SlideShare a Scribd company logo

Acuent Security

Stephen Bates
Stephen Bates

This document provides an overview of a security presentation given by Acuent. It includes an agenda that covers network security and PeopleSoft security. It also provides details about Acuent, including its history, partnerships, locations, lines of business, and alliances. The document outlines topics covered in the presentation such as why security is important, security objectives, vulnerability assessments, developing security policies, and technical security controls not covered.

Software
1 of 31
Download to read offline
Proprietary and Confidential Security Presentation Presented by: Stephen Bates Jeffrey Gehl Larry Hymson Jeremy Gulban May 23, 2001 www.acuent.com
Proprietary and Confidential q Introduction q Network Security q PeopleSoft Security Agenda www.acuent.com
Proprietary and Confidential About Acuent ♦  18 Year History - founded in 1983 ♦  9 Year Partnership with PeopleSoft ♦  One of PeopleSoft’s Original Partners ♦  Largest Privately Held PeopleSoft House in the US ♦  Over 350+ PeopleSoft implementations ♦  400+ employees ♦  Core Skills –  PeopleSoft –  Business Process Improvement / Change Management –  Integration and Application Middleware –  J2EE/DNA Platforms (Certified MCSD, Certified Java Specialists) –  Security Strength & Experience
Proprietary and Confidential Irvine, CA Parsippany, NJ Atlanta, GA Chicago, IL Vienna, VA Seattle, WA Headquarters Existing Offices Planned for 2001 www.acuent.com Nationwide Offices
Proprietary and Confidential External Content e-Enabling the Enterprise Acuent offers a full roster of services that help enable enterprise-wide Internet, Intranet and, Extranet initiatives Employees Customers Suppliers Marketplaces Organization ERP Content Repository B2BX B2B B2C B2E www.acuent.com
Proprietary and Confidential e*Markets Commercial e*Business Enterprise Application Solutions e*Engineering www.acuent.com Acuent Lines of Business
Management Consulting Technology Assessment Services Change Management Strategy Development Services Performance Management www.acuent.com e*Engineering
Proprietary and Confidential Technology Assessment Services Transformation Management Business Integration Management e*Security Infrastructure & Database Development Services Custom & Packaged Application Development Portal Solutions e*Commerce Solutions e*Strategy Services Front-end Design Services www.acuent.com Commercial e*Business
Proprietary and Confidential Technology Assessment Services Transformation Services Business Improvement Services Post Production Support Training Upgrades Software Implementations Infrastructure & Database Development Services www.acuent.com Enterprise Application Solutions
Proprietary and Confidential ERP PeopleSoft Oracle Lawson CRM Vantive Business Intelligence Brio Sagent e-Commerce Vignette BroadVision Portals Plumtree Sequoia iPlanet PeopleSoft Procurement CommerceOne Middleware Neon Vitria WebSphere iPlanet ColdFusion WebMethods ATG Dynamo SilverStream Sun Oracle ServerPackages&Tools e-BusinessPackagedApplications www.acuent.com Acuent Alliances
Proprietary and Confidential Business Services Financial Services Utilities Health Care Public Sector GE Capital Manufacturing The MacManus Group www.acuent.com Commitment to Client Satisfaction
Proprietary and Confidential Our People Adaptability Integrity Innovation Our Customers Strategies Our Culture Acuent Partnerships Solutions Versatility www.acuent.com
Proprietary and Confidential q  Why security? è Market Trends è Demand è Solving the business problems q  Security Objectives q  Vulnerability Assessments q  Developing a security policy q  Resources Security Outline: what we’re going to talk about today
Proprietary and Confidential q  Firewalls q  Intrusion Detection Systems q  Anti-Virus efforts q  Browser Vulnerabilities q  Demilitarized Zones q  Virtual Private Networks q  Public Key Infrastructures & Vendor implementations è  Certificate Authorities è  Certificate Revocation Lists è  Secure Messaging via S/MIME and/or PGP q  Security Routers & Access Control Lists q  Unix or Microsoft System Vulnerabilities q  IPSec q  Extensive Auditing Procedures q  Security of Storage, Backup & Recovery What we’re NOT going to talk about today
Proprietary and Confidential Security is a process, not a product. Traditional computer security has relied heavily on firewalls, intrusion detection systems, and other prevention products. All can be valuable components to a security process, but they are also very fragile. They can be exploited, disabled, or simply circumvented. BLUF: Bottom Line Up Front on Security
Proprietary and Confidential q  Small and medium business finding Internet connectivity critical q  Enterprises need to upgrade existing router-based infrastructure in enterprises to enhance security q  ISPs providing secure managed solutions, and protecting their own network q  All businesses recognizing need to build intranets and extranets Market Trends
Proprietary and Confidential q  Permit corporate connectivity with the Internet q  Leverage the Internet and protect corporate resources q  Create internal network perimeters q  Enable secure communications with business partners q  Provide high-speed policy enforcement Trusted Network Untrusted Network (Partner) Untrusted Network II (Internet) Driving Demand for Security
Proprietary and Confidential Internet Business Need Security Complexity Internet Access VPN and Extranets Internet Presence Networked Commerce OK, so what’s the business problem?
Proprietary and Confidential q  Applications è World Wide Web and e-mail access q  Security issues è Protection of internal resources from outsiders è Limiting external privileges of internal users è Visibility of internal network addresses è Auditing usage and possible attacks Internet Enable Internet Access
Proprietary and Confidential q  Additional applications è E-mail server managed locally è Web server provides presence q  Additional security issues è Protection of public resources è Separation of public and internal networks E-Mail WWW Internet Enable Internet Presence
Proprietary and Confidential q  Additional applications è Electronic commerce with controlled access to business systems for ordering, etc. q  Additional security issues è Secure gateway-internal communication è Client-commerce gateway data privacy è Strong application authentication of client Commerce Gateways Internal Business Systems Internet Enable Networked Commerce
Proprietary and Confidential Mobile/Home Users q  Additional applications è Private connections over public network è Virtual Private Network (VPN) q  Additional security issues è Encryption between remote users/sites and HQ è Strong network authentication of client HQ Remote Site Extranet Partner Internet Enable VPN and Extranets
Proprietary and Confidential q Assets è What information assets do you have? è Rank assets based on criticality q Vulnerabilities è Weakness or flaw that enables a threat to attack an information system q Threats è An entity capable of causing harm to an information systems (Hackers, Insiders, Natural Disasters, etc.) q Risk è The likelihood that a threat can exploit a vulnerability to attack a system q Countermeasures è Mechanisms to minimize the risk to information assets è Can be technical or non-technical in nature “Security” Concerns
Proprietary and Confidential Impact: Costs of a Root Compromise q  Tangibles è Admin time - rebuild, restore, reconfigure è End users - Downtime/service unavailable, lost time due to new passwords, etc. è Management - Decision making/approval process, legal, etc. q  Intangibles è Customer Faith / Trust è The “Blame Game”
Proprietary and Confidential Transparent Access Security Authentication Authorization Auditing Nonrepudiation Confidentiality Data Integrity Policy Management Connectivity Performance Ease of Use Manageability Availability Security Objective: Balance Business Needs with Risks
Proprietary and Confidential Vulnerability Assessment Benefits q Identify all applicable vulnerabilities q Proper configuration of system components q Educate users, IT staff, and management on threats è internal è external q Current technical solutions to threat access routes q Network security trends analysis q Assist in security risk management planning q Assist in developing a workable, viable security policy UNIVERSAL PASSPORT Kjkjkjdgdk kjdkjfdkI kdfjkdj IkejkejKkdkd fdKKjkdjd KjkdjfkdKjkd Kjdkfjkdj Kjdk USA ************************ ************************ Kdkfldkaloee kjfkjajjakjkjkjkajkjfiejijgkd kdjfkdkdkdkddfkdjfkdjkdkd kfjdkkdjkfd kfjdkfjdkjkdjkdjkaj kjfdkjfkdjkfjkjajjajdjfla kjdfkjeiieie fkeieooei UNIVERSAL PASSPORT
Proprietary and Confidential What Is a “Security Policy”? “A security policy is a formal statement of the rules by which people who are given access to an organization's technology and information assets must abide.” Source: RFC 2196, Site Security Handbook draft
Proprietary and Confidential UNIVERSAL PASSPORT Kjkjkjdgdk kjdkjfdkI kdfjkdj IkejkejKkdkd fdKKjkdjd KjkdjfkdKjkd Kjdkfjkdj Kjdk USA ************************ ************************ Kdkfldkaloee kjfkjajjakjkjkjkajkjfiejijgkd kdjfkdkdkdkddfkdjfkdjkdkd kfjdkkdjkfd kfjdkfjdkjkdjkdjkaj kjfdkjfkdjkfjkjajjajdjfla kjdfkjeiieie fkeieooei First Steps in Designing a Security Policy q Who are our users? q What information needs to be protected? q What are their privileges? q Where is our information?
Proprietary and Confidential Policy Management Restrictive ClosedOpen Designing and implementing appropriate Security Policy q Open security policy è Permit everything that is not expressly denied q Restrictive security policy è Combination of specific permissions/specific restrictions q Closed security policy è That which is not expressly permitted is denied
Proprietary and Confidential q  Process and Progress, not perfection overnight! q  Form a core group of advocates with shared views q  Target management and leaders most likely to be influential in creating a positive security culture q  Use case studies and actual events to make your points q  Develop a written policy and publish it q  Get management buy-in for your policies beforehand q  Use a positive approach: focus on opportunities for improvement, not reduction of failure q  Recognize & reward positive behavior Improving Security Education See Network World Security Newsletter at: http://www.nwfusion.com/newsletters/sec/0424sec2.html
Proprietary and Confidential q  RFCs: http://www.ietf.org/rfc.html è 1173: Responsibilities of Host and Net Managers è 2350 - Expectations for Computer Security Incident Response è 2196 - Site Security Handbook è 2504 - Users' Security Handbook q  Vendors è Configuration and patches/hotfixes è Anti-Virus Updates q  Crypto-Gram: http://www.counterpane.com/crypto-gram.html q  System Administrator and Network Security Institute (SANS): http://www.sans.org è Worst Mistakes committed by Executives, End Users, and IT Personnel è Top Ten System and Software Vulnerabilities q  Computer Incident Advisory Capability (CIAC): http://ciac.llnl.gov q  CERT Coordination Center (CERT/CC): http://www.cert.org q  Forum of Incident Response and Security Teams (FIRST): http://www.first.org Security Resources & Best Practices

Recommended

Ben Rothke - Effective Data Destruction Practices
Ben Rothke - Effective Data Destruction PracticesBen Rothke - Effective Data Destruction Practices
Ben Rothke - Effective Data Destruction Practices
Ben Rothke
 
Widepoint orc thales webinar 111313d - nov 2013
Widepoint orc thales webinar 111313d - nov 2013Widepoint orc thales webinar 111313d - nov 2013
Widepoint orc thales webinar 111313d - nov 2013
Federation for Identity and Cross-Credentialing Systems (FiXs)
 
Rothke effective data destruction practices
Rothke effective data destruction practicesRothke effective data destruction practices
Rothke effective data destruction practices
Ben Rothke
 
Hayat Resume-1
Hayat Resume-1Hayat Resume-1
Hayat Resume-1
Hayat Azizi
 
Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...
Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...
Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...
Ben Rothke
 
Waterfall Security Solutions Overview Q1 2012
Waterfall Security Solutions Overview Q1 2012Waterfall Security Solutions Overview Q1 2012
Waterfall Security Solutions Overview Q1 2012
henkpieper
 
Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security
Digital Bond
 
2015 Angelbeat_ConvergenceMsg-FINAL
2015 Angelbeat_ConvergenceMsg-FINAL2015 Angelbeat_ConvergenceMsg-FINAL
2015 Angelbeat_ConvergenceMsg-FINAL
Rick Kingsley
 

Recommended

Ben Rothke - Effective Data Destruction Practices
Ben Rothke - Effective Data Destruction PracticesBen Rothke - Effective Data Destruction Practices
Ben Rothke - Effective Data Destruction Practices
Ben Rothke
 
Widepoint orc thales webinar 111313d - nov 2013
Widepoint orc thales webinar 111313d - nov 2013Widepoint orc thales webinar 111313d - nov 2013
Widepoint orc thales webinar 111313d - nov 2013
Federation for Identity and Cross-Credentialing Systems (FiXs)
 
Rothke effective data destruction practices
Rothke effective data destruction practicesRothke effective data destruction practices
Rothke effective data destruction practices
Ben Rothke
 
Hayat Resume-1
Hayat Resume-1Hayat Resume-1
Hayat Resume-1
Hayat Azizi
 
Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...
Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...
Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...
Ben Rothke
 
Waterfall Security Solutions Overview Q1 2012
Waterfall Security Solutions Overview Q1 2012Waterfall Security Solutions Overview Q1 2012
Waterfall Security Solutions Overview Q1 2012
henkpieper
 
Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security Unidirectional Security, Andrew Ginter of Waterfall Security
Unidirectional Security, Andrew Ginter of Waterfall Security
Digital Bond
 
2015 Angelbeat_ConvergenceMsg-FINAL
2015 Angelbeat_ConvergenceMsg-FINAL2015 Angelbeat_ConvergenceMsg-FINAL
2015 Angelbeat_ConvergenceMsg-FINAL
Rick Kingsley
 
Duke Pci T Raining Slides
Duke Pci T Raining SlidesDuke Pci T Raining Slides
Duke Pci T Raining Slides
Laney Dale
 
PCI Myths
PCI MythsPCI Myths
PCI Myths
Sasha Nunke
 
Afac device-security-july-7-2014v7-2
Afac device-security-july-7-2014v7-2Afac device-security-july-7-2014v7-2
Afac device-security-july-7-2014v7-2
KBIZEAU
 
Capture Discovery
Capture DiscoveryCapture Discovery
Capture Discovery
wlucina
 
How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...
Community Protection Forum
 
Telaid: Technology Lifecycle Solutions
Telaid: Technology Lifecycle SolutionsTelaid: Technology Lifecycle Solutions
Telaid: Technology Lifecycle Solutions
ajackson88
 
Auditing Distributed Preservation Networks
Auditing Distributed Preservation Networks Auditing Distributed Preservation Networks
Auditing Distributed Preservation Networks
Micah Altman
 
S4xJapan Closing Keynote
S4xJapan Closing KeynoteS4xJapan Closing Keynote
S4xJapan Closing Keynote
Digital Bond
 
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
Skoda Minotti
 
Performing PCI DSS Assessments Using Zero Trust Principles
Performing PCI DSS Assessments Using Zero Trust PrinciplesPerforming PCI DSS Assessments Using Zero Trust Principles
Performing PCI DSS Assessments Using Zero Trust Principles
ControlCase
 
Frontline solutions For Security Practitioners 1008
Frontline solutions For Security Practitioners 1008Frontline solutions For Security Practitioners 1008
Frontline solutions For Security Practitioners 1008
Rick Wanner
 
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
Digital Bond
 
DSS @Arrow_Inspiration_Roadshow_2013_Symantec_Extends_Encryption_Offerings
DSS @Arrow_Inspiration_Roadshow_2013_Symantec_Extends_Encryption_OfferingsDSS @Arrow_Inspiration_Roadshow_2013_Symantec_Extends_Encryption_Offerings
DSS @Arrow_Inspiration_Roadshow_2013_Symantec_Extends_Encryption_Offerings
Andris Soroka
 
You Will Be Breached
You Will Be BreachedYou Will Be Breached
You Will Be Breached
Mike Saunders
 
Orange Legal Technologies Considering Meet And Confer I L T A Prod...
Orange Legal Technologies Considering Meet And Confer I L T A Prod...Orange Legal Technologies Considering Meet And Confer I L T A Prod...
Orange Legal Technologies Considering Meet And Confer I L T A Prod...
Rob Robinson
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The Field
Digital Bond
 
Toronto Event- How to Protect Data Throughout Its Lifecycle
Toronto Event- How to Protect Data Throughout Its Lifecycle Toronto Event- How to Protect Data Throughout Its Lifecycle
Toronto Event- How to Protect Data Throughout Its Lifecycle
Blancco
 
Comp8 unit6b lecture_slides
Comp8 unit6b lecture_slidesComp8 unit6b lecture_slides
Comp8 unit6b lecture_slides
CMDLMS
 
Top Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your BusinessTop Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your Business
Nicholas Davis
 
Blancco Bytes- Product Updates for ITADs
Blancco Bytes- Product Updates for ITADsBlancco Bytes- Product Updates for ITADs
Blancco Bytes- Product Updates for ITADs
Blancco
 
The Effect of Technology on Those Who Package and Distribute the News
The Effect of Technology on Those Who Package and Distribute the NewsThe Effect of Technology on Those Who Package and Distribute the News
The Effect of Technology on Those Who Package and Distribute the News
Stephen Bates
 
OSIsoft intros to USACE CIO at Microsoft Executive Briefing Center
OSIsoft intros to USACE CIO at Microsoft Executive Briefing CenterOSIsoft intros to USACE CIO at Microsoft Executive Briefing Center
OSIsoft intros to USACE CIO at Microsoft Executive Briefing Center
Stephen Bates
 

More Related Content

What's hot

Duke Pci T Raining Slides
Duke Pci T Raining SlidesDuke Pci T Raining Slides
Duke Pci T Raining Slides
Laney Dale
 
PCI Myths
PCI MythsPCI Myths
PCI Myths
Sasha Nunke
 
Afac device-security-july-7-2014v7-2
Afac device-security-july-7-2014v7-2Afac device-security-july-7-2014v7-2
Afac device-security-july-7-2014v7-2
KBIZEAU
 
Capture Discovery
Capture DiscoveryCapture Discovery
Capture Discovery
wlucina
 
How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...
Community Protection Forum
 
Telaid: Technology Lifecycle Solutions
Telaid: Technology Lifecycle SolutionsTelaid: Technology Lifecycle Solutions
Telaid: Technology Lifecycle Solutions
ajackson88
 
Auditing Distributed Preservation Networks
Auditing Distributed Preservation Networks Auditing Distributed Preservation Networks
Auditing Distributed Preservation Networks
Micah Altman
 
S4xJapan Closing Keynote
S4xJapan Closing KeynoteS4xJapan Closing Keynote
S4xJapan Closing Keynote
Digital Bond
 
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
Skoda Minotti
 
Performing PCI DSS Assessments Using Zero Trust Principles
Performing PCI DSS Assessments Using Zero Trust PrinciplesPerforming PCI DSS Assessments Using Zero Trust Principles
Performing PCI DSS Assessments Using Zero Trust Principles
ControlCase
 
Frontline solutions For Security Practitioners 1008
Frontline solutions For Security Practitioners 1008Frontline solutions For Security Practitioners 1008
Frontline solutions For Security Practitioners 1008
Rick Wanner
 
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
Digital Bond
 
DSS @Arrow_Inspiration_Roadshow_2013_Symantec_Extends_Encryption_Offerings
DSS @Arrow_Inspiration_Roadshow_2013_Symantec_Extends_Encryption_OfferingsDSS @Arrow_Inspiration_Roadshow_2013_Symantec_Extends_Encryption_Offerings
DSS @Arrow_Inspiration_Roadshow_2013_Symantec_Extends_Encryption_Offerings
Andris Soroka
 
You Will Be Breached
You Will Be BreachedYou Will Be Breached
You Will Be Breached
Mike Saunders
 
Orange Legal Technologies Considering Meet And Confer I L T A Prod...
Orange Legal Technologies Considering Meet And Confer I L T A Prod...Orange Legal Technologies Considering Meet And Confer I L T A Prod...
Orange Legal Technologies Considering Meet And Confer I L T A Prod...
Rob Robinson
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The Field
Digital Bond
 
Toronto Event- How to Protect Data Throughout Its Lifecycle
Toronto Event- How to Protect Data Throughout Its Lifecycle Toronto Event- How to Protect Data Throughout Its Lifecycle
Toronto Event- How to Protect Data Throughout Its Lifecycle
Blancco
 
Comp8 unit6b lecture_slides
Comp8 unit6b lecture_slidesComp8 unit6b lecture_slides
Comp8 unit6b lecture_slides
CMDLMS
 
Top Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your BusinessTop Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your Business
Nicholas Davis
 
Blancco Bytes- Product Updates for ITADs
Blancco Bytes- Product Updates for ITADsBlancco Bytes- Product Updates for ITADs
Blancco Bytes- Product Updates for ITADs
Blancco
 

What's hot (20)

Duke Pci T Raining Slides
Duke Pci T Raining SlidesDuke Pci T Raining Slides
Duke Pci T Raining Slides
 
PCI Myths
PCI MythsPCI Myths
PCI Myths
 
Afac device-security-july-7-2014v7-2
Afac device-security-july-7-2014v7-2Afac device-security-july-7-2014v7-2
Afac device-security-july-7-2014v7-2
 
Capture Discovery
Capture DiscoveryCapture Discovery
Capture Discovery
 
How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...How Security can be stronger than a Firewall: 13 different ways breaking thro...
How Security can be stronger than a Firewall: 13 different ways breaking thro...
 
Telaid: Technology Lifecycle Solutions
Telaid: Technology Lifecycle SolutionsTelaid: Technology Lifecycle Solutions
Telaid: Technology Lifecycle Solutions
 
Auditing Distributed Preservation Networks
Auditing Distributed Preservation Networks Auditing Distributed Preservation Networks
Auditing Distributed Preservation Networks
 
S4xJapan Closing Keynote
S4xJapan Closing KeynoteS4xJapan Closing Keynote
S4xJapan Closing Keynote
 
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
IT Compliance and Governance with DLP Controls and Vulnerability Scanning Sof...
 
Performing PCI DSS Assessments Using Zero Trust Principles
Performing PCI DSS Assessments Using Zero Trust PrinciplesPerforming PCI DSS Assessments Using Zero Trust Principles
Performing PCI DSS Assessments Using Zero Trust Principles
 
Frontline solutions For Security Practitioners 1008
Frontline solutions For Security Practitioners 1008Frontline solutions For Security Practitioners 1008
Frontline solutions For Security Practitioners 1008
 
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
ICS Security from the Plant Floor Up - A Controls Engineers Approach to Secur...
 
DSS @Arrow_Inspiration_Roadshow_2013_Symantec_Extends_Encryption_Offerings
DSS @Arrow_Inspiration_Roadshow_2013_Symantec_Extends_Encryption_OfferingsDSS @Arrow_Inspiration_Roadshow_2013_Symantec_Extends_Encryption_Offerings
DSS @Arrow_Inspiration_Roadshow_2013_Symantec_Extends_Encryption_Offerings
 
You Will Be Breached
You Will Be BreachedYou Will Be Breached
You Will Be Breached
 
Orange Legal Technologies Considering Meet And Confer I L T A Prod...
Orange Legal Technologies Considering Meet And Confer I L T A Prod...Orange Legal Technologies Considering Meet And Confer I L T A Prod...
Orange Legal Technologies Considering Meet And Confer I L T A Prod...
 
Active Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The FieldActive Directory in ICS: Lessons Learned From The Field
Active Directory in ICS: Lessons Learned From The Field
 
Toronto Event- How to Protect Data Throughout Its Lifecycle
Toronto Event- How to Protect Data Throughout Its Lifecycle Toronto Event- How to Protect Data Throughout Its Lifecycle
Toronto Event- How to Protect Data Throughout Its Lifecycle
 
Comp8 unit6b lecture_slides
Comp8 unit6b lecture_slidesComp8 unit6b lecture_slides
Comp8 unit6b lecture_slides
 
Top Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your BusinessTop Cybersecurity Challenges Facing Your Business
Top Cybersecurity Challenges Facing Your Business
 
Blancco Bytes- Product Updates for ITADs
Blancco Bytes- Product Updates for ITADsBlancco Bytes- Product Updates for ITADs
Blancco Bytes- Product Updates for ITADs
 

Viewers also liked

The Effect of Technology on Those Who Package and Distribute the News
The Effect of Technology on Those Who Package and Distribute the NewsThe Effect of Technology on Those Who Package and Distribute the News
The Effect of Technology on Those Who Package and Distribute the News
Stephen Bates
 
OSIsoft intros to USACE CIO at Microsoft Executive Briefing Center
OSIsoft intros to USACE CIO at Microsoft Executive Briefing CenterOSIsoft intros to USACE CIO at Microsoft Executive Briefing Center
OSIsoft intros to USACE CIO at Microsoft Executive Briefing Center
Stephen Bates
 
OSIsoft USACE CIO Executive Briefing PART II 23aug16
OSIsoft USACE CIO Executive Briefing PART II 23aug16OSIsoft USACE CIO Executive Briefing PART II 23aug16
OSIsoft USACE CIO Executive Briefing PART II 23aug16
Stephen Bates
 
Introduction to OCTI
Introduction to OCTIIntroduction to OCTI
Introduction to OCTI
Stephen Bates
 
Walter Reed Contract Win Project Kickoff
Walter Reed Contract Win Project KickoffWalter Reed Contract Win Project Kickoff
Walter Reed Contract Win Project Kickoff
Stephen Bates
 
Analytical Performance Management
Analytical Performance ManagementAnalytical Performance Management
Analytical Performance Management
Stephen Bates
 
Internet of Things Primer
Internet of Things PrimerInternet of Things Primer
Internet of Things Primer
Stephen Bates
 
Industrial Internet of Things -- Microsoft DC Azure Meetup
Industrial Internet of Things -- Microsoft DC Azure MeetupIndustrial Internet of Things -- Microsoft DC Azure Meetup
Industrial Internet of Things -- Microsoft DC Azure Meetup
Stephen Bates
 

Viewers also liked (8)

The Effect of Technology on Those Who Package and Distribute the News
The Effect of Technology on Those Who Package and Distribute the NewsThe Effect of Technology on Those Who Package and Distribute the News
The Effect of Technology on Those Who Package and Distribute the News
 
OSIsoft intros to USACE CIO at Microsoft Executive Briefing Center
OSIsoft intros to USACE CIO at Microsoft Executive Briefing CenterOSIsoft intros to USACE CIO at Microsoft Executive Briefing Center
OSIsoft intros to USACE CIO at Microsoft Executive Briefing Center
 
OSIsoft USACE CIO Executive Briefing PART II 23aug16
OSIsoft USACE CIO Executive Briefing PART II 23aug16OSIsoft USACE CIO Executive Briefing PART II 23aug16
OSIsoft USACE CIO Executive Briefing PART II 23aug16
 
Introduction to OCTI
Introduction to OCTIIntroduction to OCTI
Introduction to OCTI
 
Walter Reed Contract Win Project Kickoff
Walter Reed Contract Win Project KickoffWalter Reed Contract Win Project Kickoff
Walter Reed Contract Win Project Kickoff
 
Analytical Performance Management
Analytical Performance ManagementAnalytical Performance Management
Analytical Performance Management
 
Internet of Things Primer
Internet of Things PrimerInternet of Things Primer
Internet of Things Primer
 
Industrial Internet of Things -- Microsoft DC Azure Meetup
Industrial Internet of Things -- Microsoft DC Azure MeetupIndustrial Internet of Things -- Microsoft DC Azure Meetup
Industrial Internet of Things -- Microsoft DC Azure Meetup
 

Similar to Acuent Security

Hayat resume 1
Hayat resume 1Hayat resume 1
Hayat resume 1
Hayat Azizi
 
PLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
PLNOG14: Firewalls In Modern Data Centers - Piotr WojciechowskiPLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
PLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
PROIDEA
 
628577
628577628577
628577
Hayat Azizi
 
Veeras_Infotek_Corporate (2)
Veeras_Infotek_Corporate (2)Veeras_Infotek_Corporate (2)
Veeras_Infotek_Corporate (2)
Rakesh Kumar
 
Protect Against Security Breaches by Securing Endpoints with Multi-Factor Aut...
Protect Against Security Breaches by Securing Endpoints with Multi-Factor Aut...Protect Against Security Breaches by Securing Endpoints with Multi-Factor Aut...
Protect Against Security Breaches by Securing Endpoints with Multi-Factor Aut...
CA Technologies
 
20161021 JS Cybersecurity Service Proposal
20161021 JS Cybersecurity Service Proposal20161021 JS Cybersecurity Service Proposal
20161021 JS Cybersecurity Service Proposal
Carl Bradley Pate
 
jhon ibrahim.ppt
jhon ibrahim.pptjhon ibrahim.ppt
jhon ibrahim.ppt
Muhammad Fahad Khan
 
CyberSecurity Update Slides
CyberSecurity Update SlidesCyberSecurity Update Slides
CyberSecurity Update Slides
Jim Kaplan CIA CFE
 
Company Profile
Company ProfileCompany Profile
Company Profile
3SC World
 
ISS CAPSTONE TEAM
ISS CAPSTONE TEAMISS CAPSTONE TEAM
ISS CAPSTONE TEAM
Jonathan Fuller
 
Trusted db a trusted hardware based database with privacy and data confidenti...
Trusted db a trusted hardware based database with privacy and data confidenti...Trusted db a trusted hardware based database with privacy and data confidenti...
Trusted db a trusted hardware based database with privacy and data confidenti...
LeMeniz Infotech
 
MatterPoint Overview
MatterPoint OverviewMatterPoint Overview
MatterPoint Overview
Bob Rivas
 
Cloud: Should I Stay or Should I Go?
Cloud: Should I Stay or Should I Go?Cloud: Should I Stay or Should I Go?
Cloud: Should I Stay or Should I Go?
Marcelo Martins
 
Safend General Presentation 2010
Safend General Presentation 2010Safend General Presentation 2010
Safend General Presentation 2010
Joseph Mark Heinzen
 
Protegendo sua rede
Protegendo sua redeProtegendo sua rede
Protegendo sua rede
Cisco do Brasil
 
Brighttalk understanding the promise of sde - final
Brighttalk understanding the promise of sde - finalBrighttalk understanding the promise of sde - final
Brighttalk understanding the promise of sde - final
Andrew White
 
SanerNow Endpoint Management
SanerNow Endpoint ManagementSanerNow Endpoint Management
SanerNow Endpoint Management
SecPod Technologies
 
BREACHED: Data Centric Security for SAP
BREACHED: Data Centric Security for SAPBREACHED: Data Centric Security for SAP
BREACHED: Data Centric Security for SAP
UL Transaction Security
 
Cybercrime future perspectives
Cybercrime future perspectivesCybercrime future perspectives
Cybercrime future perspectives
SensePost
 
User management - the next-gen of authentication meetup 27012022
User management - the next-gen of authentication meetup 27012022User management - the next-gen of authentication meetup 27012022
User management - the next-gen of authentication meetup 27012022
lior mazor
 

Similar to Acuent Security (20)

Hayat resume 1
Hayat resume 1Hayat resume 1
Hayat resume 1
 
PLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
PLNOG14: Firewalls In Modern Data Centers - Piotr WojciechowskiPLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
PLNOG14: Firewalls In Modern Data Centers - Piotr Wojciechowski
 
628577
628577628577
628577
 
Veeras_Infotek_Corporate (2)
Veeras_Infotek_Corporate (2)Veeras_Infotek_Corporate (2)
Veeras_Infotek_Corporate (2)
 
Protect Against Security Breaches by Securing Endpoints with Multi-Factor Aut...
Protect Against Security Breaches by Securing Endpoints with Multi-Factor Aut...Protect Against Security Breaches by Securing Endpoints with Multi-Factor Aut...
Protect Against Security Breaches by Securing Endpoints with Multi-Factor Aut...
 
20161021 JS Cybersecurity Service Proposal
20161021 JS Cybersecurity Service Proposal20161021 JS Cybersecurity Service Proposal
20161021 JS Cybersecurity Service Proposal
 
jhon ibrahim.ppt
jhon ibrahim.pptjhon ibrahim.ppt
jhon ibrahim.ppt
 
CyberSecurity Update Slides
CyberSecurity Update SlidesCyberSecurity Update Slides
CyberSecurity Update Slides
 
Company Profile
Company ProfileCompany Profile
Company Profile
 
ISS CAPSTONE TEAM
ISS CAPSTONE TEAMISS CAPSTONE TEAM
ISS CAPSTONE TEAM
 
Trusted db a trusted hardware based database with privacy and data confidenti...
Trusted db a trusted hardware based database with privacy and data confidenti...Trusted db a trusted hardware based database with privacy and data confidenti...
Trusted db a trusted hardware based database with privacy and data confidenti...
 
MatterPoint Overview
MatterPoint OverviewMatterPoint Overview
MatterPoint Overview
 
Cloud: Should I Stay or Should I Go?
Cloud: Should I Stay or Should I Go?Cloud: Should I Stay or Should I Go?
Cloud: Should I Stay or Should I Go?
 
Safend General Presentation 2010
Safend General Presentation 2010Safend General Presentation 2010
Safend General Presentation 2010
 
Protegendo sua rede
Protegendo sua redeProtegendo sua rede
Protegendo sua rede
 
Brighttalk understanding the promise of sde - final
Brighttalk understanding the promise of sde - finalBrighttalk understanding the promise of sde - final
Brighttalk understanding the promise of sde - final
 
SanerNow Endpoint Management
SanerNow Endpoint ManagementSanerNow Endpoint Management
SanerNow Endpoint Management
 
BREACHED: Data Centric Security for SAP
BREACHED: Data Centric Security for SAPBREACHED: Data Centric Security for SAP
BREACHED: Data Centric Security for SAP
 
Cybercrime future perspectives
Cybercrime future perspectivesCybercrime future perspectives
Cybercrime future perspectives
 
User management - the next-gen of authentication meetup 27012022
User management - the next-gen of authentication meetup 27012022User management - the next-gen of authentication meetup 27012022
User management - the next-gen of authentication meetup 27012022
 

More from Stephen Bates

BatesCainelliStrategicAlliances2020v2.pdf
BatesCainelliStrategicAlliances2020v2.pdfBatesCainelliStrategicAlliances2020v2.pdf
BatesCainelliStrategicAlliances2020v2.pdf
Stephen Bates
 
Senior Executives in National and International Security
Senior Executives in National and International SecuritySenior Executives in National and International Security
Senior Executives in National and International Security
Stephen Bates
 
SEB Oracle Overview
SEB Oracle OverviewSEB Oracle Overview
SEB Oracle Overview
Stephen Bates
 
SEB Forcepoint Corporate Overview
SEB Forcepoint Corporate OverviewSEB Forcepoint Corporate Overview
SEB Forcepoint Corporate Overview
Stephen Bates
 
BatesCainelli Capabilities Overview
BatesCainelli Capabilities OverviewBatesCainelli Capabilities Overview
BatesCainelli Capabilities Overview
Stephen Bates
 
Enabling Legacy Sensors for the Internet of Things
Enabling Legacy Sensors for the Internet of ThingsEnabling Legacy Sensors for the Internet of Things
Enabling Legacy Sensors for the Internet of Things
Stephen Bates
 
DISA Enterprise Storage Services Contract White Paper
DISA Enterprise Storage Services Contract White PaperDISA Enterprise Storage Services Contract White Paper
DISA Enterprise Storage Services Contract White Paper
Stephen Bates
 
2007 Writing Presentation given as guest lecturer, George Mason University
2007 Writing Presentation given as guest lecturer, George Mason University2007 Writing Presentation given as guest lecturer, George Mason University
2007 Writing Presentation given as guest lecturer, George Mason University
Stephen Bates
 
Strategy and Strategic Alliances for the New York Times
Strategy and Strategic Alliances for the New York TimesStrategy and Strategic Alliances for the New York Times
Strategy and Strategic Alliances for the New York Times
Stephen Bates
 

More from Stephen Bates (9)

BatesCainelliStrategicAlliances2020v2.pdf
BatesCainelliStrategicAlliances2020v2.pdfBatesCainelliStrategicAlliances2020v2.pdf
BatesCainelliStrategicAlliances2020v2.pdf
 
Senior Executives in National and International Security
Senior Executives in National and International SecuritySenior Executives in National and International Security
Senior Executives in National and International Security
 
SEB Oracle Overview
SEB Oracle OverviewSEB Oracle Overview
SEB Oracle Overview
 
SEB Forcepoint Corporate Overview
SEB Forcepoint Corporate OverviewSEB Forcepoint Corporate Overview
SEB Forcepoint Corporate Overview
 
BatesCainelli Capabilities Overview
BatesCainelli Capabilities OverviewBatesCainelli Capabilities Overview
BatesCainelli Capabilities Overview
 
Enabling Legacy Sensors for the Internet of Things
Enabling Legacy Sensors for the Internet of ThingsEnabling Legacy Sensors for the Internet of Things
Enabling Legacy Sensors for the Internet of Things
 
DISA Enterprise Storage Services Contract White Paper
DISA Enterprise Storage Services Contract White PaperDISA Enterprise Storage Services Contract White Paper
DISA Enterprise Storage Services Contract White Paper
 
2007 Writing Presentation given as guest lecturer, George Mason University
2007 Writing Presentation given as guest lecturer, George Mason University2007 Writing Presentation given as guest lecturer, George Mason University
2007 Writing Presentation given as guest lecturer, George Mason University
 
Strategy and Strategic Alliances for the New York Times
Strategy and Strategic Alliances for the New York TimesStrategy and Strategic Alliances for the New York Times
Strategy and Strategic Alliances for the New York Times
 

Recently uploaded

E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies
E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian CompaniesE-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies
E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies
Quickdice ERP
 
Atelier - Innover avec l’IA Générative et les graphes de connaissances
Atelier - Innover avec l’IA Générative et les graphes de connaissancesAtelier - Innover avec l’IA Générative et les graphes de connaissances
Atelier - Innover avec l’IA Générative et les graphes de connaissances
Neo4j
 
Microservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we workMicroservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we work
Sven Peters
 
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit ParisNeo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j
 
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of CodeA Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
Aftab Hussain
 
LORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptx
LORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptxLORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptx
LORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptx
lorraineandreiamcidl
 
Using Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query PerformanceUsing Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query Performance
Grant Fritchey
 
Artificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension FunctionsArtificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension Functions
Octavian Nadolu
 
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
mz5nrf0n
 
Energy consumption of Database Management - Florina Jonuzi
Energy consumption of Database Management - Florina JonuziEnergy consumption of Database Management - Florina Jonuzi
Energy consumption of Database Management - Florina Jonuzi
Green Software Development
 
AI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI App
AI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI AppAI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI App
AI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI App
Google
 
SMS API Integration in Saudi Arabia| Best SMS API Service
SMS API Integration in Saudi Arabia| Best SMS API ServiceSMS API Integration in Saudi Arabia| Best SMS API Service
SMS API Integration in Saudi Arabia| Best SMS API Service
Yara Milbes
 
What is Augmented Reality Image Tracking
What is Augmented Reality Image TrackingWhat is Augmented Reality Image Tracking
What is Augmented Reality Image Tracking
pavan998932
 
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdfAutomated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
timtebeek1
 
Fundamentals of Programming and Language Processors
Fundamentals of Programming and Language ProcessorsFundamentals of Programming and Language Processors
Fundamentals of Programming and Language Processors
Rakesh Kumar R
 
2024 eCommerceDays Toulouse - Sylius 2.0.pdf
2024 eCommerceDays Toulouse - Sylius 2.0.pdf2024 eCommerceDays Toulouse - Sylius 2.0.pdf
2024 eCommerceDays Toulouse - Sylius 2.0.pdf
Łukasz Chruściel
 
8 Best Automated Android App Testing Tool and Framework in 2024.pdf
8 Best Automated Android App Testing Tool and Framework in 2024.pdf8 Best Automated Android App Testing Tool and Framework in 2024.pdf
8 Best Automated Android App Testing Tool and Framework in 2024.pdf
kalichargn70th171
 
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise EditionWhy Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
Envertis Software Solutions
 
UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
UI5con 2024 - Boost Your Development Experience with UI5 Tooling ExtensionsUI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
Peter Muessig
 
Graspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code AnalysisGraspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code Analysis
Aftab Hussain
 

Recently uploaded (20)

E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies
E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian CompaniesE-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies
E-Invoicing Implementation: A Step-by-Step Guide for Saudi Arabian Companies
 
Atelier - Innover avec l’IA Générative et les graphes de connaissances
Atelier - Innover avec l’IA Générative et les graphes de connaissancesAtelier - Innover avec l’IA Générative et les graphes de connaissances
Atelier - Innover avec l’IA Générative et les graphes de connaissances
 
Microservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we workMicroservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we work
 
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit ParisNeo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
 
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of CodeA Study of Variable-Role-based Feature Enrichment in Neural Models of Code
A Study of Variable-Role-based Feature Enrichment in Neural Models of Code
 
LORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptx
LORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptxLORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptx
LORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptx
 
Using Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query PerformanceUsing Query Store in Azure PostgreSQL to Understand Query Performance
Using Query Store in Azure PostgreSQL to Understand Query Performance
 
Artificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension FunctionsArtificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension Functions
 
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
 
Energy consumption of Database Management - Florina Jonuzi
Energy consumption of Database Management - Florina JonuziEnergy consumption of Database Management - Florina Jonuzi
Energy consumption of Database Management - Florina Jonuzi
 
AI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI App
AI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI AppAI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI App
AI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI App
 
SMS API Integration in Saudi Arabia| Best SMS API Service
SMS API Integration in Saudi Arabia| Best SMS API ServiceSMS API Integration in Saudi Arabia| Best SMS API Service
SMS API Integration in Saudi Arabia| Best SMS API Service
 
What is Augmented Reality Image Tracking
What is Augmented Reality Image TrackingWhat is Augmented Reality Image Tracking
What is Augmented Reality Image Tracking
 
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdfAutomated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
 
Fundamentals of Programming and Language Processors
Fundamentals of Programming and Language ProcessorsFundamentals of Programming and Language Processors
Fundamentals of Programming and Language Processors
 
2024 eCommerceDays Toulouse - Sylius 2.0.pdf
2024 eCommerceDays Toulouse - Sylius 2.0.pdf2024 eCommerceDays Toulouse - Sylius 2.0.pdf
2024 eCommerceDays Toulouse - Sylius 2.0.pdf
 
8 Best Automated Android App Testing Tool and Framework in 2024.pdf
8 Best Automated Android App Testing Tool and Framework in 2024.pdf8 Best Automated Android App Testing Tool and Framework in 2024.pdf
8 Best Automated Android App Testing Tool and Framework in 2024.pdf
 
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise EditionWhy Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
Why Choose Odoo 17 Community & How it differs from Odoo 17 Enterprise Edition
 
UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
UI5con 2024 - Boost Your Development Experience with UI5 Tooling ExtensionsUI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
 
Graspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code AnalysisGraspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code Analysis
 

Acuent Security

  • 1. Proprietary and Confidential Security Presentation Presented by: Stephen Bates Jeffrey Gehl Larry Hymson Jeremy Gulban May 23, 2001 www.acuent.com
  • 2. Proprietary and Confidential q Introduction q Network Security q PeopleSoft Security Agenda www.acuent.com
  • 3. Proprietary and Confidential About Acuent ♦  18 Year History - founded in 1983 ♦  9 Year Partnership with PeopleSoft ♦  One of PeopleSoft’s Original Partners ♦  Largest Privately Held PeopleSoft House in the US ♦  Over 350+ PeopleSoft implementations ♦  400+ employees ♦  Core Skills –  PeopleSoft –  Business Process Improvement / Change Management –  Integration and Application Middleware –  J2EE/DNA Platforms (Certified MCSD, Certified Java Specialists) –  Security Strength & Experience
  • 4. Proprietary and Confidential Irvine, CA Parsippany, NJ Atlanta, GA Chicago, IL Vienna, VA Seattle, WA Headquarters Existing Offices Planned for 2001 www.acuent.com Nationwide Offices
  • 5. Proprietary and Confidential External Content e-Enabling the Enterprise Acuent offers a full roster of services that help enable enterprise-wide Internet, Intranet and, Extranet initiatives Employees Customers Suppliers Marketplaces Organization ERP Content Repository B2BX B2B B2C B2E www.acuent.com
  • 6. Proprietary and Confidential e*Markets Commercial e*Business Enterprise Application Solutions e*Engineering www.acuent.com Acuent Lines of Business
  • 7. Management Consulting Technology Assessment Services Change Management Strategy Development Services Performance Management www.acuent.com e*Engineering
  • 8. Proprietary and Confidential Technology Assessment Services Transformation Management Business Integration Management e*Security Infrastructure & Database Development Services Custom & Packaged Application Development Portal Solutions e*Commerce Solutions e*Strategy Services Front-end Design Services www.acuent.com Commercial e*Business
  • 9. Proprietary and Confidential Technology Assessment Services Transformation Services Business Improvement Services Post Production Support Training Upgrades Software Implementations Infrastructure & Database Development Services www.acuent.com Enterprise Application Solutions
  • 11. Proprietary and Confidential Business Services Financial Services Utilities Health Care Public Sector GE Capital Manufacturing The MacManus Group www.acuent.com Commitment to Client Satisfaction
  • 12. Proprietary and Confidential Our People Adaptability Integrity Innovation Our Customers Strategies Our Culture Acuent Partnerships Solutions Versatility www.acuent.com
  • 13. Proprietary and Confidential q  Why security? è Market Trends è Demand è Solving the business problems q  Security Objectives q  Vulnerability Assessments q  Developing a security policy q  Resources Security Outline: what we’re going to talk about today
  • 14. Proprietary and Confidential q  Firewalls q  Intrusion Detection Systems q  Anti-Virus efforts q  Browser Vulnerabilities q  Demilitarized Zones q  Virtual Private Networks q  Public Key Infrastructures & Vendor implementations è  Certificate Authorities è  Certificate Revocation Lists è  Secure Messaging via S/MIME and/or PGP q  Security Routers & Access Control Lists q  Unix or Microsoft System Vulnerabilities q  IPSec q  Extensive Auditing Procedures q  Security of Storage, Backup & Recovery What we’re NOT going to talk about today
  • 15. Proprietary and Confidential Security is a process, not a product. Traditional computer security has relied heavily on firewalls, intrusion detection systems, and other prevention products. All can be valuable components to a security process, but they are also very fragile. They can be exploited, disabled, or simply circumvented. BLUF: Bottom Line Up Front on Security
  • 16. Proprietary and Confidential q  Small and medium business finding Internet connectivity critical q  Enterprises need to upgrade existing router-based infrastructure in enterprises to enhance security q  ISPs providing secure managed solutions, and protecting their own network q  All businesses recognizing need to build intranets and extranets Market Trends
  • 17. Proprietary and Confidential q  Permit corporate connectivity with the Internet q  Leverage the Internet and protect corporate resources q  Create internal network perimeters q  Enable secure communications with business partners q  Provide high-speed policy enforcement Trusted Network Untrusted Network (Partner) Untrusted Network II (Internet) Driving Demand for Security
  • 18. Proprietary and Confidential Internet Business Need Security Complexity Internet Access VPN and Extranets Internet Presence Networked Commerce OK, so what’s the business problem?
  • 19. Proprietary and Confidential q  Applications è World Wide Web and e-mail access q  Security issues è Protection of internal resources from outsiders è Limiting external privileges of internal users è Visibility of internal network addresses è Auditing usage and possible attacks Internet Enable Internet Access
  • 20. Proprietary and Confidential q  Additional applications è E-mail server managed locally è Web server provides presence q  Additional security issues è Protection of public resources è Separation of public and internal networks E-Mail WWW Internet Enable Internet Presence
  • 21. Proprietary and Confidential q  Additional applications è Electronic commerce with controlled access to business systems for ordering, etc. q  Additional security issues è Secure gateway-internal communication è Client-commerce gateway data privacy è Strong application authentication of client Commerce Gateways Internal Business Systems Internet Enable Networked Commerce
  • 22. Proprietary and Confidential Mobile/Home Users q  Additional applications è Private connections over public network è Virtual Private Network (VPN) q  Additional security issues è Encryption between remote users/sites and HQ è Strong network authentication of client HQ Remote Site Extranet Partner Internet Enable VPN and Extranets
  • 23. Proprietary and Confidential q Assets è What information assets do you have? è Rank assets based on criticality q Vulnerabilities è Weakness or flaw that enables a threat to attack an information system q Threats è An entity capable of causing harm to an information systems (Hackers, Insiders, Natural Disasters, etc.) q Risk è The likelihood that a threat can exploit a vulnerability to attack a system q Countermeasures è Mechanisms to minimize the risk to information assets è Can be technical or non-technical in nature “Security” Concerns
  • 24. Proprietary and Confidential Impact: Costs of a Root Compromise q  Tangibles è Admin time - rebuild, restore, reconfigure è End users - Downtime/service unavailable, lost time due to new passwords, etc. è Management - Decision making/approval process, legal, etc. q  Intangibles è Customer Faith / Trust è The “Blame Game”
  • 25. Proprietary and Confidential Transparent Access Security Authentication Authorization Auditing Nonrepudiation Confidentiality Data Integrity Policy Management Connectivity Performance Ease of Use Manageability Availability Security Objective: Balance Business Needs with Risks
  • 26. Proprietary and Confidential Vulnerability Assessment Benefits q Identify all applicable vulnerabilities q Proper configuration of system components q Educate users, IT staff, and management on threats è internal è external q Current technical solutions to threat access routes q Network security trends analysis q Assist in security risk management planning q Assist in developing a workable, viable security policy UNIVERSAL PASSPORT Kjkjkjdgdk kjdkjfdkI kdfjkdj IkejkejKkdkd fdKKjkdjd KjkdjfkdKjkd Kjdkfjkdj Kjdk USA ************************ ************************ Kdkfldkaloee kjfkjajjakjkjkjkajkjfiejijgkd kdjfkdkdkdkddfkdjfkdjkdkd kfjdkkdjkfd kfjdkfjdkjkdjkdjkaj kjfdkjfkdjkfjkjajjajdjfla kjdfkjeiieie fkeieooei UNIVERSAL PASSPORT
  • 27. Proprietary and Confidential What Is a “Security Policy”? “A security policy is a formal statement of the rules by which people who are given access to an organization's technology and information assets must abide.” Source: RFC 2196, Site Security Handbook draft
  • 28. Proprietary and Confidential UNIVERSAL PASSPORT Kjkjkjdgdk kjdkjfdkI kdfjkdj IkejkejKkdkd fdKKjkdjd KjkdjfkdKjkd Kjdkfjkdj Kjdk USA ************************ ************************ Kdkfldkaloee kjfkjajjakjkjkjkajkjfiejijgkd kdjfkdkdkdkddfkdjfkdjkdkd kfjdkkdjkfd kfjdkfjdkjkdjkdjkaj kjfdkjfkdjkfjkjajjajdjfla kjdfkjeiieie fkeieooei First Steps in Designing a Security Policy q Who are our users? q What information needs to be protected? q What are their privileges? q Where is our information?
  • 29. Proprietary and Confidential Policy Management Restrictive ClosedOpen Designing and implementing appropriate Security Policy q Open security policy è Permit everything that is not expressly denied q Restrictive security policy è Combination of specific permissions/specific restrictions q Closed security policy è That which is not expressly permitted is denied
  • 30. Proprietary and Confidential q  Process and Progress, not perfection overnight! q  Form a core group of advocates with shared views q  Target management and leaders most likely to be influential in creating a positive security culture q  Use case studies and actual events to make your points q  Develop a written policy and publish it q  Get management buy-in for your policies beforehand q  Use a positive approach: focus on opportunities for improvement, not reduction of failure q  Recognize & reward positive behavior Improving Security Education See Network World Security Newsletter at: http://www.nwfusion.com/newsletters/sec/0424sec2.html
  • 31. Proprietary and Confidential q  RFCs: http://www.ietf.org/rfc.html è 1173: Responsibilities of Host and Net Managers è 2350 - Expectations for Computer Security Incident Response è 2196 - Site Security Handbook è 2504 - Users' Security Handbook q  Vendors è Configuration and patches/hotfixes è Anti-Virus Updates q  Crypto-Gram: http://www.counterpane.com/crypto-gram.html q  System Administrator and Network Security Institute (SANS): http://www.sans.org è Worst Mistakes committed by Executives, End Users, and IT Personnel è Top Ten System and Software Vulnerabilities q  Computer Incident Advisory Capability (CIAC): http://ciac.llnl.gov q  CERT Coordination Center (CERT/CC): http://www.cert.org q  Forum of Incident Response and Security Teams (FIRST): http://www.first.org Security Resources & Best Practices