Building Your Application Security Data Hub - OWASP AppSecUSADenim Group
One of the reasons application security is so challenging to address is that it spans multiple teams within an organization. Development teams build software, security testing teams find vulnerabilities, security operations staff manage applications in production and IT audit organizations make sure that the resulting software meets compliance and governance requirements. In addition, each team has a different toolbox they use to meet their goals, ranging from scanning tools, defect trackers, Integrated Development Environments (IDEs), WAFs and GRC systems. Unfortunately, in most organizations the interactions between these teams is often strained and the flow of data between these disparate tools and systems is non-existent or tediously implemented manually.
In today’s presentation, we will demonstrate how leading organizations are breaking down these barriers between teams and better integrating their disparate tools to enable the flow of application security data between silos to accelerate and simplify their remediation efforts. At the same time, we will show how to collect the proper data to measure the performance and illustrate the improvement of the software security program. The challenges that need to be overcome to enable teams and tools to work seamlessly with one another will be enumerated individually. Team and tool interaction patterns will also be outlined that reduce the friction that will arise while addressing application security risks. Using open source products such as OWASP ZAP, ThreadFix, Bugzilla and Eclipse, a significant amount of time will also be spent demonstrating the kinds of interactions that need to be enabled between tools. This will provide attendees with practical examples on how to replicate a powerful, integrated Application Security program within their own organizations. In addition, how to gather program-wide metrics and regularly calculate measurements such as mean-time-to-fix will also be demonstrated to enable attendees to monitor and ensure the continuing health and performance of their Application Security program.
System Security on Cloud
The document discusses system security when using cloud computing. It begins by describing the speaker's current big data system of over 10,000 users across 4 countries with over 1 billion user profiles and data ingested daily. It then discusses how infrastructure has changed from buying hardware to infrastructure as a service. Security has also changed, with cybercrime flourishing using organized groups. The rest of the document provides best practices for cloud security, such as understanding shared responsibilities and knowing your adversaries. It also promotes the services of Alert Logic for protecting cloud workloads and applications.
This presentation was delivered at the 2nd International Conference on Recent Trends in Information Technology and Computer Science in Mumbai. The paper deals with security issues in Cloud Computing, its mitigation and proposes a secure cloud mechanism with an implementation of the single-sign on mechanism on the Ubuntu Enterprise Cloud
This document contains a presentation on cloud security. It discusses how security approaches need to change to adapt to virtualized and cloud environments. Traditional security methods of provisioning separate security for each server need to change to more automated and workload-aware approaches. The presentation discusses how security can be provisioned automatically during resource provisioning. It also discusses how security capabilities can be managed efficiently at scale through continuous monitoring and vulnerability mitigation techniques. The presentation argues that securing data centers and extending their security to public clouds requires optimizing security to reduce the impact on resources. It outlines shared responsibilities between cloud providers and customers to ensure security. The presentation emphasizes that incident response still requires capabilities like digital forensics to fully investigate security compromises in virtual and
The document discusses security challenges in cloud computing environments, noting that while cloud platforms provide robust security tools, many security incidents are still caused by human errors or vulnerabilities in customer applications and configurations. It also examines trends in common attack types like web application attacks and how adversaries are increasingly chaining together vulnerabilities using techniques like machine learning. The author advocates for best practices like ongoing vulnerability scanning, web application firewalls, compliance monitoring, and leveraging a security operations center for detection, response and guidance.
The document discusses various threat modeling processes and tools that can be used to secure an e-learning environment. It describes the basics of threat modeling including gathering information about the system, decomposing applications into components, identifying risks through use cases and attack trees. Several threat modeling approaches are outlined such as Microsoft's threat modeling process, STRIDE classification scheme, DREAD, and OCTAVE. The advantages of using threat modeling to understand vulnerabilities and develop mitigation strategies are also highlighted.
Thinking Differently About Security Protection and PreventionDavid Perkins
In this presentation, Peter Starceski discussed artificial intelligence and machine learning and how they have been applied to the cybersecurity industry. He highlighted how leveraging artificial intelligence and machine learning provides defenders with an advantage they have never possessed till now. Peter shared examples of how machine learning have proven successful at stopping zero days and preventing ransomware prior to any other legacy solution. He examined the shifting nature of the threat landscape and to how to move beyond signature-based threat detection to rely on a mathematical, algorithmic, and scientific approach to disarm a threat.
Building Your Application Security Data Hub - OWASP AppSecUSADenim Group
One of the reasons application security is so challenging to address is that it spans multiple teams within an organization. Development teams build software, security testing teams find vulnerabilities, security operations staff manage applications in production and IT audit organizations make sure that the resulting software meets compliance and governance requirements. In addition, each team has a different toolbox they use to meet their goals, ranging from scanning tools, defect trackers, Integrated Development Environments (IDEs), WAFs and GRC systems. Unfortunately, in most organizations the interactions between these teams is often strained and the flow of data between these disparate tools and systems is non-existent or tediously implemented manually.
In today’s presentation, we will demonstrate how leading organizations are breaking down these barriers between teams and better integrating their disparate tools to enable the flow of application security data between silos to accelerate and simplify their remediation efforts. At the same time, we will show how to collect the proper data to measure the performance and illustrate the improvement of the software security program. The challenges that need to be overcome to enable teams and tools to work seamlessly with one another will be enumerated individually. Team and tool interaction patterns will also be outlined that reduce the friction that will arise while addressing application security risks. Using open source products such as OWASP ZAP, ThreadFix, Bugzilla and Eclipse, a significant amount of time will also be spent demonstrating the kinds of interactions that need to be enabled between tools. This will provide attendees with practical examples on how to replicate a powerful, integrated Application Security program within their own organizations. In addition, how to gather program-wide metrics and regularly calculate measurements such as mean-time-to-fix will also be demonstrated to enable attendees to monitor and ensure the continuing health and performance of their Application Security program.
System Security on Cloud
The document discusses system security when using cloud computing. It begins by describing the speaker's current big data system of over 10,000 users across 4 countries with over 1 billion user profiles and data ingested daily. It then discusses how infrastructure has changed from buying hardware to infrastructure as a service. Security has also changed, with cybercrime flourishing using organized groups. The rest of the document provides best practices for cloud security, such as understanding shared responsibilities and knowing your adversaries. It also promotes the services of Alert Logic for protecting cloud workloads and applications.
This presentation was delivered at the 2nd International Conference on Recent Trends in Information Technology and Computer Science in Mumbai. The paper deals with security issues in Cloud Computing, its mitigation and proposes a secure cloud mechanism with an implementation of the single-sign on mechanism on the Ubuntu Enterprise Cloud
This document contains a presentation on cloud security. It discusses how security approaches need to change to adapt to virtualized and cloud environments. Traditional security methods of provisioning separate security for each server need to change to more automated and workload-aware approaches. The presentation discusses how security can be provisioned automatically during resource provisioning. It also discusses how security capabilities can be managed efficiently at scale through continuous monitoring and vulnerability mitigation techniques. The presentation argues that securing data centers and extending their security to public clouds requires optimizing security to reduce the impact on resources. It outlines shared responsibilities between cloud providers and customers to ensure security. The presentation emphasizes that incident response still requires capabilities like digital forensics to fully investigate security compromises in virtual and
The document discusses security challenges in cloud computing environments, noting that while cloud platforms provide robust security tools, many security incidents are still caused by human errors or vulnerabilities in customer applications and configurations. It also examines trends in common attack types like web application attacks and how adversaries are increasingly chaining together vulnerabilities using techniques like machine learning. The author advocates for best practices like ongoing vulnerability scanning, web application firewalls, compliance monitoring, and leveraging a security operations center for detection, response and guidance.
The document discusses various threat modeling processes and tools that can be used to secure an e-learning environment. It describes the basics of threat modeling including gathering information about the system, decomposing applications into components, identifying risks through use cases and attack trees. Several threat modeling approaches are outlined such as Microsoft's threat modeling process, STRIDE classification scheme, DREAD, and OCTAVE. The advantages of using threat modeling to understand vulnerabilities and develop mitigation strategies are also highlighted.
Thinking Differently About Security Protection and PreventionDavid Perkins
In this presentation, Peter Starceski discussed artificial intelligence and machine learning and how they have been applied to the cybersecurity industry. He highlighted how leveraging artificial intelligence and machine learning provides defenders with an advantage they have never possessed till now. Peter shared examples of how machine learning have proven successful at stopping zero days and preventing ransomware prior to any other legacy solution. He examined the shifting nature of the threat landscape and to how to move beyond signature-based threat detection to rely on a mathematical, algorithmic, and scientific approach to disarm a threat.
Tech Throwdown: Secure Containerization vs WhitelistingInvincea, Inc.
To address the inadequacy of traditional anti-virus solutions, white-listing and secure containerization approaches have both gained traction in the enterprise. Both approaches have the overarching goal of preventing a successful breach at the endpoint, but each works differently and also focus on different parts of the cyber kill chain.
Invincea, a secure containerization solution, inoculates high-risk and Internet-facing applications against attack by running them in secure virtual containers, which have restricted access to the underlying host OS. This effectively removes the most common means of delivering the infection (see figure below). Any successful exploits of targeted applications (such as IE, Java, Flash, etc.), including by 0-day exploits, are kept safely in quarantine where additional forensic details may be uncovered.
Whitelisting attempts to prevent infections by allowing only certain known executables to run. This means whitelisting solutions will not see initial exploits; rather, whitelisting focuses on the next step beyond the exploit where many attacks then attempt to launch 2<sup>nd</sup> stage (malicious) executables with additional goals such as privilege escalation, lateral movement, or data exfiltration. In other words, whitelisting solutions do not have visibility into exploits of existing programs and for memory-resident malware. In addition, whitelisting solutions that prevent unknown software from running will flag legitimate software (such as patches) that are not updated with the whitelist.
DevSecOps aims to integrate security practices into DevOps workflows to deliver value faster and safer. It addresses challenges like keeping security practices aligned with continuous delivery models and empowered DevOps teams. DevSecOps incorporates security checks and tools into development pipelines to find and fix issues early. This helps prevent breaches like the 2017 Equifax hack, which exploited a known vulnerability. DevSecOps promotes a culture of collaboration, shared responsibility, and proactive security monitoring throughout the software development lifecycle.
Risks in cloud computing
Data security in cloud
Cloud security services
Tools and technologies for cloud
Cloud mashaps
Apache hadoop
Cloud tools
central level security
chap-1 : Vulnerabilities in Information SystemsKashfUlHuda1
Introduction to Cyber Security. Chapter #1. Vulnerabilities in Information Systems. What is a vulnerability?
Cyberspace: From terra incognita to terra nullius.
Cyberspace performance expectations. Measuring vulnerabilities. CVSS XCCDF OVAL
Avoiding vulnerabilities through secure coding
SCYBER addresses an urgent need in cybersecurity training by developing the skills needed to proactively detect and combat cyber threats. The course spends 60% of time in hands-on labs where students monitor, analyze, and respond to actual cyber attacks. It teaches 4 major competencies - monitoring security events, configuring detection/alarming, analyzing traffic for threats, and appropriately responding to incidents. Key differentiators include being system agnostic, lab-heavy, teaching an inside-out approach, ease of entry for security professionals, and helping students understand why things are threats.
An Introduction of SQL Injection, Buffer Overflow & Wireless AttackTechSecIT
The document discusses the benefits of exercise for mental health. Regular physical activity can help reduce anxiety and depression and improve mood and cognitive functioning. Exercise causes chemical changes in the brain that may help boost feelings of calmness, happiness and focus.
This document discusses security in the cloud and recommends best practices. It notes that while AWS provides many security tools, customers are still responsible for 95% of security failures due to human error. It then outlines various attack types like SQL injection and remote code execution that target web applications. The document recommends leveraging machine learning and multiple detection techniques to identify multi-stage attacks. It emphasizes the need to secure the entire attack surface, including on-premises environments, and highlights services like Alert Logic that provide 24/7 monitoring, analytics, and security experts to help detect and respond to threats.
This document provides an overview of security, compliance, and identity concepts. It describes zero trust principles, defense in depth security layers, common security threats, and the shared responsibility model. Identity concepts like authentication, authorization, and auditing are explained. Modern authentication relies on an identity provider, and federation allows users to authenticate across different identity providers. Active Directory and Azure Active Directory are directory services that store identity information.
Application of Machine Learning in CybersecurityPratap Dangeti
The document discusses applying machine learning techniques in cybersecurity. It provides examples of using ML for automatic intrusion detection, including phishing URL detection, malware detection, network behavior anomaly detection, and insider threat detection. Additional applications covered include assessing password strength and using deep steganography for encrypting messages. The document references several datasets and outlines the machine learning workflow and evaluation metrics for each application.
Link to Youtube video: https://youtu.be/OJMqMWnxlT8
You can contact me at abhimanyu.bhogwan@gmail.com
My linkdin id : https://www.linkedin.com/in/abhimanyu-bhogwan-cissp-ctprp-98978437/
Threat Modeling(system+ enterprise)
What is Threat Modeling?
Why do we need Threat Modeling?
6 Most Common Threat Modeling Misconceptions
Threat Modelling Overview
6 important components of a DevSecOps approach
DevSecOps Security Best Practices
Threat Modeling Approaches
Threat Modeling Methodologies for IT Purposes
STRIDE
Threat Modelling Detailed Flow
System Characterization
Create an Architecture Overview
Decomposing your Application
Decomposing DFD’s and Threat-Element Relationship
Identify possible attack scenarios mapped to S.T.R.I.D.E. model
Identifying Security Controls
Identify possible threats
Report to Developers and Security team
DREAD Scoring
My Opinion on implementing Threat Modeling at enterprise level
(1) This document discusses maturing an organization's security practices from DevOps to DevSecOps. It outlines a DevSecOps maturity model with three stages: adopt, expand, and scale.
(2) Key learnings from recent cloud security breaches like Equifax and Gemalto are discussed, emphasizing the need for continuous monitoring, prioritizing vulnerable hosts, and securing configurations.
(3) The shared responsibility model is explained, with the organization responsible for security "in" the cloud through practices like monitoring network traffic, hosts, applications, user activities, and resource configurations.
by Varun Badhwar, CEO & Co-founder, RedLock
Whether you’re just beginning to explore cloud computing or adopting it at enterprise scale, it is important to build security into your architecture. Gone are the days of manual security audits that slow down agile development. Your modern continuous integration and continuous delivery architecture demands continuous security that doesn’t hinder DevOps. In this session, we’ll share tips to help your organization embrace DevSecOps. Presented by RedLock.
EISA Considerations for Web Application SecurityLarry Ball
This document proposes tools for detecting and preventing security vulnerabilities within an enterprise information system architecture for a given business process. It discusses profiling web platforms and authentication/authorization, as well as input injection attacks, XML web services vulnerabilities, and attacks on web application and client management. Specific attacks include those on the OWASP Top 10 list. The document advocates threat modeling during development to identify risks and recommends code reviews and security assessment tools for mitigation.
Organizations are increasingly looking to their Internal Auditors to provide independent assurance about cyber risks and the organization's ability to defend against cyber attacks. With information technology becoming an inherent critical success factor for every business and the emerging cyber threat landscape, every internal auditor needs to equip themselves on IT audit essentials and cyber issues.
In part 12 of our Cyber Security Series you will learn about the current cyber risks and attack methods from Richard Cascarino, including:
Where are we now and Where are we going?
Current Cyberrisks
• Data Breach and Cloud Misconfigurations
• Insecure Application User Interface (API)
• The growing impact of AI and ML
• Malware Attack
• Single factor passwords
• Insider Threat
• Shadow IT Systems
• Crime, espionage and sabotage by rogue nation-states
• IoT
• CCPA and GDPR
• Cyber attacks on utilities and public infrastructure
• Shift in attack vectors
NIST Cybersecurity Framework (CSF) on the Public CloudCloudHesive
The document discusses how public cloud services align with the NIST Cybersecurity Framework (CSF). It provides an overview of the CSF functions and an example of how they apply to end user computing security on AWS. It also discusses adjacent security frameworks like CIS benchmarks and how automation and processes tie into lifecycle management. Cloud adoption frameworks like CAF and WAF are summarized in relation to their alignment with CSF and security best practices.
Application Security session given as part of the Solvay Executive Master in IT Management.
Explaining application security challenges for web, mobile, cloud and internet of things.
Positioning OWASP SAMM as structural and measurable framework to get application security under control in the complete application lifecycle.
ThreatStack Workshop: Stop Wasting Your Time: Focus on Security Practices tha...Amazon Web Services
There’s no shortage of noise about cybersecurity. Between the shear number of vendors and daily news coverage about the next big vulnerability or breach, it’s easy to start feeling directionless and reactive. However, there are ways to cut through the noise. The first step is understanding how companies are actually getting breached - not just the ones you hear about in the media. Then, you can create a strategy that’s tailored to your risk profile and attack surface. In this session, you’ll leave with an understanding of how to measure your risk, devise a realistic defense strategy, and deploy high impact security, no matter what your budget or time crunch is.
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...alexjohnson7307
Predictive maintenance is a proactive approach that anticipates equipment failures before they happen. At the forefront of this innovative strategy is Artificial Intelligence (AI), which brings unprecedented precision and efficiency. AI in predictive maintenance is transforming industries by reducing downtime, minimizing costs, and enhancing productivity.
Building Production Ready Search Pipelines with Spark and MilvusZilliz
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
More Related Content
Similar to BsidesNairobiPresentation.pptx for cloud threat intelligence presentation at Bsides Nairobi
Tech Throwdown: Secure Containerization vs WhitelistingInvincea, Inc.
To address the inadequacy of traditional anti-virus solutions, white-listing and secure containerization approaches have both gained traction in the enterprise. Both approaches have the overarching goal of preventing a successful breach at the endpoint, but each works differently and also focus on different parts of the cyber kill chain.
Invincea, a secure containerization solution, inoculates high-risk and Internet-facing applications against attack by running them in secure virtual containers, which have restricted access to the underlying host OS. This effectively removes the most common means of delivering the infection (see figure below). Any successful exploits of targeted applications (such as IE, Java, Flash, etc.), including by 0-day exploits, are kept safely in quarantine where additional forensic details may be uncovered.
Whitelisting attempts to prevent infections by allowing only certain known executables to run. This means whitelisting solutions will not see initial exploits; rather, whitelisting focuses on the next step beyond the exploit where many attacks then attempt to launch 2<sup>nd</sup> stage (malicious) executables with additional goals such as privilege escalation, lateral movement, or data exfiltration. In other words, whitelisting solutions do not have visibility into exploits of existing programs and for memory-resident malware. In addition, whitelisting solutions that prevent unknown software from running will flag legitimate software (such as patches) that are not updated with the whitelist.
DevSecOps aims to integrate security practices into DevOps workflows to deliver value faster and safer. It addresses challenges like keeping security practices aligned with continuous delivery models and empowered DevOps teams. DevSecOps incorporates security checks and tools into development pipelines to find and fix issues early. This helps prevent breaches like the 2017 Equifax hack, which exploited a known vulnerability. DevSecOps promotes a culture of collaboration, shared responsibility, and proactive security monitoring throughout the software development lifecycle.
Risks in cloud computing
Data security in cloud
Cloud security services
Tools and technologies for cloud
Cloud mashaps
Apache hadoop
Cloud tools
central level security
chap-1 : Vulnerabilities in Information SystemsKashfUlHuda1
Introduction to Cyber Security. Chapter #1. Vulnerabilities in Information Systems. What is a vulnerability?
Cyberspace: From terra incognita to terra nullius.
Cyberspace performance expectations. Measuring vulnerabilities. CVSS XCCDF OVAL
Avoiding vulnerabilities through secure coding
SCYBER addresses an urgent need in cybersecurity training by developing the skills needed to proactively detect and combat cyber threats. The course spends 60% of time in hands-on labs where students monitor, analyze, and respond to actual cyber attacks. It teaches 4 major competencies - monitoring security events, configuring detection/alarming, analyzing traffic for threats, and appropriately responding to incidents. Key differentiators include being system agnostic, lab-heavy, teaching an inside-out approach, ease of entry for security professionals, and helping students understand why things are threats.
An Introduction of SQL Injection, Buffer Overflow & Wireless AttackTechSecIT
The document discusses the benefits of exercise for mental health. Regular physical activity can help reduce anxiety and depression and improve mood and cognitive functioning. Exercise causes chemical changes in the brain that may help boost feelings of calmness, happiness and focus.
This document discusses security in the cloud and recommends best practices. It notes that while AWS provides many security tools, customers are still responsible for 95% of security failures due to human error. It then outlines various attack types like SQL injection and remote code execution that target web applications. The document recommends leveraging machine learning and multiple detection techniques to identify multi-stage attacks. It emphasizes the need to secure the entire attack surface, including on-premises environments, and highlights services like Alert Logic that provide 24/7 monitoring, analytics, and security experts to help detect and respond to threats.
This document provides an overview of security, compliance, and identity concepts. It describes zero trust principles, defense in depth security layers, common security threats, and the shared responsibility model. Identity concepts like authentication, authorization, and auditing are explained. Modern authentication relies on an identity provider, and federation allows users to authenticate across different identity providers. Active Directory and Azure Active Directory are directory services that store identity information.
Application of Machine Learning in CybersecurityPratap Dangeti
The document discusses applying machine learning techniques in cybersecurity. It provides examples of using ML for automatic intrusion detection, including phishing URL detection, malware detection, network behavior anomaly detection, and insider threat detection. Additional applications covered include assessing password strength and using deep steganography for encrypting messages. The document references several datasets and outlines the machine learning workflow and evaluation metrics for each application.
Link to Youtube video: https://youtu.be/OJMqMWnxlT8
You can contact me at abhimanyu.bhogwan@gmail.com
My linkdin id : https://www.linkedin.com/in/abhimanyu-bhogwan-cissp-ctprp-98978437/
Threat Modeling(system+ enterprise)
What is Threat Modeling?
Why do we need Threat Modeling?
6 Most Common Threat Modeling Misconceptions
Threat Modelling Overview
6 important components of a DevSecOps approach
DevSecOps Security Best Practices
Threat Modeling Approaches
Threat Modeling Methodologies for IT Purposes
STRIDE
Threat Modelling Detailed Flow
System Characterization
Create an Architecture Overview
Decomposing your Application
Decomposing DFD’s and Threat-Element Relationship
Identify possible attack scenarios mapped to S.T.R.I.D.E. model
Identifying Security Controls
Identify possible threats
Report to Developers and Security team
DREAD Scoring
My Opinion on implementing Threat Modeling at enterprise level
(1) This document discusses maturing an organization's security practices from DevOps to DevSecOps. It outlines a DevSecOps maturity model with three stages: adopt, expand, and scale.
(2) Key learnings from recent cloud security breaches like Equifax and Gemalto are discussed, emphasizing the need for continuous monitoring, prioritizing vulnerable hosts, and securing configurations.
(3) The shared responsibility model is explained, with the organization responsible for security "in" the cloud through practices like monitoring network traffic, hosts, applications, user activities, and resource configurations.
by Varun Badhwar, CEO & Co-founder, RedLock
Whether you’re just beginning to explore cloud computing or adopting it at enterprise scale, it is important to build security into your architecture. Gone are the days of manual security audits that slow down agile development. Your modern continuous integration and continuous delivery architecture demands continuous security that doesn’t hinder DevOps. In this session, we’ll share tips to help your organization embrace DevSecOps. Presented by RedLock.
EISA Considerations for Web Application SecurityLarry Ball
This document proposes tools for detecting and preventing security vulnerabilities within an enterprise information system architecture for a given business process. It discusses profiling web platforms and authentication/authorization, as well as input injection attacks, XML web services vulnerabilities, and attacks on web application and client management. Specific attacks include those on the OWASP Top 10 list. The document advocates threat modeling during development to identify risks and recommends code reviews and security assessment tools for mitigation.
Organizations are increasingly looking to their Internal Auditors to provide independent assurance about cyber risks and the organization's ability to defend against cyber attacks. With information technology becoming an inherent critical success factor for every business and the emerging cyber threat landscape, every internal auditor needs to equip themselves on IT audit essentials and cyber issues.
In part 12 of our Cyber Security Series you will learn about the current cyber risks and attack methods from Richard Cascarino, including:
Where are we now and Where are we going?
Current Cyberrisks
• Data Breach and Cloud Misconfigurations
• Insecure Application User Interface (API)
• The growing impact of AI and ML
• Malware Attack
• Single factor passwords
• Insider Threat
• Shadow IT Systems
• Crime, espionage and sabotage by rogue nation-states
• IoT
• CCPA and GDPR
• Cyber attacks on utilities and public infrastructure
• Shift in attack vectors
NIST Cybersecurity Framework (CSF) on the Public CloudCloudHesive
The document discusses how public cloud services align with the NIST Cybersecurity Framework (CSF). It provides an overview of the CSF functions and an example of how they apply to end user computing security on AWS. It also discusses adjacent security frameworks like CIS benchmarks and how automation and processes tie into lifecycle management. Cloud adoption frameworks like CAF and WAF are summarized in relation to their alignment with CSF and security best practices.
Application Security session given as part of the Solvay Executive Master in IT Management.
Explaining application security challenges for web, mobile, cloud and internet of things.
Positioning OWASP SAMM as structural and measurable framework to get application security under control in the complete application lifecycle.
ThreatStack Workshop: Stop Wasting Your Time: Focus on Security Practices tha...Amazon Web Services
There’s no shortage of noise about cybersecurity. Between the shear number of vendors and daily news coverage about the next big vulnerability or breach, it’s easy to start feeling directionless and reactive. However, there are ways to cut through the noise. The first step is understanding how companies are actually getting breached - not just the ones you hear about in the media. Then, you can create a strategy that’s tailored to your risk profile and attack surface. In this session, you’ll leave with an understanding of how to measure your risk, devise a realistic defense strategy, and deploy high impact security, no matter what your budget or time crunch is.
Similar to BsidesNairobiPresentation.pptx for cloud threat intelligence presentation at Bsides Nairobi (20)
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...alexjohnson7307
Predictive maintenance is a proactive approach that anticipates equipment failures before they happen. At the forefront of this innovative strategy is Artificial Intelligence (AI), which brings unprecedented precision and efficiency. AI in predictive maintenance is transforming industries by reducing downtime, minimizing costs, and enhancing productivity.
Building Production Ready Search Pipelines with Spark and MilvusZilliz
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
This presentation provides valuable insights into effective cost-saving techniques on AWS. Learn how to optimize your AWS resources by rightsizing, increasing elasticity, picking the right storage class, and choosing the best pricing model. Additionally, discover essential governance mechanisms to ensure continuous cost efficiency. Whether you are new to AWS or an experienced user, this presentation provides clear and practical tips to help you reduce your cloud costs and get the most out of your budget.
Dive into the realm of operating systems (OS) with Pravash Chandra Das, a seasoned Digital Forensic Analyst, as your guide. 🚀 This comprehensive presentation illuminates the core concepts, types, and evolution of OS, essential for understanding modern computing landscapes.
Beginning with the foundational definition, Das clarifies the pivotal role of OS as system software orchestrating hardware resources, software applications, and user interactions. Through succinct descriptions, he delineates the diverse types of OS, from single-user, single-task environments like early MS-DOS iterations, to multi-user, multi-tasking systems exemplified by modern Linux distributions.
Crucial components like the kernel and shell are dissected, highlighting their indispensable functions in resource management and user interface interaction. Das elucidates how the kernel acts as the central nervous system, orchestrating process scheduling, memory allocation, and device management. Meanwhile, the shell serves as the gateway for user commands, bridging the gap between human input and machine execution. 💻
The narrative then shifts to a captivating exploration of prominent desktop OSs, Windows, macOS, and Linux. Windows, with its globally ubiquitous presence and user-friendly interface, emerges as a cornerstone in personal computing history. macOS, lauded for its sleek design and seamless integration with Apple's ecosystem, stands as a beacon of stability and creativity. Linux, an open-source marvel, offers unparalleled flexibility and security, revolutionizing the computing landscape. 🖥️
Moving to the realm of mobile devices, Das unravels the dominance of Android and iOS. Android's open-source ethos fosters a vibrant ecosystem of customization and innovation, while iOS boasts a seamless user experience and robust security infrastructure. Meanwhile, discontinued platforms like Symbian and Palm OS evoke nostalgia for their pioneering roles in the smartphone revolution.
The journey concludes with a reflection on the ever-evolving landscape of OS, underscored by the emergence of real-time operating systems (RTOS) and the persistent quest for innovation and efficiency. As technology continues to shape our world, understanding the foundations and evolution of operating systems remains paramount. Join Pravash Chandra Das on this illuminating journey through the heart of computing. 🌟
Monitoring and Managing Anomaly Detection on OpenShift.pdfTosin Akinosho
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
System Design Case Study: Building a Scalable E-Commerce Platform - Hiike
BsidesNairobiPresentation.pptx for cloud threat intelligence presentation at Bsides Nairobi
1. C L O U D Y W I T H A C H A N C E
O F B R E A C H E S
NAVIGATING THE STORMY SKIES OF DATA
SECURITY
2. S P E A K E R S P R O F I L E
Albertini Francis
DevSecOps and Cloud Security Engineer.
Cloud native security enthusiast.
AWS Community Builder
Gamer, Basketball
3. Ellan Wambugu is a DevSecOps
Engineer. Having experience as a
multi-cloud red teaming
professional and a
DevOps engineer . A stressed out
man united fan
S P E A K E R S P R O F I L E
5. DATA BREACHES STATISTICS
• The average cost of a data breach in 2023 of
USD 4.45 million, cost per record being 165
dollars
• Phishing or compromised creds(cloud
misconfigurations or business email
compromise)
• Misconfigurations still remain a major concern
and breach vector
• Secrets mismanagement is a key pain-point for
most organizations
6. MODERN DAY APP BREAKDOWN
The modern day app leverages newer delivery
methods:
• Containerization
• Embracing the open source(Libraries, software
etc)
• Automation of infrastructure
provisioning(Infrastructure as Code)
8. THREAT MODELLING
Threat modelling is the process of analysing various business and technical
requirements of a system, identifying the potential threats, and documenting how
vulnerable these threats make the system
https://cloudsecurityalliance.org/artifacts/cloud-threat-modeling/
9. THREAT MODELLING METHODOLOGIES
We have different approaches to Threat Modelling
depending on the CTI teams and Workloads
• Asset-centric
• Attacker-centric
• Software-centric
10. THREAT MODELLING YOUR CLOUD ENVIRONMENT
Inventory Of Your Account
-Determine what assets, data & resources are in your
environment
Understand Your Architecture
-Understand your network topology, data flows
Threat Profiling
-Understand threats & vulnerabilities your environment
might face
Attack Surface Analysis
-Identify Points of Entry for Attackers
Risk Matrix & Mitigation
-Create and update a risk matrix & mitigation list
“Identify and prioritize risks using a threat model: Use a threat model to identify and maintain an up-to-date
register of potential threats. Prioritize your threats and adapt your security controls to prevent, detect, and
respond. Revisit and maintain this in the context of the evolving security landscape.”
11. Do An Inventory Of Your Environment
Have visibility over:
• Organizational and personal accounts and their
levels of access
• Deployments: services and regions
• Data: classification, Access, location,
lifecycle management
Asset management introduces Visibility
• You know what(services) is running where(regions)
You can't protect what you don’t know
12. Understand your architecture
Have visibility over:
• Understand network and infra topologies to get
what's supposed to public and strictly internal
• Understand your Infrastructure flow and some
decisions as to its current state
• Understand your Data flows in relation to the app,
services and IAM
Asset management introduces Visibility
• You know what(services) is running where(regions)
"Know yourself and your enemy and you need not fear
the outcome of a thousand battles"
14. M I N D Y O U R AT TA C K
S U R FA C E
• Secrets: Credentials & api keys
• Misconfigurations
• Open/misconfigured blob storage
• Public EBS snapshots
• Android: hardcoded creds & misconfigured
storage and firebase dbs
15. Mind your attack surface: Initial access
• Application code/code repo: Secrets:
Credentials & api keys
• Live Application: Misconfigurations ports,
• Open/misconfigured blob storage
• Public EBS & RDS
• Android: hardcoded creds & misconfigured
storage and firebase dbs
16. Risk Matrix : Analyze, Manage & Mitigate
• Continuous Logging & Monitoring
• Proactive Security Guardrails with
DevSecOps
• Tailor Your Security Measures
Accordingly.
• Utilize CNAPPS to your Advantage.
• Address Challenges and Acknowledge
Issues Within Your Capabilities
17. DEMO
Have visibility over:
• Understand network and infra topologies to get
what's supposed to public and what's strictly
internal
• Understand your Infrastructure flow and some
decisions as to its current state
• Understand your Data flows in relation to the apps,
services and IAM