SlideShare a Scribd company logo

Sec intro1

Download as PPTX, PDF
Mahmoud El-Naggar
Mahmoud El-Naggar

Security Intro, for who will work in information security sector, specially new sales and new co-ordinators. Also the customers and managers who want to take a shot for information security importance in few seconds and see the changing in attacking and defending minds.

Technology
1 of 13
Security intro. MahmoudEl-Naggar SeniorInformationSecurityEngineer
Agenda • Files Concept. • Files Requirements. • Now! Files = $$$ • Operation Triangle. • Attacker vs Defender. • Defense Tech. [Kill Chain]. • Security Layers Standard
Data Files • Don’t be confused and consider any type of data as a file. • Originally any file type (.exe, .png, .c, … , etc.) was a text file and got some processing operation. • ex, this presentation(txt  pptx).
Files Requirements • Files needs some HW to store, process and operate. • Files needs also some SW to manage, organize, edit, and present.
Now! Files = $$$ • Credit cards, Banking files, Password files, Source codes, Military designs and plans, all and more must be secured. • Security must be established on firm bases.
Operation Triangle • Security vs. functionality vs. Ease of use. • Any system must has a value in the 3 variables. • Optimize your needs, Think for security.
Attacker vs. Defender - Attacker acting with OR concept. - Defender must act with AND concept. - Now, Attacks is targeted and advanced. - Defenders must think as Attackers
“AND” & “OR” Meanings - The Attacker thinking as “OR” function, a “1/True” in the equation is enough, as information he gathered about the target as the variety of attacking vector he can exploit. - Variety of attacking vectors seems like Swiss knife in hand of the attacker which he can use any of it’s tools to successful the attack - The Defender must think as “AND” function, which all variables must be “1/True”, only one “0/False” is enough to successes the attack. - So, the Defender must raise all shields in front of the Attackers, and keep monitor the Attackers manipulation.
Kill Chain
• Kill Chain, is a known steps/chain that Advanced Threats may pass. • Understanding this chain for each attack, will help to protect against the attack, and also in remediation. • Some attacks pass all the chain, some pass only some steps, but the protection approach must have the ability to cut/kill the chain in any step. • Protection approach also must have a clear strategy for detect passed/ more advanced attacks ( failed to defend against), and give a detailed information about, which will help to take a fast- correct decision and defeat the advanced attacks with minimum impacts.
• Any critical Subjects, like Information Security, Military and Defense, Aviation, etc., is very wide and difficult to specialize in all it’s divisions. • Easier, Divide this critical subject into main layers and each layer to main topics, then cover each topic with variety of technologies. • Then, Well integrate between each part to make a full security solution in defense, detection, defeating, testing and monitoring.
Sec intro1

Recommended

Asset, Threat, Vulnerability, Risk
Asset, Threat, Vulnerability, RiskAsset, Threat, Vulnerability, Risk
Asset, Threat, Vulnerability, RiskVinay Attry
 
Commercial And Government Cyberwarfare
Commercial And Government CyberwarfareCommercial And Government Cyberwarfare
Commercial And Government CyberwarfareNicholas Davis
 
Lesson 1- Risk Managment
Lesson 1- Risk ManagmentLesson 1- Risk Managment
Lesson 1- Risk ManagmentMLG College of Learning, Inc
 
Lecture1 intro to cs
Lecture1 intro to csLecture1 intro to cs
Lecture1 intro to csDoneisha McKenzie
 
Microbion_nutraceuticals_emailing
Microbion_nutraceuticals_emailingMicrobion_nutraceuticals_emailing
Microbion_nutraceuticals_emailingAntonio Del Casale
 
Analysis of Cover, Double Page Spread & Contents Page
Analysis of Cover, Double Page Spread & Contents Page Analysis of Cover, Double Page Spread & Contents Page
Analysis of Cover, Double Page Spread & Contents Page shania1999
 
Questionnaire results
Questionnaire resultsQuestionnaire results
Questionnaire resultsshania1999
 
Preliminary evaluation
Preliminary evaluationPreliminary evaluation
Preliminary evaluationshania1999
 

Recommended

Asset, Threat, Vulnerability, Risk
Asset, Threat, Vulnerability, RiskAsset, Threat, Vulnerability, Risk
Asset, Threat, Vulnerability, RiskVinay Attry
 
Commercial And Government Cyberwarfare
Commercial And Government CyberwarfareCommercial And Government Cyberwarfare
Commercial And Government CyberwarfareNicholas Davis
 
Lesson 1- Risk Managment
Lesson 1- Risk ManagmentLesson 1- Risk Managment
Lesson 1- Risk ManagmentMLG College of Learning, Inc
 
Lecture1 intro to cs
Lecture1 intro to csLecture1 intro to cs
Lecture1 intro to csDoneisha McKenzie
 
Microbion_nutraceuticals_emailing
Microbion_nutraceuticals_emailingMicrobion_nutraceuticals_emailing
Microbion_nutraceuticals_emailingAntonio Del Casale
 
Analysis of Cover, Double Page Spread & Contents Page
Analysis of Cover, Double Page Spread & Contents Page Analysis of Cover, Double Page Spread & Contents Page
Analysis of Cover, Double Page Spread & Contents Page shania1999
 
Questionnaire results
Questionnaire resultsQuestionnaire results
Questionnaire resultsshania1999
 
Preliminary evaluation
Preliminary evaluationPreliminary evaluation
Preliminary evaluationshania1999
 
Iso 2858 end suction centrifugal pumps (16 bar)
Iso 2858 end suction centrifugal pumps (16 bar)Iso 2858 end suction centrifugal pumps (16 bar)
Iso 2858 end suction centrifugal pumps (16 bar)BESANT VARGHEES
 
Evaluation
Evaluation Evaluation
Evaluation shania1999
 
Double page spread photos pro
Double page spread photos proDouble page spread photos pro
Double page spread photos proshania1999
 
Questionnaire results
Questionnaire resultsQuestionnaire results
Questionnaire resultsshania1999
 
Audience profile
Audience profileAudience profile
Audience profileshania1999
 
Seguridad informática
Seguridad informáticaSeguridad informática
Seguridad informáticaEduardo1601
 
Child labour "A CURSE"
Child labour "A CURSE"Child labour "A CURSE"
Child labour "A CURSE"Ayush Mathur
 
Evaluation Questions 6 & 7
Evaluation Questions 6 & 7Evaluation Questions 6 & 7
Evaluation Questions 6 & 7shania1999
 
Evaluation question 1
Evaluation question 1Evaluation question 1
Evaluation question 1shania1999
 
Plastic manufacturing "forming and shaping plastics"
Plastic manufacturing "forming and shaping plastics"Plastic manufacturing "forming and shaping plastics"
Plastic manufacturing "forming and shaping plastics"Ayush Mathur
 
Presentation infra and_datacentrre_dialogue_v2
Presentation infra and_datacentrre_dialogue_v2Presentation infra and_datacentrre_dialogue_v2
Presentation infra and_datacentrre_dialogue_v2Claus Cramon Houmann
 
Keynote Information Security days Luxembourg 2015
Keynote Information Security days Luxembourg 2015Keynote Information Security days Luxembourg 2015
Keynote Information Security days Luxembourg 2015Claus Cramon Houmann
 
Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015Claus Cramon Houmann
 
Career In Information security
Career In Information securityCareer In Information security
Career In Information securityAnant Shrivastava
 
Defending Enterprise IT - beating assymetricality
Defending Enterprise IT - beating assymetricalityDefending Enterprise IT - beating assymetricality
Defending Enterprise IT - beating assymetricalityClaus Cramon Houmann
 
Offence oriented Defence
Offence oriented DefenceOffence oriented Defence
Offence oriented DefenceSensePost
 
Permutation Oriented Programming: (Re)searching for alternatives!
Permutation Oriented Programming: (Re)searching for alternatives!Permutation Oriented Programming: (Re)searching for alternatives!
Permutation Oriented Programming: (Re)searching for alternatives!Nelson Brito
 
Vale Security Conference - 2011 - 13 - Nelson Brito
Vale Security Conference - 2011 - 13 - Nelson BritoVale Security Conference - 2011 - 13 - Nelson Brito
Vale Security Conference - 2011 - 13 - Nelson BritoVale Security Conference
 
SecurityOperations
SecurityOperationsSecurityOperations
SecurityOperationsAntonio (Tony) Robinson
 
HKUST Security Lab Opening Ceremony
HKUST Security Lab Opening CeremonyHKUST Security Lab Opening Ceremony
HKUST Security Lab Opening CeremonyKelvin Chan
 
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Michele Chubirka
 
NZISF Talk: Six essential security services
NZISF Talk: Six essential security servicesNZISF Talk: Six essential security services
NZISF Talk: Six essential security servicesHinne Hettema
 

More Related Content

Viewers also liked

Iso 2858 end suction centrifugal pumps (16 bar)
Iso 2858 end suction centrifugal pumps (16 bar)Iso 2858 end suction centrifugal pumps (16 bar)
Iso 2858 end suction centrifugal pumps (16 bar)BESANT VARGHEES
 
Double page spread photos pro
Double page spread photos proDouble page spread photos pro
Double page spread photos proshania1999
 
Questionnaire results
Questionnaire resultsQuestionnaire results
Questionnaire resultsshania1999
 
Audience profile
Audience profileAudience profile
Audience profileshania1999
 
Seguridad informática
Seguridad informáticaSeguridad informática
Seguridad informáticaEduardo1601
 
Child labour "A CURSE"
Child labour "A CURSE"Child labour "A CURSE"
Child labour "A CURSE"Ayush Mathur
 
Evaluation Questions 6 & 7
Evaluation Questions 6 & 7Evaluation Questions 6 & 7
Evaluation Questions 6 & 7shania1999
 
Evaluation question 1
Evaluation question 1Evaluation question 1
Evaluation question 1shania1999
 
Plastic manufacturing "forming and shaping plastics"
Plastic manufacturing "forming and shaping plastics"Plastic manufacturing "forming and shaping plastics"
Plastic manufacturing "forming and shaping plastics"Ayush Mathur
 

Viewers also liked (10)

Iso 2858 end suction centrifugal pumps (16 bar)
Iso 2858 end suction centrifugal pumps (16 bar)Iso 2858 end suction centrifugal pumps (16 bar)
Iso 2858 end suction centrifugal pumps (16 bar)
 
Evaluation
Evaluation Evaluation
Evaluation
 
Double page spread photos pro
Double page spread photos proDouble page spread photos pro
Double page spread photos pro
 
Questionnaire results
Questionnaire resultsQuestionnaire results
Questionnaire results
 
Audience profile
Audience profileAudience profile
Audience profile
 
Seguridad informática
Seguridad informáticaSeguridad informática
Seguridad informática
 
Child labour "A CURSE"
Child labour "A CURSE"Child labour "A CURSE"
Child labour "A CURSE"
 
Evaluation Questions 6 & 7
Evaluation Questions 6 & 7Evaluation Questions 6 & 7
Evaluation Questions 6 & 7
 
Evaluation question 1
Evaluation question 1Evaluation question 1
Evaluation question 1
 
Plastic manufacturing "forming and shaping plastics"
Plastic manufacturing "forming and shaping plastics"Plastic manufacturing "forming and shaping plastics"
Plastic manufacturing "forming and shaping plastics"
 

Similar to Sec intro1

Presentation infra and_datacentrre_dialogue_v2
Presentation infra and_datacentrre_dialogue_v2Presentation infra and_datacentrre_dialogue_v2
Presentation infra and_datacentrre_dialogue_v2Claus Cramon Houmann
 
Keynote Information Security days Luxembourg 2015
Keynote Information Security days Luxembourg 2015Keynote Information Security days Luxembourg 2015
Keynote Information Security days Luxembourg 2015Claus Cramon Houmann
 
Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015Claus Cramon Houmann
 
Career In Information security
Career In Information securityCareer In Information security
Career In Information securityAnant Shrivastava
 
Defending Enterprise IT - beating assymetricality
Defending Enterprise IT - beating assymetricalityDefending Enterprise IT - beating assymetricality
Defending Enterprise IT - beating assymetricalityClaus Cramon Houmann
 
Offence oriented Defence
Offence oriented DefenceOffence oriented Defence
Offence oriented DefenceSensePost
 
Permutation Oriented Programming: (Re)searching for alternatives!
Permutation Oriented Programming: (Re)searching for alternatives!Permutation Oriented Programming: (Re)searching for alternatives!
Permutation Oriented Programming: (Re)searching for alternatives!Nelson Brito
 
Vale Security Conference - 2011 - 13 - Nelson Brito
Vale Security Conference - 2011 - 13 - Nelson BritoVale Security Conference - 2011 - 13 - Nelson Brito
Vale Security Conference - 2011 - 13 - Nelson BritoVale Security Conference
 
HKUST Security Lab Opening Ceremony
HKUST Security Lab Opening CeremonyHKUST Security Lab Opening Ceremony
HKUST Security Lab Opening CeremonyKelvin Chan
 
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Michele Chubirka
 
NZISF Talk: Six essential security services
NZISF Talk: Six essential security servicesNZISF Talk: Six essential security services
NZISF Talk: Six essential security servicesHinne Hettema
 
Permutation Oriented Programming
Permutation Oriented ProgrammingPermutation Oriented Programming
Permutation Oriented ProgrammingNelson Brito
 
"ENG++: Permutation Oriented Programming" por Nelson Brito
"ENG++: Permutation Oriented Programming" por Nelson Brito"ENG++: Permutation Oriented Programming" por Nelson Brito
"ENG++: Permutation Oriented Programming" por Nelson BritoSegInfo
 
Introduction to computer security syllabus
Introduction to computer security syllabusIntroduction to computer security syllabus
Introduction to computer security syllabusAyebazibwe Kenneth
 
Commercial and government cyberwarfare
Commercial and government cyberwarfareCommercial and government cyberwarfare
Commercial and government cyberwarfareNicholas Davis
 
Encryption in the Age of Breaches
Encryption in the Age of BreachesEncryption in the Age of Breaches
Encryption in the Age of BreachesKarthik Bhat
 

Similar to Sec intro1 (20)

Presentation infra and_datacentrre_dialogue_v2
Presentation infra and_datacentrre_dialogue_v2Presentation infra and_datacentrre_dialogue_v2
Presentation infra and_datacentrre_dialogue_v2
 
Keynote Information Security days Luxembourg 2015
Keynote Information Security days Luxembourg 2015Keynote Information Security days Luxembourg 2015
Keynote Information Security days Luxembourg 2015
 
Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015
 
Career In Information security
Career In Information securityCareer In Information security
Career In Information security
 
Defending Enterprise IT - beating assymetricality
Defending Enterprise IT - beating assymetricalityDefending Enterprise IT - beating assymetricality
Defending Enterprise IT - beating assymetricality
 
Offence oriented Defence
Offence oriented DefenceOffence oriented Defence
Offence oriented Defence
 
Permutation Oriented Programming: (Re)searching for alternatives!
Permutation Oriented Programming: (Re)searching for alternatives!Permutation Oriented Programming: (Re)searching for alternatives!
Permutation Oriented Programming: (Re)searching for alternatives!
 
Vale Security Conference - 2011 - 13 - Nelson Brito
Vale Security Conference - 2011 - 13 - Nelson BritoVale Security Conference - 2011 - 13 - Nelson Brito
Vale Security Conference - 2011 - 13 - Nelson Brito
 
SecurityOperations
SecurityOperationsSecurityOperations
SecurityOperations
 
HKUST Security Lab Opening Ceremony
HKUST Security Lab Opening CeremonyHKUST Security Lab Opening Ceremony
HKUST Security Lab Opening Ceremony
 
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
 
NZISF Talk: Six essential security services
NZISF Talk: Six essential security servicesNZISF Talk: Six essential security services
NZISF Talk: Six essential security services
 
Permutation Oriented Programming
Permutation Oriented ProgrammingPermutation Oriented Programming
Permutation Oriented Programming
 
"ENG++: Permutation Oriented Programming" por Nelson Brito
"ENG++: Permutation Oriented Programming" por Nelson Brito"ENG++: Permutation Oriented Programming" por Nelson Brito
"ENG++: Permutation Oriented Programming" por Nelson Brito
 
Introduction to computer security syllabus
Introduction to computer security syllabusIntroduction to computer security syllabus
Introduction to computer security syllabus
 
Commercial and government cyberwarfare
Commercial and government cyberwarfareCommercial and government cyberwarfare
Commercial and government cyberwarfare
 
Encryption in the Age of Breaches
Encryption in the Age of BreachesEncryption in the Age of Breaches
Encryption in the Age of Breaches
 
ch15.pdf
ch15.pdfch15.pdf
ch15.pdf
 
Ch 1 assets
Ch 1 assetsCh 1 assets
Ch 1 assets
 
Presentation 10.pptx
Presentation 10.pptxPresentation 10.pptx
Presentation 10.pptx
 

Recently uploaded

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Orbitshub
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistandanishmna97
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 

Recently uploaded (20)

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 

Sec intro1

  • 2. Agenda • Files Concept. • Files Requirements. • Now! Files = $$$ • Operation Triangle. • Attacker vs Defender. • Defense Tech. [Kill Chain]. • Security Layers Standard
  • 3. Data Files • Don’t be confused and consider any type of data as a file. • Originally any file type (.exe, .png, .c, … , etc.) was a text file and got some processing operation. • ex, this presentation(txt  pptx).
  • 4. Files Requirements • Files needs some HW to store, process and operate. • Files needs also some SW to manage, organize, edit, and present.
  • 5. Now! Files = $$$ • Credit cards, Banking files, Password files, Source codes, Military designs and plans, all and more must be secured. • Security must be established on firm bases.
  • 6. Operation Triangle • Security vs. functionality vs. Ease of use. • Any system must has a value in the 3 variables. • Optimize your needs, Think for security.
  • 7. Attacker vs. Defender - Attacker acting with OR concept. - Defender must act with AND concept. - Now, Attacks is targeted and advanced. - Defenders must think as Attackers
  • 8. “AND” & “OR” Meanings - The Attacker thinking as “OR” function, a “1/True” in the equation is enough, as information he gathered about the target as the variety of attacking vector he can exploit. - Variety of attacking vectors seems like Swiss knife in hand of the attacker which he can use any of it’s tools to successful the attack - The Defender must think as “AND” function, which all variables must be “1/True”, only one “0/False” is enough to successes the attack. - So, the Defender must raise all shields in front of the Attackers, and keep monitor the Attackers manipulation.
  • 10. • Kill Chain, is a known steps/chain that Advanced Threats may pass. • Understanding this chain for each attack, will help to protect against the attack, and also in remediation. • Some attacks pass all the chain, some pass only some steps, but the protection approach must have the ability to cut/kill the chain in any step. • Protection approach also must have a clear strategy for detect passed/ more advanced attacks ( failed to defend against), and give a detailed information about, which will help to take a fast- correct decision and defeat the advanced attacks with minimum impacts.
  • 11.
  • 12. • Any critical Subjects, like Information Security, Military and Defense, Aviation, etc., is very wide and difficult to specialize in all it’s divisions. • Easier, Divide this critical subject into main layers and each layer to main topics, then cover each topic with variety of technologies. • Then, Well integrate between each part to make a full security solution in defense, detection, defeating, testing and monitoring.