow my passion  At other times
  4. 4.  Protection of Content ◦ Belongings  Jewels, Car, Money… ◦ Information  Financial, Bills, Will… ◦ Communication  Voice conversations, Messages, Letters…
  5. 5.  Protection of Content ◦ Physical Assets  Servers, Workstations, Laptops… ◦ Software & Intellectual Assets  Applications, Code, Databases… ◦ Channels  IM, Email, Web, Mobile… ◦ Social *NEW*  Facebook, MySpace, Flickr, Picasa…
  6. 6.  Network ◦ IP Spoofing / Maquerading ◦ Packet Sniffing ◦ Denial of Service Attacks ◦ …  Application ◦ Login / Password ◦ Email ◦ SQL Injection ◦ Session Hijacking ◦ Cross-Site Scripting ◦ Phishing ◦ …
  7. 7.  Encryption ◦ Secure Socket Layer (SSL / HTTPS) ◦ Secure FTP (SFTP) ◦ Secure Email (Digital Signatures) ◦ Public Key Interchange (PKI / Digital Certificates)  Firewalls / Gateways  Virtual Private Networks (VPN)
  8. 8.  In 2007, parent company of Winner / HomeSense had 2 million visa card numbers in Canada and 20 million globally stolen by fraudsters  Phishing sites attempt to send emails that take users to legitimate looking websites which are setup to capture confidential information  May 2010, a security exploit was discovered which allowed capturing Facebook friends list, email addresses and other data by way of Cross Site Scripting (XSS)  IT security breaches at Canadian firms account for an average annual loss of $834,149, a figure that reflects a 97 per cent increase from the $423,469 average cost reported in 2008, according to a national study released Tuesday.
  9. 9.  http://puleen.com  http://blog.puleen.com  puleen@gmail.com  @puleen
  10. 10.  Making Sense of Security - http://www.technicalinfo.net/index.html  Web Application Security - http://www.phpwact.org/security/web_application_security  Apache Security - http://www.apachesecurity.net/  IT Security Best Practices - http://www.internet.com/IT/Security/BestPractices  Best Computer Security Practices of Home, Home Office, Small Business and Telecommuters - http://www.sans.org/reading_room/whitepapers/hsoffice/co mputer-security-practices-home-home-office-small- business-telecommuters_616  Security Best Practices for Twitter applications - http://dev.twitter.com/pages/security_best_practices

×