SlideShare a Scribd company logo

Bay Area Cyber Security Meetup - How To Stay Safe Online

D
David Dowling

Presentation by David Dowling @David_S_Dowling on practical tips and tactics to secure yourself online. The Presentation covered off items like: how to check if one of your email accounts has been compromised, how to move off a single password or that pesky Excel sheet full of passwords, why 2FA is A-ok, quick an easy ways to reduce spam, simple things to secure your computer and links to interesting security blogs.

Technology
1 of 20
Download to read offline
© 2017 Imperva, Inc. All rights reserved. Practical Tips And Tactics To Stay Safe Online David Dowling | Director Worldwide Inside Sales @David_S_Dowling Thursday, 15 June 2017
© 2017 Imperva, Inc. All rights reserved. Intro Confidential2 • Hiring – Anyone looking to hire? Anyone looking for roles? • Brief Overview of Imperva and the DDoS Threat landscape • How to check if your accounts have been compromised • Moving away from the same password or an Excel sheet • Why 2FA is A-OK • Quick easy way to reduce spam • How to secure your computer • Tips and tricks from the audience
© 2017 Imperva, Inc. All rights reserved. Staying Safe Online? 3 U Wot M8?
© 2017 Imperva, Inc. All rights reserved. Don’t Worry! This Is Not A Sales Pitch – Everything mainly free and online
© 2017 Imperva, Inc. All rights reserved. Background on Imperva – Data and App Security Confidential5 • We focus on Database and application security, stopping DDoS attacks (stopped 17,000 DDoS attacks in Q1 • DDoS trends – More short hit and run DDoS attacks • Increase in application DDoS attacks – Seeing up to 176,000 Requests per second (RPS)
© 2017 Imperva, Inc. All rights reserved. Bay Area Meet Up Hiring Managers? Confidential6 • Imperva has multiple technical roles open at Imperva – Join the team • Who else is hiring?
© 2017 Imperva, Inc. All rights reserved. Way To Check URLs or files for viruses Confidential7 • VirusTotal – Way to check URLs or files • URL Extenders - http://urlex.org/ • Google Docs – Safer way to open Word docs
© 2017 Imperva, Inc. All rights reserved. Has my Ashley Madison / LinkedIn / Adobe account been ‘pwned’? 8 • https://haveibeenpwned.com – Free service run by fellow Strayan Troy Hunt • 2015 had 34 ‘pwned’ websites, 2017 had 220 ‘pwned’ websites • Now upto 3.8 Billion pwned accounts – Left is 2015, right is 2017
© 2017 Imperva, Inc. All rights reserved. But I Didn’t Click Anywhere! 9 • A Malvertising attack on Yahoo users in Eastern Europe via the advertising meant that users DIDN’T have to click on ads to get malware – Just had to visit the site • Ad Blockers are your friend – Electronic Frontier Foundation (EFF) has Privacy Badger and Ad Block Plus is good for Google Chrome. NoScript is for Firefox.
© 2017 Imperva, Inc. All rights reserved. If You Visit “Dodgy” Sites Confidential10 • Use FireFox and Install NoScript • Duckduck Go – Do you really want “Hooli knowing everything? • Don’t forget to set Private Browsing for other computer users
© 2017 Imperva, Inc. All rights reserved. Example of Passwords from 42 Million Accounts At OkCupid • If this is your password – Please change! • Source: Krebs on Security
© 2017 Imperva, Inc. All rights reserved. Password Management 12 • KeePass, Dashlane – A way to generate passwords • www.PasswordGenerator.net • Do your research – Tavis Ormandy from Google
© 2017 Imperva, Inc. All rights reserved. Two Factor What? Confidential13 • Two Factor Authentication or Multi-Factor Authentication sends one time passwords via email or SMS • Gmail, LinkedIn, HootSuite, LastPass, Yahoo, PayPal, Facebook • Great blog post by Imperva’s Solutions Manager Jeff Serota
© 2017 Imperva, Inc. All rights reserved. How Can I Check If My Bank / App Has 2FA? Confidential14 • https://twofactorauth.org/ - Free site that lists all apps that have 2FA • Gmail, LinkedIn, HootSuite, LastPass, Yahoo, PayPal, Facebook
© 2017 Imperva, Inc. All rights reserved. Why Is Two Factor Authentication Important? Confidential15 • Stops people that you don’t want to read your email or do your banking for you. • Example I had post Yahoo breach notification • Look for solutions that let you accept or reject like Duo Security, Authy as well as Google Authenticator • Physical tokens are making a come back – Yubico’s Yubikey is good
© 2017 Imperva, Inc. All rights reserved. Brian Krebs – Tools for a Safer PC 16 • Turn On automatic updates so your operating system can receive the latest fixes • Especially Adobe and Java
© 2017 Imperva, Inc. All rights reserved. How Not Give Marketers Your Emails Confidential17 • Use temporary services like Shark Lasers, Mailnator and more • Reduce the number of accounts that tie back to your main email and reduce your spam
© 2017 Imperva, Inc. All rights reserved. Using “Free” Wi-Fi At a Cafe Confidential18 • Source: Life Hacker • Use a VPN and turn on Firewall • Turn off Sharing • Https • Use Public Network
© 2017 Imperva, Inc. All rights reserved. Useful Websites 1919 • Information is Beautiful – Data Breaches • Have I Been Pwned.com • Twitter • Naked Security - Sophos • Krebs On Security.com • Incapsula.com/blog • Dark Reading • Swift on Security • Troyhunt.com
Bay Area Cyber Security Meetup - How To Stay Safe Online

Recommended

Sept 2014 cloud security presentation
Sept 2014 cloud security presentationSept 2014 cloud security presentation
Sept 2014 cloud security presentationJoan Dembowski
 
Renfrow Internet Safety
Renfrow Internet SafetyRenfrow Internet Safety
Renfrow Internet Safetymrenfrow
 
How to access blocked websites in china
How to access blocked websites in chinaHow to access blocked websites in china
How to access blocked websites in chinaAmyhm
 
MIRAI: What is It, How Does it Work and Why Should I Care?
MIRAI: What is It, How Does it Work and Why Should I Care?MIRAI: What is It, How Does it Work and Why Should I Care?
MIRAI: What is It, How Does it Work and Why Should I Care?Memoori
 
Sucuri Webinar: Hacked Website Trend Report Q1/2016
Sucuri Webinar: Hacked Website Trend Report Q1/2016Sucuri Webinar: Hacked Website Trend Report Q1/2016
Sucuri Webinar: Hacked Website Trend Report Q1/2016Sucuri
 
Advanced phishing for red team assessments
Advanced phishing for red team assessmentsAdvanced phishing for red team assessments
Advanced phishing for red team assessmentsJEBARAJM
 
Beyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked accountBeyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked accountImperva
 
Aaron Higbee - The Humanity of Phishing Attack & Defense
Aaron Higbee - The Humanity of Phishing Attack & DefenseAaron Higbee - The Humanity of Phishing Attack & Defense
Aaron Higbee - The Humanity of Phishing Attack & Defensecentralohioissa
 

Recommended

Sept 2014 cloud security presentation
Sept 2014 cloud security presentationSept 2014 cloud security presentation
Sept 2014 cloud security presentationJoan Dembowski
 
Renfrow Internet Safety
Renfrow Internet SafetyRenfrow Internet Safety
Renfrow Internet Safetymrenfrow
 
How to access blocked websites in china
How to access blocked websites in chinaHow to access blocked websites in china
How to access blocked websites in chinaAmyhm
 
MIRAI: What is It, How Does it Work and Why Should I Care?
MIRAI: What is It, How Does it Work and Why Should I Care?MIRAI: What is It, How Does it Work and Why Should I Care?
MIRAI: What is It, How Does it Work and Why Should I Care?Memoori
 
Sucuri Webinar: Hacked Website Trend Report Q1/2016
Sucuri Webinar: Hacked Website Trend Report Q1/2016Sucuri Webinar: Hacked Website Trend Report Q1/2016
Sucuri Webinar: Hacked Website Trend Report Q1/2016Sucuri
 
Advanced phishing for red team assessments
Advanced phishing for red team assessmentsAdvanced phishing for red team assessments
Advanced phishing for red team assessmentsJEBARAJM
 
Beyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked accountBeyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked accountImperva
 
Aaron Higbee - The Humanity of Phishing Attack & Defense
Aaron Higbee - The Humanity of Phishing Attack & DefenseAaron Higbee - The Humanity of Phishing Attack & Defense
Aaron Higbee - The Humanity of Phishing Attack & Defensecentralohioissa
 
Aaron Higbee - The Humanity of Phishing Attack & Defense
Aaron Higbee - The Humanity of Phishing Attack & DefenseAaron Higbee - The Humanity of Phishing Attack & Defense
Aaron Higbee - The Humanity of Phishing Attack & DefenseJason Luttrell, CISSP, CISM
 
How to Think About Your Technology Roadmap for 2017 - Kristi Kennelly
How to Think About Your Technology Roadmap for 2017 - Kristi KennellyHow to Think About Your Technology Roadmap for 2017 - Kristi Kennelly
How to Think About Your Technology Roadmap for 2017 - Kristi KennellyInman News
 
Cyber Resilency VANCOUVER, BC Nov 2017
Cyber Resilency VANCOUVER, BC Nov 2017 Cyber Resilency VANCOUVER, BC Nov 2017
Cyber Resilency VANCOUVER, BC Nov 2017 Kevin Murphy
 
Jisc cyber security posture survey
Jisc cyber security posture surveyJisc cyber security posture survey
Jisc cyber security posture surveyJisc
 
2017 Phishing Trends & Intelligence Report: Hacking the Human
2017 Phishing Trends & Intelligence Report: Hacking the Human2017 Phishing Trends & Intelligence Report: Hacking the Human
2017 Phishing Trends & Intelligence Report: Hacking the HumanPhishLabs
 
Understanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUnderstanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUlf Mattsson
 
The Case for EDR: What's In Your Toolkit
The Case for EDR: What's In Your ToolkitThe Case for EDR: What's In Your Toolkit
The Case for EDR: What's In Your ToolkitDawn Yankeelov
 
Cerdant Security State of the Union
Cerdant Security State of the UnionCerdant Security State of the Union
Cerdant Security State of the UnionDavid Perkins
 
Journey to Establish an Open Source Policy in a Fortune 20 Health Care Company
Journey to Establish an Open Source Policy in a Fortune 20 Health Care CompanyJourney to Establish an Open Source Policy in a Fortune 20 Health Care Company
Journey to Establish an Open Source Policy in a Fortune 20 Health Care CompanyAll Things Open
 
Your Service Desk is Privileged, Too
Your Service Desk is Privileged, TooYour Service Desk is Privileged, Too
Your Service Desk is Privileged, TooBomgar
 
Multi channel marketing 2017 across mobile, email, display and search
Multi channel marketing 2017 across mobile, email, display and searchMulti channel marketing 2017 across mobile, email, display and search
Multi channel marketing 2017 across mobile, email, display and searchRoberto Gennaro
 
The Very Best Intranets & Digital Workplace from the 2016 Intranet Global Forum
The Very Best Intranets & Digital Workplace from the 2016 Intranet Global ForumThe Very Best Intranets & Digital Workplace from the 2016 Intranet Global Forum
The Very Best Intranets & Digital Workplace from the 2016 Intranet Global ForumPrescient Digital Media
 
14 Online Tools Every Small Business Owner Should Use
14 Online Tools Every Small Business Owner Should Use14 Online Tools Every Small Business Owner Should Use
14 Online Tools Every Small Business Owner Should Usedywtsi
 
Cyber Security Seminar
Cyber Security SeminarCyber Security Seminar
Cyber Security SeminarJeremy Quadri
 
Masterclass_ Cybersecurity and Data Privacy Basics
Masterclass_ Cybersecurity and Data Privacy BasicsMasterclass_ Cybersecurity and Data Privacy Basics
Masterclass_ Cybersecurity and Data Privacy BasicsExcellence Foundation for South Sudan
 
How to improve resilience and respond better to Cyber Attacks with ISO 22301?
How to improve resilience and respond better to Cyber Attacks with ISO 22301?How to improve resilience and respond better to Cyber Attacks with ISO 22301?
How to improve resilience and respond better to Cyber Attacks with ISO 22301?PECB
 
What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017Doug Copley
 
Cybersecurity for CRM v0219-3
Cybersecurity for CRM v0219-3Cybersecurity for CRM v0219-3
Cybersecurity for CRM v0219-3Caston Thomas
 
Security in the Digital Workplace
Security in the Digital WorkplaceSecurity in the Digital Workplace
Security in the Digital WorkplaceLiveTiles
 
Why Security Matters for Marketers
Why Security Matters for MarketersWhy Security Matters for Marketers
Why Security Matters for MarketersHubSpot
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 

More Related Content

Similar to Bay Area Cyber Security Meetup - How To Stay Safe Online

Aaron Higbee - The Humanity of Phishing Attack & Defense
Aaron Higbee - The Humanity of Phishing Attack & DefenseAaron Higbee - The Humanity of Phishing Attack & Defense
Aaron Higbee - The Humanity of Phishing Attack & DefenseJason Luttrell, CISSP, CISM
 
How to Think About Your Technology Roadmap for 2017 - Kristi Kennelly
How to Think About Your Technology Roadmap for 2017 - Kristi KennellyHow to Think About Your Technology Roadmap for 2017 - Kristi Kennelly
How to Think About Your Technology Roadmap for 2017 - Kristi KennellyInman News
 
Cyber Resilency VANCOUVER, BC Nov 2017
Cyber Resilency VANCOUVER, BC Nov 2017 Cyber Resilency VANCOUVER, BC Nov 2017
Cyber Resilency VANCOUVER, BC Nov 2017 Kevin Murphy
 
Jisc cyber security posture survey
Jisc cyber security posture surveyJisc cyber security posture survey
Jisc cyber security posture surveyJisc
 
2017 Phishing Trends & Intelligence Report: Hacking the Human
2017 Phishing Trends & Intelligence Report: Hacking the Human2017 Phishing Trends & Intelligence Report: Hacking the Human
2017 Phishing Trends & Intelligence Report: Hacking the HumanPhishLabs
 
Understanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUnderstanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUlf Mattsson
 
The Case for EDR: What's In Your Toolkit
The Case for EDR: What's In Your ToolkitThe Case for EDR: What's In Your Toolkit
The Case for EDR: What's In Your ToolkitDawn Yankeelov
 
Cerdant Security State of the Union
Cerdant Security State of the UnionCerdant Security State of the Union
Cerdant Security State of the UnionDavid Perkins
 
Journey to Establish an Open Source Policy in a Fortune 20 Health Care Company
Journey to Establish an Open Source Policy in a Fortune 20 Health Care CompanyJourney to Establish an Open Source Policy in a Fortune 20 Health Care Company
Journey to Establish an Open Source Policy in a Fortune 20 Health Care CompanyAll Things Open
 
Your Service Desk is Privileged, Too
Your Service Desk is Privileged, TooYour Service Desk is Privileged, Too
Your Service Desk is Privileged, TooBomgar
 
Multi channel marketing 2017 across mobile, email, display and search
Multi channel marketing 2017 across mobile, email, display and searchMulti channel marketing 2017 across mobile, email, display and search
Multi channel marketing 2017 across mobile, email, display and searchRoberto Gennaro
 
The Very Best Intranets & Digital Workplace from the 2016 Intranet Global Forum
The Very Best Intranets & Digital Workplace from the 2016 Intranet Global ForumThe Very Best Intranets & Digital Workplace from the 2016 Intranet Global Forum
The Very Best Intranets & Digital Workplace from the 2016 Intranet Global ForumPrescient Digital Media
 
14 Online Tools Every Small Business Owner Should Use
14 Online Tools Every Small Business Owner Should Use14 Online Tools Every Small Business Owner Should Use
14 Online Tools Every Small Business Owner Should Usedywtsi
 
Cyber Security Seminar
Cyber Security SeminarCyber Security Seminar
Cyber Security SeminarJeremy Quadri
 
How to improve resilience and respond better to Cyber Attacks with ISO 22301?
How to improve resilience and respond better to Cyber Attacks with ISO 22301?How to improve resilience and respond better to Cyber Attacks with ISO 22301?
How to improve resilience and respond better to Cyber Attacks with ISO 22301?PECB
 
What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017Doug Copley
 
Cybersecurity for CRM v0219-3
Cybersecurity for CRM v0219-3Cybersecurity for CRM v0219-3
Cybersecurity for CRM v0219-3Caston Thomas
 
Security in the Digital Workplace
Security in the Digital WorkplaceSecurity in the Digital Workplace
Security in the Digital WorkplaceLiveTiles
 
Why Security Matters for Marketers
Why Security Matters for MarketersWhy Security Matters for Marketers
Why Security Matters for MarketersHubSpot
 

Similar to Bay Area Cyber Security Meetup - How To Stay Safe Online (20)

Aaron Higbee - The Humanity of Phishing Attack & Defense
Aaron Higbee - The Humanity of Phishing Attack & DefenseAaron Higbee - The Humanity of Phishing Attack & Defense
Aaron Higbee - The Humanity of Phishing Attack & Defense
 
How to Think About Your Technology Roadmap for 2017 - Kristi Kennelly
How to Think About Your Technology Roadmap for 2017 - Kristi KennellyHow to Think About Your Technology Roadmap for 2017 - Kristi Kennelly
How to Think About Your Technology Roadmap for 2017 - Kristi Kennelly
 
Cyber Resilency VANCOUVER, BC Nov 2017
Cyber Resilency VANCOUVER, BC Nov 2017 Cyber Resilency VANCOUVER, BC Nov 2017
Cyber Resilency VANCOUVER, BC Nov 2017
 
Jisc cyber security posture survey
Jisc cyber security posture surveyJisc cyber security posture survey
Jisc cyber security posture survey
 
2017 Phishing Trends & Intelligence Report: Hacking the Human
2017 Phishing Trends & Intelligence Report: Hacking the Human2017 Phishing Trends & Intelligence Report: Hacking the Human
2017 Phishing Trends & Intelligence Report: Hacking the Human
 
Understanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUnderstanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External Threats
 
The Case for EDR: What's In Your Toolkit
The Case for EDR: What's In Your ToolkitThe Case for EDR: What's In Your Toolkit
The Case for EDR: What's In Your Toolkit
 
Cerdant Security State of the Union
Cerdant Security State of the UnionCerdant Security State of the Union
Cerdant Security State of the Union
 
Journey to Establish an Open Source Policy in a Fortune 20 Health Care Company
Journey to Establish an Open Source Policy in a Fortune 20 Health Care CompanyJourney to Establish an Open Source Policy in a Fortune 20 Health Care Company
Journey to Establish an Open Source Policy in a Fortune 20 Health Care Company
 
Your Service Desk is Privileged, Too
Your Service Desk is Privileged, TooYour Service Desk is Privileged, Too
Your Service Desk is Privileged, Too
 
Multi channel marketing 2017 across mobile, email, display and search
Multi channel marketing 2017 across mobile, email, display and searchMulti channel marketing 2017 across mobile, email, display and search
Multi channel marketing 2017 across mobile, email, display and search
 
The Very Best Intranets & Digital Workplace from the 2016 Intranet Global Forum
The Very Best Intranets & Digital Workplace from the 2016 Intranet Global ForumThe Very Best Intranets & Digital Workplace from the 2016 Intranet Global Forum
The Very Best Intranets & Digital Workplace from the 2016 Intranet Global Forum
 
14 Online Tools Every Small Business Owner Should Use
14 Online Tools Every Small Business Owner Should Use14 Online Tools Every Small Business Owner Should Use
14 Online Tools Every Small Business Owner Should Use
 
Cyber Security Seminar
Cyber Security SeminarCyber Security Seminar
Cyber Security Seminar
 
Masterclass_ Cybersecurity and Data Privacy Basics
Masterclass_ Cybersecurity and Data Privacy BasicsMasterclass_ Cybersecurity and Data Privacy Basics
Masterclass_ Cybersecurity and Data Privacy Basics
 
How to improve resilience and respond better to Cyber Attacks with ISO 22301?
How to improve resilience and respond better to Cyber Attacks with ISO 22301?How to improve resilience and respond better to Cyber Attacks with ISO 22301?
How to improve resilience and respond better to Cyber Attacks with ISO 22301?
 
What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017What it Takes to be a CISO in 2017
What it Takes to be a CISO in 2017
 
Cybersecurity for CRM v0219-3
Cybersecurity for CRM v0219-3Cybersecurity for CRM v0219-3
Cybersecurity for CRM v0219-3
 
Security in the Digital Workplace
Security in the Digital WorkplaceSecurity in the Digital Workplace
Security in the Digital Workplace
 
Why Security Matters for Marketers
Why Security Matters for MarketersWhy Security Matters for Marketers
Why Security Matters for Marketers
 

Recently uploaded

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 

Recently uploaded (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 

Bay Area Cyber Security Meetup - How To Stay Safe Online

  • 1. © 2017 Imperva, Inc. All rights reserved. Practical Tips And Tactics To Stay Safe Online David Dowling | Director Worldwide Inside Sales @David_S_Dowling Thursday, 15 June 2017
  • 2. © 2017 Imperva, Inc. All rights reserved. Intro Confidential2 • Hiring – Anyone looking to hire? Anyone looking for roles? • Brief Overview of Imperva and the DDoS Threat landscape • How to check if your accounts have been compromised • Moving away from the same password or an Excel sheet • Why 2FA is A-OK • Quick easy way to reduce spam • How to secure your computer • Tips and tricks from the audience
  • 3. © 2017 Imperva, Inc. All rights reserved. Staying Safe Online? 3 U Wot M8?
  • 4. © 2017 Imperva, Inc. All rights reserved. Don’t Worry! This Is Not A Sales Pitch – Everything mainly free and online
  • 5. © 2017 Imperva, Inc. All rights reserved. Background on Imperva – Data and App Security Confidential5 • We focus on Database and application security, stopping DDoS attacks (stopped 17,000 DDoS attacks in Q1 • DDoS trends – More short hit and run DDoS attacks • Increase in application DDoS attacks – Seeing up to 176,000 Requests per second (RPS)
  • 6. © 2017 Imperva, Inc. All rights reserved. Bay Area Meet Up Hiring Managers? Confidential6 • Imperva has multiple technical roles open at Imperva – Join the team • Who else is hiring?
  • 7. © 2017 Imperva, Inc. All rights reserved. Way To Check URLs or files for viruses Confidential7 • VirusTotal – Way to check URLs or files • URL Extenders - http://urlex.org/ • Google Docs – Safer way to open Word docs
  • 8. © 2017 Imperva, Inc. All rights reserved. Has my Ashley Madison / LinkedIn / Adobe account been ‘pwned’? 8 • https://haveibeenpwned.com – Free service run by fellow Strayan Troy Hunt • 2015 had 34 ‘pwned’ websites, 2017 had 220 ‘pwned’ websites • Now upto 3.8 Billion pwned accounts – Left is 2015, right is 2017
  • 9. © 2017 Imperva, Inc. All rights reserved. But I Didn’t Click Anywhere! 9 • A Malvertising attack on Yahoo users in Eastern Europe via the advertising meant that users DIDN’T have to click on ads to get malware – Just had to visit the site • Ad Blockers are your friend – Electronic Frontier Foundation (EFF) has Privacy Badger and Ad Block Plus is good for Google Chrome. NoScript is for Firefox.
  • 10. © 2017 Imperva, Inc. All rights reserved. If You Visit “Dodgy” Sites Confidential10 • Use FireFox and Install NoScript • Duckduck Go – Do you really want “Hooli knowing everything? • Don’t forget to set Private Browsing for other computer users
  • 11. © 2017 Imperva, Inc. All rights reserved. Example of Passwords from 42 Million Accounts At OkCupid • If this is your password – Please change! • Source: Krebs on Security
  • 12. © 2017 Imperva, Inc. All rights reserved. Password Management 12 • KeePass, Dashlane – A way to generate passwords • www.PasswordGenerator.net • Do your research – Tavis Ormandy from Google
  • 13. © 2017 Imperva, Inc. All rights reserved. Two Factor What? Confidential13 • Two Factor Authentication or Multi-Factor Authentication sends one time passwords via email or SMS • Gmail, LinkedIn, HootSuite, LastPass, Yahoo, PayPal, Facebook • Great blog post by Imperva’s Solutions Manager Jeff Serota
  • 14. © 2017 Imperva, Inc. All rights reserved. How Can I Check If My Bank / App Has 2FA? Confidential14 • https://twofactorauth.org/ - Free site that lists all apps that have 2FA • Gmail, LinkedIn, HootSuite, LastPass, Yahoo, PayPal, Facebook
  • 15. © 2017 Imperva, Inc. All rights reserved. Why Is Two Factor Authentication Important? Confidential15 • Stops people that you don’t want to read your email or do your banking for you. • Example I had post Yahoo breach notification • Look for solutions that let you accept or reject like Duo Security, Authy as well as Google Authenticator • Physical tokens are making a come back – Yubico’s Yubikey is good
  • 16. © 2017 Imperva, Inc. All rights reserved. Brian Krebs – Tools for a Safer PC 16 • Turn On automatic updates so your operating system can receive the latest fixes • Especially Adobe and Java
  • 17. © 2017 Imperva, Inc. All rights reserved. How Not Give Marketers Your Emails Confidential17 • Use temporary services like Shark Lasers, Mailnator and more • Reduce the number of accounts that tie back to your main email and reduce your spam
  • 18. © 2017 Imperva, Inc. All rights reserved. Using “Free” Wi-Fi At a Cafe Confidential18 • Source: Life Hacker • Use a VPN and turn on Firewall • Turn off Sharing • Https • Use Public Network
  • 19. © 2017 Imperva, Inc. All rights reserved. Useful Websites 1919 • Information is Beautiful – Data Breaches • Have I Been Pwned.com • Twitter • Naked Security - Sophos • Krebs On Security.com • Incapsula.com/blog • Dark Reading • Swift on Security • Troyhunt.com