SlideShare a Scribd company logo

Best & Worst of Cybersecurity

Download as PPTX, PDF
David Amrani
David Amrani

Let's see what is cybersecurity, why it matters, how it works and what hackers do on their free time and also how corporations are managing their cybersecurity teams.

Technology
1 of 27
BEST & WORST OF CYBERSECURITY DAVID AMRANI HERNANDEZ | @davidmoremad
TOPICS 1. Basics 2. Fun 3. Agile
1. Basics
F.A.Q. What is cybersecurity? Why cybersecurity matters? Most important thing about Cybersecurity? How to learn about Cybersecurity?
HOMES HAVE INTERNET ACCESS …in Europe on 2019. Any guess about 2021? 90 % USEFUL STATISTICS The average cost of a malware attack on a company is $2.6 million. The average cost in time of a malware attack is 50 days 80% of data breaches can be prevented with basic actions Hackers attack every 39 seconds, on average 2,244 times a day COMPANIES NEED INTERNET ACCESS …to continue their core business 84 %
TYPES OF HACKERS TEAMS OF HACKERS Black Hat Criminals. Attacks corps for personal purposes Grey Hat Hack corps to get hired or mentioned. White Hat Find vulns. and let the corps know about that. Red Team Run attacks against you to find your weakness. AS INDIVIDUALS AS WORKERS Purple Team Procedures and controls. Work between red and blue team Blue Team Defense role mitigating risks. Analysis, hardening & monitoring
2. Fun
HACKING IS A GAME HACKING A CORP. TO GET YOUR MONEY BACK WEB HACKING HACKING ALL TRANSPORT NETWORKS IN SPAIN RED TEAM DENIAL OF WALLET: MAKE A CORPORATION LOSE MONEY CLOUD SECURITY HOW I GOT 65K FOLLOWERS IN ONE DAY SOCIAL NETWORKS WHEN MALWARE MEETS THE INTERNET RANSOMWARE
HOW I GOT 65K FOLLOWERS IN ONE DAY
HACKING IS A GAME HACKING A CORP. TO GET YOUR MONEY BACK WEB HACKING HACKING ALL TRANSPORT NETWORKS IN SPAIN RED TEAM DENIAL OF WALLET: MAKE A CORPORATION LOSE MONEY CLOUD SECURITY HOW I GOT 65K FOLLOWERS IN ONE DAY SOCIAL NETWORKS WHEN MALWARE MEETS THE INTERNET RANSOMWARE
DENIAL OF WALLET: MAKE A CORPORATION LOSE MONEY
HACKING IS A GAME HACKING A CORP. TO GET YOUR MONEY BACK WEB HACKING HACKING ALL TRANSPORT NETWORKS IN SPAIN RED TEAM DENIAL OF WALLET: MAKE A CORPORATION LOSE MONEY CLOUD SECURITY HOW I GOT 65K FOLLOWERS IN ONE DAY SOCIAL NETWORKS WHEN MALWARE MEETS THE INTERNET RANSOMWARE
WHEN MALWARE MEETS THE INTERNET + =
HACKING IS A GAME HACKING A CORP. TO GET YOUR MONEY BACK WEB HACKING HACKING ALL TRANSPORT NETWORKS IN SPAIN RED TEAM DENIAL OF WALLET: MAKE A CORPORATION LOSE MONEY CLOUD SECURITY HOW I GOT 65K FOLLOWERS IN ONE DAY SOCIAL NETWORKS WHEN MALWARE MEETS THE INTERNET RANSOMWARE
HACKING ALL TRANSPORT NETWORKS IN SPAIN
HACKING IS A GAME HACKING A CORP. TO GET YOUR MONEY BACK WEB HACKING HACKING ALL TRANSPORT NETWORKS IN SPAIN RED TEAM DENIAL OF WALLET: MAKE A CORPORATION LOSE MONEY CLOUD SECURITY HOW I GOT 65K FOLLOWERS IN ONE DAY SOCIAL NETWORKS WHEN MALWARE MEETS THE INTERNET RANSOMWARE
HACKING A CORP. TO GET YOUR MONEY BACK
3. Approach
What’s SecDevOps? Philosophy that aims to improve productivity in the development of technological services and products. To this end, it involves the development, operations and security teams in a single process.
DEV QA OPS DEVOPS It’s good It’s scalable It’s automated OPS DEV SEC QA SECDEVOPS
2 h 11 s 30 m
SEC TEST OPERATE SEC TEST DEPLOY SEC TEST BUILD SEC TEST CODE FEEDBACK FEEDBACK SECDEVOPS | AGILE CHALLENGE
Hardening ofoursystemsandinfra Anchore/IriusRisk/Bastille CODESEC INFRASEC Planification ofsecuritycontrolsbasedon new funciontalityonRoadmap Development ofacceptanceande2esecuritytests BDD Security/ Toolium Integration ofdifferentautomatedsecurity tests&services Kiuwan/Faast/RetireJS Security Audit ofthisfinalrelease Burp/Faast/Nessus Activemonitoring ofourinfraand services. Dome9/ Logs/Icinga/WAF Support tohavesafedeployments Vault/Terraform Checking abouthowsecureisourfinal infra Dome9/ Inspector/ Sentinel Verification aboutsecurityofourproducto onproduction Burp/Faast/Nessus
Análisis decalidad y seguridad decódigo Análisis dedependencias con vulnerabilidades conocidas Detección deamenazas y patrones sospechosos en aplicaciones móviles Frameworkdepruebas de seguridad medianteeluso de lenguaje natural Identificación deactivos y detección deamenazas Análisis deriesgos y definición de la postura deseguridad Controldeacceso asecretosy datos confidenciales Análisis delos estándaresde seguridad yvulnerabilidades en Docker Evaluación devulnerabilidades, activos expuestosydesviaciones de la postura adoptada Evaluación delcumplimiento delas reglas deseguridad definidas enla postura Detección continua deamenazas de seguridad
😈 Bonus
Hackers, the worst tourists…
Thank you DAVID AMRANI HERNANDEZ | @davidmoremad

Recommended

The truth behind cyber attacks
The truth behind cyber attacks The truth behind cyber attacks
The truth behind cyber attacks
Icomm Technologies
 
DevSecCon London 2019: Are Open Source Developers Security’s New Front Line?
DevSecCon London 2019: Are Open Source Developers Security’s New Front Line?DevSecCon London 2019: Are Open Source Developers Security’s New Front Line?
DevSecCon London 2019: Are Open Source Developers Security’s New Front Line?
DevSecCon
 
Gramny - Connecting SHG's with Corporates
Gramny - Connecting SHG's with CorporatesGramny - Connecting SHG's with Corporates
Gramny - Connecting SHG's with Corporates
TVS Next
 
IoT in Asia: The Calm Before the Storm / Keynote @ IoT World 2018
IoT in Asia: The Calm Before the Storm / Keynote @ IoT World 2018IoT in Asia: The Calm Before the Storm / Keynote @ IoT World 2018
IoT in Asia: The Calm Before the Storm / Keynote @ IoT World 2018
Charles Reed Anderson
 
Are You a Hacker's Target?
Are You a Hacker's Target?Are You a Hacker's Target?
Are You a Hacker's Target?
Blue Coat
 
Education is the Key to Fighting Cyber Crime
Education is the Key to Fighting Cyber CrimeEducation is the Key to Fighting Cyber Crime
Education is the Key to Fighting Cyber Crime
Blue Coat
 
Security in e-commerce
Security in e-commerceSecurity in e-commerce
Security in e-commerce
SensePost
 
ihegc012
ihegc012ihegc012
ihegc012
Maksym Schipka
 

Recommended

The truth behind cyber attacks
The truth behind cyber attacks The truth behind cyber attacks
The truth behind cyber attacks
Icomm Technologies
 
DevSecCon London 2019: Are Open Source Developers Security’s New Front Line?
DevSecCon London 2019: Are Open Source Developers Security’s New Front Line?DevSecCon London 2019: Are Open Source Developers Security’s New Front Line?
DevSecCon London 2019: Are Open Source Developers Security’s New Front Line?
DevSecCon
 
Gramny - Connecting SHG's with Corporates
Gramny - Connecting SHG's with CorporatesGramny - Connecting SHG's with Corporates
Gramny - Connecting SHG's with Corporates
TVS Next
 
IoT in Asia: The Calm Before the Storm / Keynote @ IoT World 2018
IoT in Asia: The Calm Before the Storm / Keynote @ IoT World 2018IoT in Asia: The Calm Before the Storm / Keynote @ IoT World 2018
IoT in Asia: The Calm Before the Storm / Keynote @ IoT World 2018
Charles Reed Anderson
 
Are You a Hacker's Target?
Are You a Hacker's Target?Are You a Hacker's Target?
Are You a Hacker's Target?
Blue Coat
 
Education is the Key to Fighting Cyber Crime
Education is the Key to Fighting Cyber CrimeEducation is the Key to Fighting Cyber Crime
Education is the Key to Fighting Cyber Crime
Blue Coat
 
Security in e-commerce
Security in e-commerceSecurity in e-commerce
Security in e-commerce
SensePost
 
ihegc012
ihegc012ihegc012
ihegc012
Maksym Schipka
 
CSF18 - Guarding Against the Unknown - Rafael Narezzi
CSF18 - Guarding Against the Unknown - Rafael NarezziCSF18 - Guarding Against the Unknown - Rafael Narezzi
CSF18 - Guarding Against the Unknown - Rafael Narezzi
NCCOMMS
 
Online passwords – understanding "credential stuffing" cyberattack
Online passwords – understanding "credential stuffing" cyberattackOnline passwords – understanding "credential stuffing" cyberattack
Online passwords – understanding "credential stuffing" cyberattack
OVHcloud
 
Year of pawnage - Ian trump
Year of pawnage - Ian trumpYear of pawnage - Ian trump
Year of pawnage - Ian trump
MAXfocus
 
Clear and present danger: Cyber Threats and Trends 2017
Clear and present danger: Cyber Threats and Trends 2017Clear and present danger: Cyber Threats and Trends 2017
Clear and present danger: Cyber Threats and Trends 2017
Morakinyo Animasaun
 
Ransomware all locked up book
Ransomware all locked up bookRansomware all locked up book
Ransomware all locked up book
Diego Souza
 
What is Ransomware?
What is Ransomware?What is Ransomware?
What is Ransomware?
Datto
 
12 Top Talks from BSides San Francisco 2016
12 Top Talks from BSides San Francisco 201612 Top Talks from BSides San Francisco 2016
12 Top Talks from BSides San Francisco 2016
Tripwire
 
What is ransomware?
What is ransomware?What is ransomware?
What is ransomware?
Francisco Diaz III
 
CyberDen 2020
CyberDen 2020CyberDen 2020
CyberDen 2020
Fahad Al-Hasan
 
2010q1 Threats Report
2010q1 Threats Report2010q1 Threats Report
2010q1 Threats Report
McafeeCareers
 
Hacking
HackingHacking
Hacking
mubeenm50
 
The 2018 Hacker Report: Insights on the hacker mindset, who they are, and the...
The 2018 Hacker Report: Insights on the hacker mindset, who they are, and the...The 2018 Hacker Report: Insights on the hacker mindset, who they are, and the...
The 2018 Hacker Report: Insights on the hacker mindset, who they are, and the...
HackerOne
 
Business of Hacking
Business of HackingBusiness of Hacking
Business of Hacking
Daniel Ross
 
The Business of Hacking - Business innovation meets the business of hacking
The Business of Hacking - Business innovation meets the business of hackingThe Business of Hacking - Business innovation meets the business of hacking
The Business of Hacking - Business innovation meets the business of hacking
at MicroFocus Italy ❖✔
 
What is Ransomware? A Quick Guide
What is Ransomware? A Quick GuideWhat is Ransomware? A Quick Guide
What is Ransomware? A Quick Guide
Sarah Roberts
 
Current Trends in Cyber Crime 2015
Current Trends in Cyber Crime 2015Current Trends in Cyber Crime 2015
Current Trends in Cyber Crime 2015
Cybernetic Global Intelligence
 
Panda Adaptive Defense 360 - Cyber Extortion Guide
Panda Adaptive Defense 360 - Cyber Extortion GuidePanda Adaptive Defense 360 - Cyber Extortion Guide
Panda Adaptive Defense 360 - Cyber Extortion Guide
Panda Security
 
Cyber Fraud and Risk Management By Bolaji Bankole
Cyber Fraud and Risk Management By Bolaji BankoleCyber Fraud and Risk Management By Bolaji Bankole
Cyber Fraud and Risk Management By Bolaji Bankole
Bolaji James Bankole CCSS,CEH,MCSA,MCSE,MCP,CCNA,
 
Cyber crime
Cyber crime Cyber crime
Cyber crime
Jayant Raj
 
cyber security.pptx
cyber security.pptxcyber security.pptx
cyber security.pptx
AnjaliThakur107042
 
Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 
WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation TechniquesWeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
Postman
 

More Related Content

Similar to Best & Worst of Cybersecurity

CSF18 - Guarding Against the Unknown - Rafael Narezzi
CSF18 - Guarding Against the Unknown - Rafael NarezziCSF18 - Guarding Against the Unknown - Rafael Narezzi
CSF18 - Guarding Against the Unknown - Rafael Narezzi
NCCOMMS
 
Online passwords – understanding "credential stuffing" cyberattack
Online passwords – understanding "credential stuffing" cyberattackOnline passwords – understanding "credential stuffing" cyberattack
Online passwords – understanding "credential stuffing" cyberattack
OVHcloud
 
Year of pawnage - Ian trump
Year of pawnage - Ian trumpYear of pawnage - Ian trump
Year of pawnage - Ian trump
MAXfocus
 
Clear and present danger: Cyber Threats and Trends 2017
Clear and present danger: Cyber Threats and Trends 2017Clear and present danger: Cyber Threats and Trends 2017
Clear and present danger: Cyber Threats and Trends 2017
Morakinyo Animasaun
 
Ransomware all locked up book
Ransomware all locked up bookRansomware all locked up book
Ransomware all locked up book
Diego Souza
 
What is Ransomware?
What is Ransomware?What is Ransomware?
What is Ransomware?
Datto
 
12 Top Talks from BSides San Francisco 2016
12 Top Talks from BSides San Francisco 201612 Top Talks from BSides San Francisco 2016
12 Top Talks from BSides San Francisco 2016
Tripwire
 
What is ransomware?
What is ransomware?What is ransomware?
What is ransomware?
Francisco Diaz III
 
CyberDen 2020
CyberDen 2020CyberDen 2020
CyberDen 2020
Fahad Al-Hasan
 
2010q1 Threats Report
2010q1 Threats Report2010q1 Threats Report
2010q1 Threats Report
McafeeCareers
 
Hacking
HackingHacking
Hacking
mubeenm50
 
The 2018 Hacker Report: Insights on the hacker mindset, who they are, and the...
The 2018 Hacker Report: Insights on the hacker mindset, who they are, and the...The 2018 Hacker Report: Insights on the hacker mindset, who they are, and the...
The 2018 Hacker Report: Insights on the hacker mindset, who they are, and the...
HackerOne
 
Business of Hacking
Business of HackingBusiness of Hacking
Business of Hacking
Daniel Ross
 
The Business of Hacking - Business innovation meets the business of hacking
The Business of Hacking - Business innovation meets the business of hackingThe Business of Hacking - Business innovation meets the business of hacking
The Business of Hacking - Business innovation meets the business of hacking
at MicroFocus Italy ❖✔
 
What is Ransomware? A Quick Guide
What is Ransomware? A Quick GuideWhat is Ransomware? A Quick Guide
What is Ransomware? A Quick Guide
Sarah Roberts
 
Current Trends in Cyber Crime 2015
Current Trends in Cyber Crime 2015Current Trends in Cyber Crime 2015
Current Trends in Cyber Crime 2015
Cybernetic Global Intelligence
 
Panda Adaptive Defense 360 - Cyber Extortion Guide
Panda Adaptive Defense 360 - Cyber Extortion GuidePanda Adaptive Defense 360 - Cyber Extortion Guide
Panda Adaptive Defense 360 - Cyber Extortion Guide
Panda Security
 
Cyber Fraud and Risk Management By Bolaji Bankole
Cyber Fraud and Risk Management By Bolaji BankoleCyber Fraud and Risk Management By Bolaji Bankole
Cyber Fraud and Risk Management By Bolaji Bankole
Bolaji James Bankole CCSS,CEH,MCSA,MCSE,MCP,CCNA,
 
Cyber crime
Cyber crime Cyber crime
Cyber crime
Jayant Raj
 
cyber security.pptx
cyber security.pptxcyber security.pptx
cyber security.pptx
AnjaliThakur107042
 

Similar to Best & Worst of Cybersecurity (20)

CSF18 - Guarding Against the Unknown - Rafael Narezzi
CSF18 - Guarding Against the Unknown - Rafael NarezziCSF18 - Guarding Against the Unknown - Rafael Narezzi
CSF18 - Guarding Against the Unknown - Rafael Narezzi
 
Online passwords – understanding "credential stuffing" cyberattack
Online passwords – understanding "credential stuffing" cyberattackOnline passwords – understanding "credential stuffing" cyberattack
Online passwords – understanding "credential stuffing" cyberattack
 
Year of pawnage - Ian trump
Year of pawnage - Ian trumpYear of pawnage - Ian trump
Year of pawnage - Ian trump
 
Clear and present danger: Cyber Threats and Trends 2017
Clear and present danger: Cyber Threats and Trends 2017Clear and present danger: Cyber Threats and Trends 2017
Clear and present danger: Cyber Threats and Trends 2017
 
Ransomware all locked up book
Ransomware all locked up bookRansomware all locked up book
Ransomware all locked up book
 
What is Ransomware?
What is Ransomware?What is Ransomware?
What is Ransomware?
 
12 Top Talks from BSides San Francisco 2016
12 Top Talks from BSides San Francisco 201612 Top Talks from BSides San Francisco 2016
12 Top Talks from BSides San Francisco 2016
 
What is ransomware?
What is ransomware?What is ransomware?
What is ransomware?
 
CyberDen 2020
CyberDen 2020CyberDen 2020
CyberDen 2020
 
2010q1 Threats Report
2010q1 Threats Report2010q1 Threats Report
2010q1 Threats Report
 
Hacking
HackingHacking
Hacking
 
The 2018 Hacker Report: Insights on the hacker mindset, who they are, and the...
The 2018 Hacker Report: Insights on the hacker mindset, who they are, and the...The 2018 Hacker Report: Insights on the hacker mindset, who they are, and the...
The 2018 Hacker Report: Insights on the hacker mindset, who they are, and the...
 
Business of Hacking
Business of HackingBusiness of Hacking
Business of Hacking
 
The Business of Hacking - Business innovation meets the business of hacking
The Business of Hacking - Business innovation meets the business of hackingThe Business of Hacking - Business innovation meets the business of hacking
The Business of Hacking - Business innovation meets the business of hacking
 
What is Ransomware? A Quick Guide
What is Ransomware? A Quick GuideWhat is Ransomware? A Quick Guide
What is Ransomware? A Quick Guide
 
Current Trends in Cyber Crime 2015
Current Trends in Cyber Crime 2015Current Trends in Cyber Crime 2015
Current Trends in Cyber Crime 2015
 
Panda Adaptive Defense 360 - Cyber Extortion Guide
Panda Adaptive Defense 360 - Cyber Extortion GuidePanda Adaptive Defense 360 - Cyber Extortion Guide
Panda Adaptive Defense 360 - Cyber Extortion Guide
 
Cyber Fraud and Risk Management By Bolaji Bankole
Cyber Fraud and Risk Management By Bolaji BankoleCyber Fraud and Risk Management By Bolaji Bankole
Cyber Fraud and Risk Management By Bolaji Bankole
 
Cyber crime
Cyber crime Cyber crime
Cyber crime
 
cyber security.pptx
cyber security.pptxcyber security.pptx
cyber security.pptx
 

Recently uploaded

Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
ssuserfac0301
 
WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation TechniquesWeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
Postman
 
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStrDeep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
saastr
 
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxOcean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
SitimaJohn
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
saastr
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
Zilliz
 
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdfNunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
flufftailshop
 
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
saastr
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
Jason Packer
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
AWS Cloud Cost Optimization Presentation.pptx
AWS Cloud Cost Optimization Presentation.pptxAWS Cloud Cost Optimization Presentation.pptx
AWS Cloud Cost Optimization Presentation.pptx
HarisZaheer8
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
innovationoecd
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
Zilliz
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Wask
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
Zilliz
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
shyamraj55
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
Tatiana Kojar
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
Ivanti
 
Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!
GDSC PJATK
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
DanBrown980551
 

Recently uploaded (20)

Taking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdfTaking AI to the Next Level in Manufacturing.pdf
Taking AI to the Next Level in Manufacturing.pdf
 
WeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation TechniquesWeTestAthens: Postman's AI & Automation Techniques
WeTestAthens: Postman's AI & Automation Techniques
 
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStrDeep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
Deep Dive: Getting Funded with Jason Jason Lemkin Founder & CEO @ SaaStr
 
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptxOcean lotus Threat actors project by John Sitima 2024 (1).pptx
Ocean lotus Threat actors project by John Sitima 2024 (1).pptx
 
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
Overcoming the PLG Trap: Lessons from Canva's Head of Sales & Head of EMEA Da...
 
Building Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and MilvusBuilding Production Ready Search Pipelines with Spark and Milvus
Building Production Ready Search Pipelines with Spark and Milvus
 
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdfNunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
Nunit vs XUnit vs MSTest Differences Between These Unit Testing Frameworks.pdf
 
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
Deep Dive: AI-Powered Marketing to Get More Leads and Customers with HyperGro...
 
Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024Columbus Data & Analytics Wednesdays - June 2024
Columbus Data & Analytics Wednesdays - June 2024
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
AWS Cloud Cost Optimization Presentation.pptx
AWS Cloud Cost Optimization Presentation.pptxAWS Cloud Cost Optimization Presentation.pptx
AWS Cloud Cost Optimization Presentation.pptx
 
Presentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of GermanyPresentation of the OECD Artificial Intelligence Review of Germany
Presentation of the OECD Artificial Intelligence Review of Germany
 
Fueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte WebinarFueling AI with Great Data with Airbyte Webinar
Fueling AI with Great Data with Airbyte Webinar
 
Digital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying AheadDigital Marketing Trends in 2024 | Guide for Staying Ahead
Digital Marketing Trends in 2024 | Guide for Staying Ahead
 
Programming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup SlidesProgramming Foundation Models with DSPy - Meetup Slides
Programming Foundation Models with DSPy - Meetup Slides
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
 
Skybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoptionSkybuffer SAM4U tool for SAP license adoption
Skybuffer SAM4U tool for SAP license adoption
 
June Patch Tuesday
June Patch TuesdayJune Patch Tuesday
June Patch Tuesday
 
Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!Finale of the Year: Apply for Next One!
Finale of the Year: Apply for Next One!
 
5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides5th LF Energy Power Grid Model Meet-up Slides
5th LF Energy Power Grid Model Meet-up Slides
 

Best & Worst of Cybersecurity

  • 1. BEST & WORST OF CYBERSECURITY DAVID AMRANI HERNANDEZ | @davidmoremad
  • 4. F.A.Q. What is cybersecurity? Why cybersecurity matters? Most important thing about Cybersecurity? How to learn about Cybersecurity?
  • 5. HOMES HAVE INTERNET ACCESS …in Europe on 2019. Any guess about 2021? 90 % USEFUL STATISTICS The average cost of a malware attack on a company is $2.6 million. The average cost in time of a malware attack is 50 days 80% of data breaches can be prevented with basic actions Hackers attack every 39 seconds, on average 2,244 times a day COMPANIES NEED INTERNET ACCESS …to continue their core business 84 %
  • 6. TYPES OF HACKERS TEAMS OF HACKERS Black Hat Criminals. Attacks corps for personal purposes Grey Hat Hack corps to get hired or mentioned. White Hat Find vulns. and let the corps know about that. Red Team Run attacks against you to find your weakness. AS INDIVIDUALS AS WORKERS Purple Team Procedures and controls. Work between red and blue team Blue Team Defense role mitigating risks. Analysis, hardening & monitoring
  • 8. HACKING IS A GAME HACKING A CORP. TO GET YOUR MONEY BACK WEB HACKING HACKING ALL TRANSPORT NETWORKS IN SPAIN RED TEAM DENIAL OF WALLET: MAKE A CORPORATION LOSE MONEY CLOUD SECURITY HOW I GOT 65K FOLLOWERS IN ONE DAY SOCIAL NETWORKS WHEN MALWARE MEETS THE INTERNET RANSOMWARE
  • 9. HOW I GOT 65K FOLLOWERS IN ONE DAY
  • 10. HACKING IS A GAME HACKING A CORP. TO GET YOUR MONEY BACK WEB HACKING HACKING ALL TRANSPORT NETWORKS IN SPAIN RED TEAM DENIAL OF WALLET: MAKE A CORPORATION LOSE MONEY CLOUD SECURITY HOW I GOT 65K FOLLOWERS IN ONE DAY SOCIAL NETWORKS WHEN MALWARE MEETS THE INTERNET RANSOMWARE
  • 11. DENIAL OF WALLET: MAKE A CORPORATION LOSE MONEY
  • 12. HACKING IS A GAME HACKING A CORP. TO GET YOUR MONEY BACK WEB HACKING HACKING ALL TRANSPORT NETWORKS IN SPAIN RED TEAM DENIAL OF WALLET: MAKE A CORPORATION LOSE MONEY CLOUD SECURITY HOW I GOT 65K FOLLOWERS IN ONE DAY SOCIAL NETWORKS WHEN MALWARE MEETS THE INTERNET RANSOMWARE
  • 13. WHEN MALWARE MEETS THE INTERNET + =
  • 14. HACKING IS A GAME HACKING A CORP. TO GET YOUR MONEY BACK WEB HACKING HACKING ALL TRANSPORT NETWORKS IN SPAIN RED TEAM DENIAL OF WALLET: MAKE A CORPORATION LOSE MONEY CLOUD SECURITY HOW I GOT 65K FOLLOWERS IN ONE DAY SOCIAL NETWORKS WHEN MALWARE MEETS THE INTERNET RANSOMWARE
  • 15. HACKING ALL TRANSPORT NETWORKS IN SPAIN
  • 16. HACKING IS A GAME HACKING A CORP. TO GET YOUR MONEY BACK WEB HACKING HACKING ALL TRANSPORT NETWORKS IN SPAIN RED TEAM DENIAL OF WALLET: MAKE A CORPORATION LOSE MONEY CLOUD SECURITY HOW I GOT 65K FOLLOWERS IN ONE DAY SOCIAL NETWORKS WHEN MALWARE MEETS THE INTERNET RANSOMWARE
  • 17. HACKING A CORP. TO GET YOUR MONEY BACK
  • 19. What’s SecDevOps? Philosophy that aims to improve productivity in the development of technological services and products. To this end, it involves the development, operations and security teams in a single process.
  • 20. DEV QA OPS DEVOPS It’s good It’s scalable It’s automated OPS DEV SEC QA SECDEVOPS
  • 23. Hardening ofoursystemsandinfra Anchore/IriusRisk/Bastille CODESEC INFRASEC Planification ofsecuritycontrolsbasedon new funciontalityonRoadmap Development ofacceptanceande2esecuritytests BDD Security/ Toolium Integration ofdifferentautomatedsecurity tests&services Kiuwan/Faast/RetireJS Security Audit ofthisfinalrelease Burp/Faast/Nessus Activemonitoring ofourinfraand services. Dome9/ Logs/Icinga/WAF Support tohavesafedeployments Vault/Terraform Checking abouthowsecureisourfinal infra Dome9/ Inspector/ Sentinel Verification aboutsecurityofourproducto onproduction Burp/Faast/Nessus
  • 24. Análisis decalidad y seguridad decódigo Análisis dedependencias con vulnerabilidades conocidas Detección deamenazas y patrones sospechosos en aplicaciones móviles Frameworkdepruebas de seguridad medianteeluso de lenguaje natural Identificación deactivos y detección deamenazas Análisis deriesgos y definición de la postura deseguridad Controldeacceso asecretosy datos confidenciales Análisis delos estándaresde seguridad yvulnerabilidades en Docker Evaluación devulnerabilidades, activos expuestosydesviaciones de la postura adoptada Evaluación delcumplimiento delas reglas deseguridad definidas enla postura Detección continua deamenazas de seguridad
  • 26. Hackers, the worst tourists…
  • 27. Thank you DAVID AMRANI HERNANDEZ | @davidmoremad