Chaos monitoring

•

6 likes•1,586 views

The document discusses the challenges of implementing security practices at fintech companies that blend aspects of both IT and banking. It notes that while banks have strict regulations and processes, many fintech startups initially neglect security. The document advocates for approaches like identifying and examining systems and traffic, continuous monitoring, and having response plans to balance security and business needs in a rapidly changing environment that combines enterprise and custom technologies.

CHAOS MONITORING
Svetlana “Mona“ Arkhipova
Lead Information Security expert , QIWI

#:WHOAMI
▸  a.k.a. Mona
▸  Lead infrastructure security expert at QIWI group
▸  Past: security consultant at ﬁntech start-ups, security
analyst at General Electric (GE Capital).

TWO TOWERS
▸  Bank way: great amount of approvals, restrictions and
controls
▸  IT way: fast and ﬂexible, basically no technologies
limitations
▸  "There's no spoon"

TYPICAL BANK WAY
▸  Limited number of systems and products
▸  Industry regulations
▸  Strict business processes
▸  Security as an initial part of all activities
▸  "Bloody Enterprise"

TYPICAL SMALL/MID IT COMPANY: SECURITY...WHAT IS IT?
▸  Most part of companies start thinking about security only
after validated incidents
▸  Security activities performed(or not) by system
administrator
▸  Wide stack of technologies

BRAVE NEW WORLD. BETWEEN IT AND BANKING
▸  Strong regulatory requirements from one side
▸  Strong business needs from the other side
▸  Spicy mix of enterprise technologies and in-house
development
AND TYPICAL BANK WAY IS NOT WORKING IN FINTECH

ONLY THE STUPID NEED
ORGANIZATION, THE GENIUS
CONTROLS THE CHAOS!
Albert Einstein

COMMON CHALLENGES
▸  In-house development
▸  No strict business processes
▸  Security vs. usability/speed
▸  A bit of necromancy (Very Important Server)

ASSETS AND PROCESSESS
▸  Hardened perimeters
▸  Test labs: this is a test server, there's no need in OS
hardening
▸  Abandoned servers/VDIs/whatever
▸  Network controls?

SECURITY VS USABILITY
▸  Application and technology restrtictions
▸  Performance issues
▸  Tonns of logs
▸  A lot of additional work (especially on investigations)

WHAT'S NEXT?
▸  Identify
▸  Exmine
▸  Monitor
▸  Respond

IDENTIFY
▸  Track all env changes
▸  IT systems is a great source of raw data
▸  Periodical manual checks

EXAMINE
▸  Common trafﬁc proﬁling (OS speciﬁc, network speciﬁc)
▸  App-speciﬁc proﬁling
▸  Systems interconnection

MONITOR
▸  Monitoring is a continuous process
▸  Track logins and network ﬂows
▸  Periodical log sources check
▸  Set up emergency alerts on critical events

RESPOND
▸  Action plans on typical incidents
▸  Core analysis
▸  Rules/proﬁling tuning
▸  False positives and false negatives

FALSE (+|-)
▸  “Normal paranormal”
▸  Multiple events in short time range
▸  Trafﬁc controls
▸  Chained events
▸  Events with low rates (APT)
▸  Continious (pen)tests

QUESTIONS?
Svetlana Arkhipova
Lead Information Security expert , QIWI
mona@qiwi.ru
monaarkhipova @m0na_sax

Technology in ICS environments lags the Enterprise by 10-15yr. This often leads to ICS companies having to stand by while other more nimble institutions are able to take advantage of new technology. What few people realize, is that our industry gets to watch the future happen out on the Internet and then pick and choose the best techniques to adapt and bring back in time. In this session Mr. Kitchel will look at what is new in the IT world and forecast what should and will be applied to OT.

I will never forget my assignment for a vulnerability assessment against a control systems network. “Hey, can you go somewhere, run “scans” against this system, and oh by the way don’t crash it or a large portion of the USA could lose power”. Needless to say, I turned down that assignment, as they required that a traditional network-based “scan” be run. There has to be a better way to preform assessments in such environments! Fast forward 10 years later and I’ve worked with much safer techniques for assessing the security of SCADA/Control systems infrastructure. Working for Tenable Network Security has also provided me great insights into several techniques, including: - Using credentials to login to systems and audit for missing patches and configuration changes - Tuning vulnerability scans to be less intrusive yet still accurate and providing useful information - Implementing passive vulnerability scanning to discover hosts on the network and enumerate vulnerabilities, without sending a single packet to the end-user system

ICS Network Security Monitoring (NSM)

Digital Bond

Monitoring ICS Communications

Digital Bond

SDN Analytics & Security

Scott Raynovich

From IT to IoT: Bridging the Growing Cybersecurity Divide

Priyanka Aash

With the widespread growth of IOT devices and services, security is a priority. This session will discuss the challenges of implementing security solutions for IoT services for security professionals who are looking at things from an IT viewpoint. Traditional IT security solutions may not be directly applicable to the IoT ecosystem. New IoT specific threats and challenges need to be addressed. Learning Objectives: 1: Learn about the top IoT threats. 2: Discover how to address threats using new design process not old IT process. 3: Understand the security lifecycle differences between IT and IoT. (Source: RSA Conference USA 2018)

CloudStack Secured

John Kinsella

Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...

Digital Bond

Each SCADA network, in a healthy state, presents a specific quality of service (QoS) which rarely changes given the repetitive process of the IACS operations. The continuous monitoring of QoS parameters of an automation network may anticipate problems such as malware contamination and equipment failures like switches and routers. It is very important to be aware of these changes in behavior in order to receive alerts and promptly handle them, avoiding incidents that could compromise the operation of the network and be financially or environmentally costly. In this session Mr. Branquinho presents the results of tests to measure the performance of a simulated automation network parameters using a small SCADA network sandbox. First, the normal operating parameters of the network were measured. Next, several attacks were launched against the simulated automation network. At the conclusion of the work the graphs of the network in healthy state with the graphs of the network with the security incidents described above. The session will show how the network parameters were affected by each kind of incident and built a table showing the way the main parameters of an automation network were affected by the attacks.

Tools Of The Hardware Hacking Trade Final

Priyanka Aash

Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...

Digital Bond

The Control System Security Center (CSSC) in Japan has an active project in their lab to apply process white list control and computer resource access control to Windows servers and workstations in an ICS. These security controls can be very effective in ICS computers that are relatively static as compared to corporate network systems. The process white list control limits process creation with parent-child relation, SHA1 hash value of an executable file, and conflict of interest. The computer resource access control limits access from a process to file, network (IP address and port), and device. Attend this session learn how CSSC is applying this technology and lessons learned in the lab environment.

Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM

Jim Gilsinn

Presented: BSidesDC 2015, Washington, DC, October 18, 2015 YouTube Video @ https://youtu.be/v3LBywLthjY Determining the overall health and security of an industrial control system (ICS) network is currently done by looking at the negative case. If the network infrastructure devices indicate that all the devices are connected and communicating, then the network must be operating correctly. If the controllers indicate that they are able to communicate with the other devices in the system, then the system must be operating correctly. If the network security monitoring (NSM) or security information and event management (SIEM) system are not indicating any security events, then the system must be operating correctly. In each of these cases, the assumption is that the system is operating correctly if there are no errors or events being indicated by any of the devices. In reality, the actual health and security of the system can only be determined by positive conditions. The communication streams need to be measured to determine that they are operating within certain limits based upon a desires set of conditions, like rate and maximum latency. Many controllers keep track of these factors for real-time communications, however they are often only recorded as averages and not high-fidelity measurements. This paper presents an approach to analyzing the real-time network traffic performance of an ICS by measuring the jitter and latency associated with individual network traffic streams in the system. By using statistical and mathematical analysis of the high-fidelity jitter and latency data, a network reliability factor can be determined and used to indicate the health of those traffic streams. The author will present a method to combine the individual network reliability factors into a network reliability monitoring system. Lastly, the author will discuss how network reliability monitoring can be used to indicate potential security problems by observing the network traffic patterns.

Using Assessment Tools on ICS (English)

Digital Bond

Introducing Savvius Vigil

Savvius, Inc

The Future of ICS Security Products

Digital Bond

5 Under-utilized PCI Requirements and how you can leverage them

Praveen Vackayil

Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...

centralohioissa

During this talk we will be discussing hardware reverse engineering and why this is becoming a new way for attackers to compromise company networks. We will discuss how vendors are now leaving potentially malicious code within firmware and how some attackers could exploit these vulnerabilities. We will also discuss why it is important for companies to spend time reviewing hardware for vulnerabilities prior to deploying the systems within your company’s network and outlining a process on how to perform this work. The presenters will outline each phase of the hardware reverse engineering assessment, outlining how to exploit various vulnerabilities that you may discover and provide a list the software and tools that will be needed to support this work. Finally we will talk about how you should be documenting your findings for management and how to properly disclose the findings to the vendor once the test has been completed.

Avit’s Network Asset Compliance Center (NACC)

Abbeloos Jo

Avit’s Network Asset Compliance Center (NACC) geeft diepgaand inzicht in het netwerk van uw organisatie. Welke netwerkapparatuur in gebruik is, op welke plek de apparatuur staat, wat de software- en security status ervan is en of er contractueel nog support wordt verleend. Die informatie geeft het inzicht om te kunnen bepalen wanneer welke apparatuur vervangen moet worden (life cycle management), welke beheeractiviteiten nog nodig zijn – zoals te installeren software-updates - en of er security issues zijn die direct aandacht nodig hebben. Voor meer info neem contact op met Jo Abbeloos E-mail : jo.abbeloos@avitgroup.com Tel : +32.3.302.45.18

What's New in StealthWatch v6.5

Lancope, Inc.

Lancope’s latest release includes an intuitive Web interface and sophisticated alarming capabilities for enhanced usability, security analytics and early threat detection. The new version further improves incident response and network forensics for fending off today’s advanced attacks. Specific new features include: • The Operational Network & Security Intelligence (ONSI) dashboard, which keeps track of the attacker’s “kill chain,” providing administrators with awareness of how far attacks are progressing within their networks. • New “data hoarding” alarms that detect attackers who are moving stolen data around within internal networks or preparing it for exfiltration. • StealthWatch Labs Security Updates that provide constantly updated, automated security capabilities in the StealthWatch System to detect the latest threats. • User-defined Threat Criteria, which enable administrators to monitor their networks for targeted attack activity based on specific threat intelligence.

Michael Jones-Resume-OCT2015Michael Jones, CCIE, CISSP, PMP

Web Application Security: Beyond PEN Testing

Robert Grupe, CSSLP CISSP PE PMP

API Training 10 Nov 2014

Digital Bond

4 Effortless Tactics To Generate PR

Survata

Lean Business Analysis and UX Runway: Managing Value by Reducing Waste (Natal...

IT Arena

Lviv IT Arena is a conference specially designed for programmers, designers, developers, top managers, inverstors, entrepreneur and startuppers. Annually it takes place on 2-4 of October in Lviv at the Arena Lviv stadium. In 2015 conference gathered more than 1400 participants and over 100 speakers from companies like Facebook. FitBit, Mail.ru, HP, Epson and IBM. More details about conference at itarene.lviv.ua.

What's hot

Tiptoe Through The Network: Practical Vulnerability Assessments in Control Sy...

Digital Bond

ICS Network Security Monitoring (NSM)

Digital Bond

Monitoring ICS Communications

Digital Bond

SDN Analytics & Security

Scott Raynovich

From IT to IoT: Bridging the Growing Cybersecurity Divide

Priyanka Aash

CloudStack Secured

John Kinsella

Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...

Digital Bond

Tools Of The Hardware Hacking Trade Final

Priyanka Aash

Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...

Digital Bond

Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM

Jim Gilsinn

Using Assessment Tools on ICS (English)

Digital Bond

Introducing Savvius Vigil

Savvius, Inc

The Future of ICS Security Products

Digital Bond

5 Under-utilized PCI Requirements and how you can leverage them

Praveen Vackayil

Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...

centralohioissa

Avit’s Network Asset Compliance Center (NACC)

Abbeloos Jo

What's New in StealthWatch v6.5

Lancope, Inc.

Michael Jones-Resume-OCT2015Michael Jones, CCIE, CISSP, PMP

Web Application Security: Beyond PEN Testing

Robert Grupe, CSSLP CISSP PE PMP

API Training 10 Nov 2014

Digital Bond

What's hot (20)

Tiptoe Through The Network: Practical Vulnerability Assessments in Control Sy...

ICS Network Security Monitoring (NSM)

Monitoring ICS Communications

SDN Analytics & Security

From IT to IoT: Bridging the Growing Cybersecurity Divide

CloudStack Secured

Detecting Problems in Industrial Networks Through Continuous Monitoring, Leve...

Tools Of The Hardware Hacking Trade Final

Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...

Network Reliability Monitoring for ICS: Going Beyond NSM and SIEM

Using Assessment Tools on ICS (English)

Introducing Savvius Vigil

The Future of ICS Security Products

5 Under-utilized PCI Requirements and how you can leverage them

Timothy Wright & Stephen Halwes - Finding the Needle in the Hardware – Identi...

Avit’s Network Asset Compliance Center (NACC)

What's New in StealthWatch v6.5

Michael Jones-Resume-OCT2015

Web Application Security: Beyond PEN Testing

API Training 10 Nov 2014

Viewers also liked

4 Effortless Tactics To Generate PR

Survata

Lean Business Analysis and UX Runway: Managing Value by Reducing Waste (Natal...

IT Arena

Instrumenting the real-time web: Node.js in production

bcantrill

Agile Transition in Trouble? Using the Kotter Change Model as a Diagnostic Tool

Alistair McKinnell

How to Hire an Agile Coach

Jason Little

Product Design using Lean UX

George Elkhabbaz

Kanban boards step by step

Giulio Roggero

Updated version at https://www.slideshare.net/GiulioRoggero/kanban-board-82363781 Do you have a team that works on both project and maintenance? Do you need to organize your team activities? Do you have a lot of activities in parallel and the time to market it's a problem? With a Kanban board and an Agile approach you can solve your problems! Take a look of the animation of the slides to discover how it works.

Kafka and Storm - event processing in realtime

Guido Schmutz

Apache Kafka is publish-subscribe messaging rethought as a distributed commit log. It is designed to allow a single cluster to serve as the central data backbone for a large organization. It can be elastically and transparently expanded without downtime. Storm is a distributed realtime computation system. Storm makes it easy to reliably process unbounded streams of data, doing for realtime processing what Hadoop did for batch processing. Storm has many use cases: realtime analytics, online machine learning, continuous computation, distributed RPC, ETL, and more. This session presents the main concepts of Kafka and Storm and then shows how a simple stream processing application is implemented using these two technologies.

Viewers also liked (8)

4 Effortless Tactics To Generate PR

Lean Business Analysis and UX Runway: Managing Value by Reducing Waste (Natal...

Instrumenting the real-time web: Node.js in production

Agile Transition in Trouble? Using the Kotter Change Model as a Diagnostic Tool

How to Hire an Agile Coach

Product Design using Lean UX

Kanban boards step by step

Kafka and Storm - event processing in realtime

Similar to Chaos monitoring

DevOps Security - Is It Really So Difficult? - Reuven Harrison - DevOpsDays T...

DevOpsDays Tel Aviv

Scalar Security Roadshow April 2015

Scalar Decisions

Next generation security analytics

Christian Have

Legacy-SecDevOps (AppSec Management Debrief)

Dinis Cruz

CS3STHLM_2019_krotofil_kopeytsev

Marina Krotofil

MineMeld and the Importance of Centralized Threat Intelligence

JamilaKaya

Continuous Compliance and DevSecOps in Times of GDPR, HIPAA and SOX

DevOps.com

Developers, operators, and corporate executives all agree that compliance with security and regulatory requirements is critical, but many find that enforcing security through manual scans and “best efforts” at the end of the cycle wastes staff time and adds days or weeks to the release schedule. Once the required environments are built, tested, and certified, today’s customer-centric product owners are already longing to push out the next set of changes, absorbing even more of IT Operations’ time to scramble for security and compliance solutions.

CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)

TI Safe

Security Considerations in Process Control and SCADA Environmentsamiable_indian

SCADA Cyber Sec | ISACA 2013 | Patricia WatsonPatricia M Watson

Security Change Management: Agility vs. Control

AlgoSec

Today's fast paced business application deployments and changes require IT, networking and security to be more agile than ever before. Yet this agility often comes at the expense of security, control and accuracy. When facing a barrage of cyber-attacks this is not an option. In this new technical webinar, Anner Kushnir, VP of Technology at AlgoSec will explain how to address these contradicting requirements, and eliminate the tension between the two, through a unique zero-touch approach to security policy management. In this webinar Anner will present: • The challenges and requirements for zero-touch security policy automation • How automation can support business agility while maintaining checks and balances • Defining a policy for pre-approved "more of the same" low risk changes • Handling exceptions, risks and escalation • Maintaining a full audit trail for compliance audits • Tracking SLAs and further fine-tuning business agility

All Hope is Not LostNetwork Forensics Exposes Today's Advanced Security Thr...

Savvius, Inc

Do you think it requires an advanced degree to initiate an advanced security attack? Think again. Tool kits are readily available for immediate download that guide those with even just basic computer skills through the steps to initiate complex network attacks. But all hope is not lost. One of the best defenses is readily available in the market today – network recorders with network forensics – and when combined with the appropriate visibility fabric architecture, these solutions defend against attacks on even the fastest networks available today. Join WildPackets and Gigamon as we explore the current state of network attacks, network vulnerabilities, and the solutions available to combat the most aggressive, and the most subtle, attacks.

PCI and Vulnerability Assessments - What’s Missing

Black Duck by Synopsys

Application Performance Monitoring with OpenTelemetry

Jan Mikeš

Security Teams & Tech In A Cloud World

Mark Nunnikhoven

Security in the cloud is fundamentally different. Not so much due to the technology--though there's plenty of differences there--but more with respect to the way that security is applied and how it's run. Over the past few years, we've seen a radical shift in how development and operational teams work together. Security teams have been left out in the cold and are still viewed as the "No" team. It doesn't have to be that way. Cloud technologies have enabled new work flows and models for businesses and other teams...security is no different. We just have to wake up and take advantage of the new ecosystem. When security teams embrace change, the boundaries start to dissolve and security can finally be built in instead of bolted on. In this session, we'll look at some of the challenges involved in this shift, how it impacts your teams, your skill set, and how a modern approach to defence will improve your security posture. Presented at BC Aware Day, 31-Jan-2017

第7回VEC制御システムサイバーセキュリティカンファレンス

chomchana trevai

ProActive Security

Ibnisina Sina

ProActive Security

Ibnisina Sina

Devops (start walking in the same direction) by ops

Demis Rizzotto

Nozomi Networks Q1_2018 Company Introduction

Nozomi Networks

Nozomi Networks is the leader of industrial cybersecurity, delivering real-time visibility to manage cyber risk & improve resilience for industrial operations. With one solution, customers gain advanced cybersecurity, improved operational reliability & easy IT/OT integration. Innovating the use of artificial intelligence, the company helps the largest industrial sites around the world See and Secure™ their critical industrial control networks. Today Nozomi Networks supports over a quarter of a million devices in the critical infrastructure, energy, manufacturing, mining, transportation & utility sectors, making it possible to tackle the escalating cyber risks to operational networks (OT).

Similar to Chaos monitoring (20)

DevOps Security - Is It Really So Difficult? - Reuven Harrison - DevOpsDays T...

Scalar Security Roadshow April 2015

Next generation security analytics

Legacy-SecDevOps (AppSec Management Debrief)

CS3STHLM_2019_krotofil_kopeytsev

MineMeld and the Importance of Centralized Threat Intelligence

Continuous Compliance and DevSecOps in Times of GDPR, HIPAA and SOX

CLASS 2018 - Palestra de Edgard Capdevielle (Presidente e CEO – Nozomi)

Security Considerations in Process Control and SCADA Environments

SCADA Cyber Sec | ISACA 2013 | Patricia Watson

Security Change Management: Agility vs. Control

All Hope is Not LostNetwork Forensics Exposes Today's Advanced Security Thr...

PCI and Vulnerability Assessments - What’s Missing

Application Performance Monitoring with OpenTelemetry

Security Teams & Tech In A Cloud World

第7回VEC制御システムサイバーセキュリティカンファレンス

ProActive Security

Devops (start walking in the same direction) by ops

Nozomi Networks Q1_2018 Company Introduction

Recently uploaded

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

DanBrown980551

Do you want to learn how to model and simulate an electrical network from scratch in under an hour? Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)! During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook. PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides: - A fully editable and extendable library for grid component modelling; - Visualization tools to display your network; - Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses; The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well. What you will learn during the webinar: - For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills; - For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.

Introduction to CHERI technology - Cybersecurity

mikeeftimakis1

Assure Contact Center Experiences for Your Customers With ThousandEyes

ThousandEyes

Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...

James Anderson

Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management. The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM). Speakers: Bob Boule Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle. Gopinath Rebala Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.

Transcript: Selling digital books in 2024: Insights from industry leaders - T...

BookNet Canada

The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more. Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/ Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.

Climate Impact of Software Testing at Nordic Testing Days

Kari Kakkonen

My slides at Nordic Testing Days 6.6.2024 Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.

DevOps and Testing slides at DASA Connect

Kari Kakkonen

Free Complete Python - A step towards Data Science

RinaMondal9

UiPath Community Day Dubai: AI at Work..

UiPathCommunity

Welcome to the first live UiPath Community Day Dubai! Join us for this unique occasion to meet our local and global UiPath Community and leaders. You will get a full view of the MEA region's automation landscape and the AI Powered automation technology capabilities of UiPath. Also, hosted by our local partners Marc Ellis, you will enjoy a half-day packed with industry insights and automation peers networking. 📕 Curious on our agenda? Wait no more! 10:00 Welcome note - UiPath Community in Dubai Lovely Sinha, UiPath Community Chapter Leader, UiPath MVPx3, Hyper-automation Consultant, First Abu Dhabi Bank 10:20 A UiPath cross-region MEA overview Ashraf El Zarka, VP and Managing Director MEA, UiPath 10:35: Customer Success Journey Deepthi Deepak, Head of Intelligent Automation CoE, First Abu Dhabi Bank 11:15 The UiPath approach to GenAI with our three principles: improve accuracy, supercharge productivity, and automate more Boris Krumrey, Global VP, Automation Innovation, UiPath 12:15 To discover how Marc Ellis leverages tech-driven solutions in recruitment and managed services. Brendan Lingam, Director of Sales and Business Development, Marc Ellis

A tale of scale & speed: How the US Navy is enabling software delivery from l...

sonjaschweigert1

Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved: - Reduction in onboarding time from 5 weeks to 1 day - Improved developer experience and productivity through actionable findings and reduction of false positives - Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO) Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production. We will cover: - How to remove silos in DevSecOps - How to build efficient development pipeline roles and component templates - How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence) - How to streamline operations with automated policy checks on container images

UiPath Test Automation using UiPath Test Suite series, part 4

DianaGray10

Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap. The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies. Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques What will you get from this session? 1. Insights into SAP testing best practices 2. Heatmap utilization for testing 3. Optimization of testing processes 4. Demo Topics covered: Execution from the test manager Orchestrator execution result Defect reporting SAP heatmap example with demo Speaker: Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx

nkrafacyberclub

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Aggregage

Elizabeth Buie - Older adults: Are we really designing for our future selves?

Nexer Digital

Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™

UiPathCommunity

In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni. 📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath: Autopilot per Studio Web Autopilot per Studio Autopilot per Apps Clipboard AI GenAI applicata alla Document Understanding 👨‍🏫👨‍💻 Speakers: Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath Andrei Tasca, RPA Solutions Team Lead @NTT Data

By Design, not by Accident - Agile Venture Bolzano 2024

Pierluigi Pugliese

Enhancing Performance with Globus and the Science DMZ

Globus

The Metaverse and AI: how can decision-makers harness the Metaverse for their...

Jen Stirrup

The Metaverse is popularized in science fiction, and now it is becoming closer to being a part of our daily lives through the use of social media and shopping companies. How can businesses survive in a world where Artificial Intelligence is becoming the present as well as the future of technology, and how does the Metaverse fit into business strategy when futurist ideas are developing into reality at accelerated rates? How do we do this when our data isn't up to scratch? How can we move towards success with our data so we are set up for the Metaverse when it arrives? How can you help your company evolve, adapt, and succeed using Artificial Intelligence and the Metaverse to stay ahead of the competition? What are the potential issues, complications, and benefits that these technologies could bring to us and our organizations? In this session, Jen Stirrup will explain how to start thinking about these technologies as an organisation.

FIDO Alliance Osaka Seminar: Overview.pdf

FIDO Alliance

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf

91mobiles

Recently uploaded (20)

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

Introduction to CHERI technology - Cybersecurity

Assure Contact Center Experiences for Your Customers With ThousandEyes

Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...

Transcript: Selling digital books in 2024: Insights from industry leaders - T...

Climate Impact of Software Testing at Nordic Testing Days

DevOps and Testing slides at DASA Connect

Free Complete Python - A step towards Data Science

UiPath Community Day Dubai: AI at Work..

A tale of scale & speed: How the US Navy is enabling software delivery from l...

UiPath Test Automation using UiPath Test Suite series, part 4

Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Elizabeth Buie - Older adults: Are we really designing for our future selves?

Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™

By Design, not by Accident - Agile Venture Bolzano 2024

Enhancing Performance with Globus and the Science DMZ

The Metaverse and AI: how can decision-makers harness the Metaverse for their...

FIDO Alliance Osaka Seminar: Overview.pdf

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf

Chaos monitoring

1. CHAOS MONITORING Svetlana “Mona“ Arkhipova Lead Information Security expert , QIWI

2. #:WHOAMI ▸  a.k.a. Mona ▸  Lead infrastructure security expert at QIWI group ▸  Past: security consultant at ﬁntech start-ups, security analyst at General Electric (GE Capital).

3. TWO TOWERS ▸  Bank way: great amount of approvals, restrictions and controls ▸  IT way: fast and ﬂexible, basically no technologies limitations ▸  "There's no spoon"

4. TYPICAL BANK WAY ▸  Limited number of systems and products ▸  Industry regulations ▸  Strict business processes ▸  Security as an initial part of all activities ▸  "Bloody Enterprise"

5. TYPICAL SMALL/MID IT COMPANY: SECURITY...WHAT IS IT? ▸  Most part of companies start thinking about security only after validated incidents ▸  Security activities performed(or not) by system administrator ▸  Wide stack of technologies

6. BRAVE NEW WORLD. BETWEEN IT AND BANKING ▸  Strong regulatory requirements from one side ▸  Strong business needs from the other side ▸  Spicy mix of enterprise technologies and in-house development AND TYPICAL BANK WAY IS NOT WORKING IN FINTECH

7. OTHER SIDE OF THE MOON

8. ONLY THE STUPID NEED ORGANIZATION, THE GENIUS CONTROLS THE CHAOS! Albert Einstein

9. COMMON CHALLENGES ▸  In-house development ▸  No strict business processes ▸  Security vs. usability/speed ▸  A bit of necromancy (Very Important Server)

10. BRAND NEW TECHNOLOGY(C) ▸  Dynamically changing environment ▸  Who needs technological stack, this brand new technology(tm) is our salvation! ▸  App security guide? Devops do not need them.

11. ASSETS AND PROCESSESS ▸  Hardened perimeters ▸  Test labs: this is a test server, there's no need in OS hardening ▸  Abandoned servers/VDIs/whatever ▸  Network controls?

12. SECURITY VS USABILITY ▸  Application and technology restrtictions ▸  Performance issues ▸  Tonns of logs ▸  A lot of additional work (especially on investigations)

13. WHAT'S NEXT? ▸  Identify ▸  Exmine ▸  Monitor ▸  Respond

14. IDENTIFY ▸  Track all env changes ▸  IT systems is a great source of raw data ▸  Periodical manual checks

15. EXAMINE ▸  Common traffic profiling (OS specific, network specific) ▸  App-specific profiling ▸  Systems interconnection

16. MONITOR ▸  Monitoring is a continuous process ▸  Track logins and network ﬂows ▸  Periodical log sources check ▸  Set up emergency alerts on critical events

17. RESPOND ▸  Action plans on typical incidents ▸  Core analysis ▸  Rules/proﬁling tuning ▸  False positives and false negatives

18. FALSE (+|-) ▸  “Normal paranormal” ▸  Multiple events in short time range ▸  Trafﬁc controls ▸  Chained events ▸  Events with low rates (APT) ▸  Continious (pen)tests

19. QUESTIONS? Svetlana Arkhipova Lead Information Security expert , QIWI mona@qiwi.ru monaarkhipova @m0na_sax

Chaos monitoring

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (8)

Similar to Chaos monitoring

Similar to Chaos monitoring (20)

Recently uploaded

Recently uploaded (20)

Chaos monitoring