Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
http://www.flickr.com/photos/8164746@N05/2329405200/
What is security?
… protecting your servers, code, data,
network, users from the bad guys
What is large scale?
Big infra (apps, servers, routers, firewalls), lots
of stored data, lots of streaming data, partners
...
What is security @ large scale?
When traditional security techniques fail. Too
many devices to manage. Too much logs. Many...
DoS – a novice as well as a
sophisticated attacker’s attack
Monitor, Learn, Adapt
The mystery of DDoS
Is it the holiday traffic or a botnet?
Sometimes just being a difficult or
expensive target is a win… ...
0 days attacks @ layer 7
Telnet, FTP, SMTP, DNS, HTTP, RPC, SIP, SSH
Tighten up access. Let the enemy come
between the mou...
For 90%, Internet is HTTP or
World Wild Web
Amazon, Flickr, Tumblr, Gmail, Y!
News, FB, Y! Finance, Twitter, Y!
Weather, G...
And now you have the mobile
first
worms: large scale client side attacks
https://superevr.com/blog/2011/xss-in-skype-for-ios/
worms: large scale server side attacks
Step 1: Attacker shuts DB
Step 2: Victim can’t
do anything on the
website. DB is do...
Bad-man in the middle. Everywhere.
Internal is not always Internal
Advanced Persistent Threat (APT)
1 + 1 + 1 = ?
Aurora, Stuxnet
Use technology for it
Hadoop, MapReduce, Data Mining,
CommonCrawler, Nutch, Splunk,
NodeJS, PhantomJS………
To win some battles, you need
Avengers
Restrictive ACLs, Continuous Inventory Discovery,
Proactive Vulnerability Detection...
Upcoming SlideShare
Loading in …5
×

Security @ large scale

521 views

Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Security @ large scale

  1. 1. http://www.flickr.com/photos/8164746@N05/2329405200/
  2. 2. What is security? … protecting your servers, code, data, network, users from the bad guys
  3. 3. What is large scale? Big infra (apps, servers, routers, firewalls), lots of stored data, lots of streaming data, partners … so much that’s humanly impossible to manage or make sense out of .. and where traditional technologies fail to be of help
  4. 4. What is security @ large scale? When traditional security techniques fail. Too many devices to manage. Too much logs. Many ways of getting attacked. Lots of applications. Multiple programming stacks. Lots of code pushed out daily. Acquisitions. Mergers. Outsourced Service Providers. 3rd party software.
  5. 5. DoS – a novice as well as a sophisticated attacker’s attack Monitor, Learn, Adapt
  6. 6. The mystery of DDoS Is it the holiday traffic or a botnet? Sometimes just being a difficult or expensive target is a win… also called raising the bar
  7. 7. 0 days attacks @ layer 7 Telnet, FTP, SMTP, DNS, HTTP, RPC, SIP, SSH Tighten up access. Let the enemy come between the mountains.
  8. 8. For 90%, Internet is HTTP or World Wild Web Amazon, Flickr, Tumblr, Gmail, Y! News, FB, Y! Finance, Twitter, Y! Weather, G Maps
  9. 9. And now you have the mobile first
  10. 10. worms: large scale client side attacks https://superevr.com/blog/2011/xss-in-skype-for-ios/
  11. 11. worms: large scale server side attacks Step 1: Attacker shuts DB Step 2: Victim can’t do anything on the website. DB is down
  12. 12. Bad-man in the middle. Everywhere.
  13. 13. Internal is not always Internal
  14. 14. Advanced Persistent Threat (APT) 1 + 1 + 1 = ? Aurora, Stuxnet
  15. 15. Use technology for it Hadoop, MapReduce, Data Mining, CommonCrawler, Nutch, Splunk, NodeJS, PhantomJS………
  16. 16. To win some battles, you need Avengers Restrictive ACLs, Continuous Inventory Discovery, Proactive Vulnerability Detection, Patch Management beyond at Web layer, Secure programming stack, Abuse Detection, Static Analysis, Dynamic Analysis, Red Team, Trainings, Bug Recognition / Bounty program

×