SecurityAwareness
Definitionwikipedia} Securityawareness istheknowledgeandattitudemembersofanorganizationpossessregardingtheprotectionofthe...
backgroundWhy and for what ?
Hiddenbugs
ThatsNotaBug,ItsaFeatureRequest
Pointofview
Preventionisbetter
EnjoyyourLife
Type of AttackSpecial for ‘you’ guys
BruteForcea cryptanalytic attack that can, intheory, be used against anyencrypted data
CommandExecutionthe process of using a webinterface in order to execute OScommands on a web server
CSRFCrossSiteRequestForgerya type of malicious exploit ofa website whereby unauthorizedcommands are transmitted froma user...
FileInclusionIt allows an attacker to include aremote/local file, usually through ascript on the web server
SQLInjectiona code injection technique thatexploits a security vulnerability inan applications software
FileUploaddepend on functionality that allowsan attacker to upload a script file thatcan then be executed on the server
XSSCrossSiteScriptingXSS enables attackersto inject client-side script into Webpagesviewed by other users
Tips & TricksBefore, currently and after
Don’tbepanic
DoInvestigations
Coverthehole!!!
Monitoring
MultipleSecurity
SuperTrap!!!
updateandshareyourknowledge
StrongfoundationPlan
checkallpossibilitiesAnalyze
ThinkDifferentDevelopment & Implementation
Test&BenchmarkUAT & Deploy
PreiodicchecksEvaluation
Let’sdiscuss&thanksrgesit
Upcoming SlideShare
Loading in...5
×

Security awareness rgesit

86

Published on

Published in: Technology, Education
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
86
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Security awareness rgesit

  1. 1. SecurityAwareness
  2. 2. Definitionwikipedia} Securityawareness istheknowledgeandattitudemembersofanorganizationpossessregardingtheprotectionofthephysicalandespecially,informationassetsofthatorganization.Manyorganizationsrequireformalsecurityawarenesstrainingforallworkerswhentheyjointheorganizationandperiodicallythereafter,usuallyannually.
  3. 3. backgroundWhy and for what ?
  4. 4. Hiddenbugs
  5. 5. ThatsNotaBug,ItsaFeatureRequest
  6. 6. Pointofview
  7. 7. Preventionisbetter
  8. 8. EnjoyyourLife
  9. 9. Type of AttackSpecial for ‘you’ guys
  10. 10. BruteForcea cryptanalytic attack that can, intheory, be used against anyencrypted data
  11. 11. CommandExecutionthe process of using a webinterface in order to execute OScommands on a web server
  12. 12. CSRFCrossSiteRequestForgerya type of malicious exploit ofa website whereby unauthorizedcommands are transmitted froma user that the website trusts
  13. 13. FileInclusionIt allows an attacker to include aremote/local file, usually through ascript on the web server
  14. 14. SQLInjectiona code injection technique thatexploits a security vulnerability inan applications software
  15. 15. FileUploaddepend on functionality that allowsan attacker to upload a script file thatcan then be executed on the server
  16. 16. XSSCrossSiteScriptingXSS enables attackersto inject client-side script into Webpagesviewed by other users
  17. 17. Tips & TricksBefore, currently and after
  18. 18. Don’tbepanic
  19. 19. DoInvestigations
  20. 20. Coverthehole!!!
  21. 21. Monitoring
  22. 22. MultipleSecurity
  23. 23. SuperTrap!!!
  24. 24. updateandshareyourknowledge
  25. 25. StrongfoundationPlan
  26. 26. checkallpossibilitiesAnalyze
  27. 27. ThinkDifferentDevelopment & Implementation
  28. 28. Test&BenchmarkUAT & Deploy
  29. 29. PreiodicchecksEvaluation
  30. 30. Let’sdiscuss&thanksrgesit

×