[International Workshop on Cybersecurity] THREAT INFO SHARING IN PRIVATE SECTOR

•

0 likes•1,203 views

THREAT INFO SHARING IN PRIVATE SECTOR 真武信和 / Nobukazu Matake (グリー株式会社) ※「International Workshop on Cybersecurity」(Cybersecurity Center, Kyushu University)での登壇資料です。 http://staff.cs.kyushu-u.ac.jp/en/event/2015/02/index.html

Technology

THREAT INFO SHARING
IN PRIVATE SECTOR
Nov Matake, GREE Inc.

NOV MATAKE
• Security Engineer, GREE Inc.
• Evangelist, OpenID Foundation
Japan
• Interested in..
• Digital Identity
• Privacy
• Security

PASSWORD LEAKS
• Yahoo! JAPAN
• OCN
• Adobe
• LinkedIn
• etc…

PASSWORD LIST ATTACKS
• CyberAgent
• GREE
• DeNA
• mixi
• Nintendo
• etc.

RISK-BASED
SECURITY MANAGEMENT
costs $$$..

–Eric Sachs, Google
“If you’re typing a password into something,
unless they have 100+ full-time engineers
working on security and abuse and fraud,
you should be nervous.”

Share information about important security events in
order to thwart attackers from leveraging compromised
accounts from one Service Provider to gain access to
accounts on other Service Providers.

– Consumer Privacy Bill of Rights Act of 2015, White House
“The term “personal data” shall not include cyber
threat indicators collected, processed, created, used,
retained, or disclosed in order to investigate, mitigate,
or otherwise respond to a cybersecurity threat or
incident, when processed for those purposes.”

– Act on the Protection of Personal Information, Japan
“Cases in which the provision of personal data is
necessary for the protection of the life, body, or
property of an individual and in which it is difficult
to obtain the consent of the person”

CONCLUSION
• Hire 100+ security engineers, or share information !!
• FB & OIDF are going forward with White House backup
• Resolve the conflict between security & privacy
• Cyber Security Basic Act solves it ?

Threat actors use domains and IP addresses to launch and support various kinds of criminal activity, from phishing to hacking to espionage. As a network defender, your ability to map and characterize this infrastructure is of critical importance in building defenses against targeted attacks. Join DomainTools Senior Security Researcher Kyle Wilhoit and Director of Product Management Tim Helming on a "virtual ride-along" using DomainTools Iris to quickly and efficiently expose threat actor infrastructure, using real-world cases as examples. This webinar covers: How to protect yourself against various criminal activity (i.e. phishing, hacking, espionage etc.) Examples of investigations and threat hunting maneuvers from the trenches How to quickly and efficiently expose threat actor infrastructure

IT Security Summit 2016

AGC Conferences - AGC Development Corp

Benefits of Using a Password Manager Tool

splashid

Big 4 W's of Big Threat Hunting

Eguardian Global Services

Keys To Better Data Security In the Cloud

Armor

In these times where North American companies are under constant cyber-attack, can you afford to underestimate the disaster that a security breach could cause on your organization? Your organization's leadership has entrusted your team with the company's cyber security, and this includes ensuring that user data is safe and their productivity isn't compromised. Join our panel of experts (Alex Brandt, who brings 19 years of hands-on expertise in the IT space, and Cynthia James, a security expert with over 25 years in the industry) as they discuss the 7 biggest reasons that business security gets compromised (and what you can do about it). These include: The threat of increased employee mobility Managing BYOD Perimeter-less networks The best way to reduce human error And MUCH more... Stick around until the end and gain the visibility you need to uncover security holes before they become major disasters and put your organization and (even worse) your job at risk.

Sensecy cti vs cti

Dori Fisher

01 Application Security Fundamentals - part 1 - introduction and goals

appsec

The Works 2018 - Industry Track - Cybersecurity for Staffing Agencies

David Dourgarian

What cybersecurity measures do you have in place? If you’re not sure your safety measures are up to par with cybersecurity threats, then this is a session you won’t want to miss. Paula Sanchez, Talent Acquisition and Process Manager/Facility Security Officer for NSC Technologies, leads this session and delivers helpful tips and information about raising employee awareness, employing a risk assessment approach, updating password policies, phishing, protecting PII, and incident reporting.

AllDayDevOps : DevSecOps & Chaos Engineering: Knowing the Unknown

Aaron Rinehart

180814 cloudsec2018 charles mok1

Charles Mok

Symantec Webinar | National Cyber Security Awareness Month: Secure IT

Symantec

Cybersecurity Webinar for Small Business

Chad Gniffke

[Grom] Enabling the Protection, Detection, and Response to Cyber-Threats

European Collaboration Summit

Keynote Theatre. Keynote Day 2. 16:30 Evelyn de Souza

CloudExpoAsia

What Is "Secure"?

Peter Coffee

Big Data Security Intelligence and Analytics for Advanced Threat Protection

Blue Coat

NTXISSACSC3 - Security at the Point of Storage by Todd Barton

North Texas Chapter of the ISSA

AreWePreparedForIoTSameer Rathoud

Keystroke dynamics 4th october black theme

Lennard Eijsackers

Security and privacy - Paraprofessional Conference

Amanda McLellan

Gunter O

Hilary Ip

Information SecurityChief Optimist

Iurii Garasym. The future crimes and predestination of cyber security. Though...

IT Arena

Iurii Garasym, Director of Corporate Security at ELEKS and President of Cloud Security Alliance Lviv Chapter The future crimes and predestination of cybersecurity. Thoughts aloud in a whiskey bar. Iurii’s professional goal is to make business survivable. He focuses on security program development/improvement based on emerging security solutions and integrates those into business goals, objectives, strategy and activities.

アカデミックIDaaS最前線

Egawa Junichi

20110929 クラウド連携において企業内ID管理基盤に求められるものNaohiro Fujie

What's hot

Cybercrime trends in last five years

SABBY GILL

The Top 7 Causes of Major Security Breaches

Kaseya

Sensecy cti vs cti

Dori Fisher

01 Application Security Fundamentals - part 1 - introduction and goals

appsec

The Works 2018 - Industry Track - Cybersecurity for Staffing Agencies

David Dourgarian

AllDayDevOps : DevSecOps & Chaos Engineering: Knowing the Unknown

Aaron Rinehart

180814 cloudsec2018 charles mok1

Charles Mok

Symantec Webinar | National Cyber Security Awareness Month: Secure IT

Symantec

Cybersecurity Webinar for Small Business

Chad Gniffke

[Grom] Enabling the Protection, Detection, and Response to Cyber-Threats

European Collaboration Summit

Keynote Theatre. Keynote Day 2. 16:30 Evelyn de Souza

CloudExpoAsia

What Is "Secure"?

Peter Coffee

Big Data Security Intelligence and Analytics for Advanced Threat Protection

Blue Coat

NTXISSACSC3 - Security at the Point of Storage by Todd Barton

North Texas Chapter of the ISSA

AreWePreparedForIoTSameer Rathoud

Keystroke dynamics 4th october black theme

Lennard Eijsackers

Security and privacy - Paraprofessional Conference

Amanda McLellan

Gunter O

Hilary Ip

Information SecurityChief Optimist

Iurii Garasym. The future crimes and predestination of cyber security. Though...

IT Arena

What's hot (20)

Cybercrime trends in last five years

The Top 7 Causes of Major Security Breaches

Sensecy cti vs cti

01 Application Security Fundamentals - part 1 - introduction and goals

The Works 2018 - Industry Track - Cybersecurity for Staffing Agencies

AllDayDevOps : DevSecOps & Chaos Engineering: Knowing the Unknown

180814 cloudsec2018 charles mok1

Symantec Webinar | National Cyber Security Awareness Month: Secure IT

Cybersecurity Webinar for Small Business

[Grom] Enabling the Protection, Detection, and Response to Cyber-Threats

Keynote Theatre. Keynote Day 2. 16:30 Evelyn de Souza

What Is "Secure"?

Big Data Security Intelligence and Analytics for Advanced Threat Protection

NTXISSACSC3 - Security at the Point of Storage by Todd Barton

AreWePreparedForIoT

Keystroke dynamics 4th october black theme

Security and privacy - Paraprofessional Conference

Gunter O

Information Security

Iurii Garasym. The future crimes and predestination of cyber security. Though...

Viewers also liked

アカデミックIDaaS最前線

Egawa Junichi

20110929 クラウド連携において企業内ID管理基盤に求められるものNaohiro Fujie

アカデミックIDaaSの概要とExtic_axies2016出展社セッション

Egawa Junichi

クラウド過渡期、Identityに注目だ！ idit2014

Egawa Junichi

大学向け認証基盤システム概略と最新技術動向 Axies2015

Egawa Junichi

教育研究システムのクラウド利用や、単位互換等で必要となる大学間での情報共有を効率良くセキュアに実現、運用するためには、認証基盤システムが必要です。本資料は認証基盤システムの概略と最新技術動向を説明するとともに、学認で利用するShibbolethをクラウドサービスとして提供するIDaaSについても説明します。

Understanding 'Authentication' and 'Identity Federation'

Naohiro Fujie

オンライン・アイデンティティの自己コントロールと活用

Naohiro Fujie

Microsoftの認証システムの歴史と過渡期におけるWAPの活用+Next Generation Credentials

Naohiro Fujie

Azure ADと外部アプリのID連携/SSO - Deep Dive

Naohiro Fujie

OPTiM StoreにおけるSCIM & OIDC活用事例 - ID&IT 2016

Nov Matake

ID連携のあるとき～、ないとき～ #エンプラ編

Takashi Yahata

ID連携入門 (実習編) - Security Camp 2016

Nov Matake

Azure ADとWindows 10によるドメイン環境の拡張

Naohiro Fujie

MVP Community Camp 2016 Tokyoで使ったスライドです。紹介文）セッション概要：クラウドやモバイルを活用しようとすると、例えばPCへのログインだけで社内のアプリケーションへシングルサインオンできたり、グループポリシーでデバイスの制御を行う、といった従来の社内ドメイン環境でできていたことが不可能になってきています。しかし、Windows 10とAzure AD/Intuneを活用することで従来のドメイン環境に近い利便性や管理レベルを維持しつつクラウドを利用することができるようになってきています。本セッションではクラウド・モバイルをセキュアに利用するためのAzure ADやIntune、Windows 10の上手な活用方法を紹介します。

ID管理/認証システム導入の理想と現実

Naohiro Fujie

ハイブリッド時代のID基盤構成の基礎

Naohiro Fujie

OAuth2.0によるWeb APIの保護

Naohiro Fujie

ID連携概要 - OpenID TechNight vol.13

Nov Matake

Viewers also liked (17)

アカデミックIDaaS最前線

20110929 クラウド連携において企業内ID管理基盤に求められるもの

アカデミックIDaaSの概要とExtic_axies2016出展社セッション

クラウド過渡期、Identityに注目だ！ idit2014

大学向け認証基盤システム概略と最新技術動向 Axies2015

Understanding 'Authentication' and 'Identity Federation'

オンライン・アイデンティティの自己コントロールと活用

Microsoftの認証システムの歴史と過渡期におけるWAPの活用+Next Generation Credentials

Azure ADと外部アプリのID連携/SSO - Deep Dive

OPTiM StoreにおけるSCIM & OIDC活用事例 - ID&IT 2016

ID連携のあるとき～、ないとき～ #エンプラ編

ID連携入門 (実習編) - Security Camp 2016

Azure ADとWindows 10によるドメイン環境の拡張

ID管理/認証システム導入の理想と現実

ハイブリッド時代のID基盤構成の基礎

OAuth2.0によるWeb APIの保護

ID連携概要 - OpenID TechNight vol.13

Similar to [International Workshop on Cybersecurity] THREAT INFO SHARING IN PRIVATE SECTOR

Cyber Security Awareness Session for Executives and Non-IT professionals

Krishna Srikanth Manda

Trending it security threats in the public sector

Core Security

State and local information security leaders continue to be challenged with the “new norm,” to do more with less, while remaining on top of technology trends driving the marketplace. Traditional information security approaches often have limited impact and require more attention and resources. Please join Grayson Walters, Information Security Officer of Virginia Department of Taxation, and Eric Cowperthwaite, Vice President of Advanced Security and Strategy at Core Security as they discuss some of the top IT security trends and developments in the public sector, more specifically, within state and local governments.

Application Security-Understanding The Horizon

Lalit Kale

Aligning Application Security to Compliance

Security Innovation

Regulatory compliance mandates have historically focused on IT & endpoint security as the primary means to protect data. However, as our digital economy has increasingly become software dependent, standards bodies have dutifully added requirements as they relate to development and deployment practices. Enterprise applications and cloud-based services constantly store and transmit data; yet, they are often difficult to understand and assess for compliance. This webcast will present a practical approach towards mapping application security practices to common compliance frameworks. It will discuss how to define and enact a secure, repeatable software development lifecycle (SDLC) and highlight activities that can be leveraged across multiple compliance controls. Topics include: * Consolidating security and compliance controls * Creating application security standards for development and operations teams * Identifying and remediating gaps between current practices and industry accepted "best practices”

Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...

Emrah Alpa, CISSP CEH CCSK

One of 2 protect your business

Management Insights LLC

What Is Digital Asset Security. What Are the Risks Associated With It.docx.pdf

SecureCurve

Social engineering tales

Ahmed Musaad

An introductory session about Social Engineering presented at ICT Nuggets Forum - Khartoum, organized by Duko team. We talked about what is social engineering? terms related to it? and how attacks can bee carried. We also told a lot of stories about successful social engineering attacks and how much damage they did. Finally we talked about how to protect yourself and your company social engineering attacks.

FrontOne our new and different solutions

frontone

There is no debate that companies large or small are more or less have put a lot of efforts in protect digital security and privacy with “best practice” recommendations, often use solutions from branded security vendors or built by best in-house/outsourced experts, yet they are falling prey of cyber and insider attacks, because “compliance” or “best practice” do not equal to security. The reality has shown us that traditional security approaches have fall behind the increased system complexity and advanced technical capabilities that have been mastered by adversaries. The key weakness in our security defenses lies with the weakness of digital identities systems have been used to authenticate users (no system could defends against attacker impersonates legitimate user); follow by inability to validate the authenticity and integrity of communication (If attacker can temper with the data freely, then no need to crack the one time password) and finally incapable of protecting information from unauthorized accesses in an event of inevitable security breach because unknown system or application security vulnerabilities. FrontOne’s information security solution addresses all security weakness listed above: First, FrontOne uses its own digital identity that is harden to withstand advanced hackers using sophisticated real time attacks and help all its users from falling prey of identity thieves from phishing and malware attacks at client side to advanced persistent threats at the server side, because FrontOne’s digital identity is dynamic and non-transferable. Second, FrontOne provides 100% message integrity by using dedicated and destination aware messaging system and ensure each and every message is completely unique; reducing the chance of attackers from being able to identifying and manipulating it for their benefit. Finally, FrontOne uses its own method of protecting information at rest, in transit or in use, by focusing our innovation at the security and integrity of encryption key while using industry standardized cryptography. FrontOne’s user centric data protection solution uses dual control for its encryption keys. Random encryption key is protected with security key that has two parts, one part from the client side and other from the centralized key server. This arrangement ensures that access to protected data is available with the presence of the user device of the authorized user. The security approaches FrontOne have taken above are further strengthened with its own patented technologies that introduce a dynamic element is each and every message and transaction, mutually authenticate both parties before a request is served and providing user with ultimate control that is not accessible digitally.

Webinar cybersecurity presentation-6-2018 (final)

AT-NET Services, Inc. - Charleston Division

5 Security Tips to Protect Your Login Credentials and More

Community IT Innovators

In this video we talk about some tools and techniques that can be used to protect your login credentials and digital identity including good password practices, adding Multi Factor Authentication (MFA), and monitoring to alert when a compromised account is found. Don’t assume your organization won’t be targeted – everyone is a target. As with all our webinars, this presentation is appropriate for an audience of varied IT and security experience.

Take your SOC Beyond SIEM

Thomas Springer

Office 365 Security Features That Nonprofits Should Know and Use

TechSoup

When it comes to email, document storage, and online browsing, security should be foremost. Join us for a 30-minute webinar where we will discuss how you can use built-in features of Office 365 to protect your organization. Learn how to protect your systems and keep data in the hands of only those users who need it. This webinar is intended for organizations that already use Office 365, or those that want to better understand how Office 365 can keep their communications and data secure.

Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov

Eric Vanderburg

Information Security for Small Business

Julius Clark, CISSP, CISA

Information Security for Small BusinessJulius Clark, CISSP, CISA

Internet Security Threat Report (ISTR) Vol. 16Symantec APJ

Microsoft Sentinel- a cloud native SIEM & SOAR.pdf

Kranthi Aragonda

Is Your Company's Data Secure? Shelley Vinson Helfer

MAX Technical Training

Information and Identity Protection - Data Loss Prevention, Encryption, User ...Symantec APJ

Similar to [International Workshop on Cybersecurity] THREAT INFO SHARING IN PRIVATE SECTOR (20)

Cyber Security Awareness Session for Executives and Non-IT professionals

Trending it security threats in the public sector

Application Security-Understanding The Horizon

Aligning Application Security to Compliance

Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...

One of 2 protect your business

What Is Digital Asset Security. What Are the Risks Associated With It.docx.pdf

Social engineering tales

FrontOne our new and different solutions

Webinar cybersecurity presentation-6-2018 (final)

5 Security Tips to Protect Your Login Credentials and More

Take your SOC Beyond SIEM

Office 365 Security Features That Nonprofits Should Know and Use

Protecting Accounting Firms and their Clients - Eric Vanderburg - JurInnov

Information Security for Small Business

Internet Security Threat Report (ISTR) Vol. 16

Microsoft Sentinel- a cloud native SIEM & SOAR.pdf

Is Your Company's Data Secure? Shelley Vinson Helfer

Information and Identity Protection - Data Loss Prevention, Encryption, User ...

Recently uploaded

Essentials of Automations: Optimizing FME Workflows with Parameters

Safe Software

Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place. Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects. Here’s what you’ll gain: - Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows. - Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy. - Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency. - Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity. We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic. Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.

AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...

Product School

State of ICS and IoT Cyber Threat Landscape Report 2024 preview

Prayukth K V

The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development. The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers: State of global ICS asset and network exposure Sectoral targets and attacks as well as the cost of ransom Global APT activity, AI usage, actor and tactic profiles, and implications Rise in volumes of AI-powered cyberattacks Major cyber events in 2024 Malware and malicious payload trends Cyberattack types and targets Vulnerability exploit attempts on CVEs Attacks on counties – USA Expansion of bot farms – how, where, and why In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East Why are attacks on smart factories rising? Cyber risk predictions Axis of attacks – Europe Systemic attacks in the Middle East Download the full report from here: https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

Albert Hoitingh

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...

James Anderson

Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management. The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM). Speakers: Bob Boule Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle. Gopinath Rebala Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024

Tobias Schneck

As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other? Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.

Elevating Tactical DDD Patterns Through Object Calisthenics

Dorra BARTAGUIZ

After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!

Mission to Decommission: Importance of Decommissioning Products to Increase E...

Product School

Generating a custom Ruby SDK for your web service or Rails API using Smithy

g2nightmarescribd

Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.

Connector Corner: Automate dynamic content and events by pushing a button

DianaGray10

Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to: Create a campaign using Mailchimp with merge tags/fields Send an interactive Slack channel message (using buttons) Have the message received by managers and peers along with a test email for review But there’s more: In a second workflow supporting the same use case, you’ll see: Your campaign sent to target colleagues for approval If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team But—if the “Reject” button is pushed, colleagues will be alerted via Slack message Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors. And... Speakers: Akshay Agnihotri, Product Manager Charlie Greenberg, Host

Securing your Kubernetes cluster_ a step-by-step guide to success !

KatiaHIMEUR1

Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster. However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks. In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.

DevOps and Testing slides at DASA Connect

Kari Kakkonen

Knowledge engineering: from people to machines and back

Elena Simperl

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

FIDO Alliance

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...

Thierry Lestable

Epistemic Interaction - tuning interfaces to provide information for AI support

Alan Dix

Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024 https://alandix.com/academic/papers/synergy2024-epistemic/ As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

DanBrown980551

Do you want to learn how to model and simulate an electrical network from scratch in under an hour? Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)! During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook. PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides: - A fully editable and extendable library for grid component modelling; - Visualization tools to display your network; - Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses; The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well. What you will learn during the webinar: - For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills; - For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

FIDO Alliance

Transcript: Selling digital books in 2024: Insights from industry leaders - T...

BookNet Canada

The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more. Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/ Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.

How world-class product teams are winning in the AI era by CEO and Founder, P...

Product School

Recently uploaded (20)

Essentials of Automations: Optimizing FME Workflows with Parameters

AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...

State of ICS and IoT Cyber Threat Landscape Report 2024 preview

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024

Elevating Tactical DDD Patterns Through Object Calisthenics

Mission to Decommission: Importance of Decommissioning Products to Increase E...

Generating a custom Ruby SDK for your web service or Rails API using Smithy

Connector Corner: Automate dynamic content and events by pushing a button

Securing your Kubernetes cluster_ a step-by-step guide to success !

DevOps and Testing slides at DASA Connect

Knowledge engineering: from people to machines and back

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...

Epistemic Interaction - tuning interfaces to provide information for AI support

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

Transcript: Selling digital books in 2024: Insights from industry leaders - T...

How world-class product teams are winning in the AI era by CEO and Founder, P...

[International Workshop on Cybersecurity] THREAT INFO SHARING IN PRIVATE SECTOR

1. THREAT INFO SHARING IN PRIVATE SECTOR Nov Matake, GREE Inc.

2. NOV MATAKE • Security Engineer, GREE Inc. • Evangelist, OpenID Foundation Japan • Interested in.. • Digital Identity • Privacy • Security

3. PASSWORD LEAKS • Yahoo! JAPAN • OCN • Adobe • LinkedIn • etc…

4. PASSWORD LIST ATTACKS • CyberAgent • GREE • DeNA • mixi • Nintendo • etc.

5. ONLINE FRAUD ON LINE

6. RISK-BASED SECURITY MANAGEMENT costs $$$..

7. –Eric Sachs, Google “If you’re typing a password into something, unless they have 100+ full-time engineers working on security and abuse and fraud, you should be nervous.”

8. THREAT INFO SHARING

10. Share information about important security events in order to thwart attackers from leveraging compromised accounts from one Service Provider to gain access to accounts on other Service Providers.

11. SECURITY VS. PRIVACY

12. – Consumer Privacy Bill of Rights Act of 2015, White House “The term “personal data” shall not include cyber threat indicators collected, processed, created, used, retained, or disclosed in order to investigate, mitigate, or otherwise respond to a cybersecurity threat or incident, when processed for those purposes.”

13. – Act on the Protection of Personal Information, Japan “Cases in which the provision of personal data is necessary for the protection of the life, body, or property of an individual and in which it is difficult to obtain the consent of the person”

14. CONCLUSION • Hire 100+ security engineers, or share information !! • FB & OIDF are going forward with White House backup • Resolve the conflict between security & privacy • Cyber Security Basic Act solves it ?

[International Workshop on Cybersecurity] THREAT INFO SHARING IN PRIVATE SECTOR

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (17)

Similar to [International Workshop on Cybersecurity] THREAT INFO SHARING IN PRIVATE SECTOR

Similar to [International Workshop on Cybersecurity] THREAT INFO SHARING IN PRIVATE SECTOR (20)

More from gree_tech

More from gree_tech (20)

Recently uploaded

Recently uploaded (20)

[International Workshop on Cybersecurity] THREAT INFO SHARING IN PRIVATE SECTOR