Cloud Security Groups are the firewalls of the cloud. They are built-in and provide basic access control functionality as part of the shared responsibility model. However, Cloud Security Groups do not provide the same protection or functionality that enterprises have come to expect with on-premises deployments. In this talk we will discuss the top cloud risks in 2020, why perimeters are a concept of the past and how in the world of no perimitiers do Cloud Security groups, the "Cloud FIrewalls", fit it. We will practically explore Cloud Security Group limitations across different cloud setups from a single vNet to multi-cloud
Most organizations have good enterprise-level security policies that define their approach to maintaining, improving, and securing their information and information systems. However, once the policies are signed by senior leadership and distributed throughout the organization, significant cybersecurity governance challenges remain. In this workshop I will explain the transforming organizational security to strengthen defenses and integrate cybersecurity with the overall approach toward security governance, risk management and compliance.
Cloud security is must for any of the IaaS, PaaS, SaaS or CaaS initiative. this presentation aims to simplify the concept of cloud security with clear steps to achieve it. It also summarize the controls required to implement cloud security.
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...Priyanka Aash
Until recently, major public cloud providers have offered relatively basic toolsets for identifying suspicious activity occurring inside customer accounts that may indicate a compromise. Some organizations have invested significant resources to build their own tools or have leveraged industry vendor offerings to provide this visibility. The reality is, that barrier has meant that a large number of organizations haven't dedicated those resources to this problem and therefore operate without sufficient detection and response capabilities that monitor their cloud accounts for compromise.
Amazon Web Services, Google Cloud Platform, and Microsoft Azure have recently launched a new set of native platform threat and anomalous behavior detection services to help their customers better identify and respond to certain issues and activities occurring inside their cloud accounts. From detecting crypto-currency mining to identifying bot-infected systems to alerting on suspicious cloud credential usage to triggering on cloud-specific methods of data exfiltration, these new services aim to make these kinds of detections much easier and simpler to centrally manage.
But what new and unique insights do they offer? What configuration is required to achieve the full benefits of these detections? What types of activities are not yet covered? What attack methods and techniques can avoid detection by these systems and still be successful? What practical guidelines can be followed to make the best use of these services in an organization?
Follow along as we attempt to answer these questions using practical demonstrations that highlight the real threats facing cloud account owners and how the new threat detection capabilities perform in reducing the risks of operating workloads in the public cloud.
We are all aware of the current risks when developing a connected product, especially with vehicles since much is at stake both from an information and safety perspective. In this workshop, we will learn how to build Security requirements, architect, design, test and produce Safety and Security critical components using a methodology that works in harmony both with Engineering and Security
Most organizations have good enterprise-level security policies that define their approach to maintaining, improving, and securing their information and information systems. However, once the policies are signed by senior leadership and distributed throughout the organization, significant cybersecurity governance challenges remain. In this workshop I will explain the transforming organizational security to strengthen defenses and integrate cybersecurity with the overall approach toward security governance, risk management and compliance.
Cloud security is must for any of the IaaS, PaaS, SaaS or CaaS initiative. this presentation aims to simplify the concept of cloud security with clear steps to achieve it. It also summarize the controls required to implement cloud security.
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...Priyanka Aash
Until recently, major public cloud providers have offered relatively basic toolsets for identifying suspicious activity occurring inside customer accounts that may indicate a compromise. Some organizations have invested significant resources to build their own tools or have leveraged industry vendor offerings to provide this visibility. The reality is, that barrier has meant that a large number of organizations haven't dedicated those resources to this problem and therefore operate without sufficient detection and response capabilities that monitor their cloud accounts for compromise.
Amazon Web Services, Google Cloud Platform, and Microsoft Azure have recently launched a new set of native platform threat and anomalous behavior detection services to help their customers better identify and respond to certain issues and activities occurring inside their cloud accounts. From detecting crypto-currency mining to identifying bot-infected systems to alerting on suspicious cloud credential usage to triggering on cloud-specific methods of data exfiltration, these new services aim to make these kinds of detections much easier and simpler to centrally manage.
But what new and unique insights do they offer? What configuration is required to achieve the full benefits of these detections? What types of activities are not yet covered? What attack methods and techniques can avoid detection by these systems and still be successful? What practical guidelines can be followed to make the best use of these services in an organization?
Follow along as we attempt to answer these questions using practical demonstrations that highlight the real threats facing cloud account owners and how the new threat detection capabilities perform in reducing the risks of operating workloads in the public cloud.
We are all aware of the current risks when developing a connected product, especially with vehicles since much is at stake both from an information and safety perspective. In this workshop, we will learn how to build Security requirements, architect, design, test and produce Safety and Security critical components using a methodology that works in harmony both with Engineering and Security
From SIEM to SOC: Crossing the Cybersecurity ChasmPriyanka Aash
You own a SIEM, but to be secure, you need a Security Operations Center! How do you cross the chasm? Do you hire staff or outsource? And what skills are needed? Mike Ostrowski, a cybersecurity industry veteran, will review common pitfalls experienced through the journey from SIEM to SOC, the pros and cons of an all in-house SOC vs. outsourcing, and the benefits of a hybrid SOC model.
Learning Objectives:
1: You own a SIEM, but to be secure, you need a SOC. How do you cross the chasm?
2: What are the pros and cons of in-house, fully managed and hybrid security?
3: What considerations go into deciding whether to employ a hybrid strategy?
(Source: RSA Conference USA 2018)
Overview of Google’s BeyondCorp Approach to SecurityPriyanka Aash
Need a different approach – Google BeyondCorp Principles:
- Connecting from a particular network must not determine your trust level
- Access to service is granted based on what we know about you and your device
- All access to services must be Authenticated, Authorized and Encrypted
- Zero-Trust Model
A successful cyber attack on a plant’s Industrial Control Systems (ICS) can be catastrophic. It can impact the plant’s operations, finances, damage reputation and even threaten lives. A resilient cyber security programme is essential in order to mitigate against potential cyber attacks. To help ensure that your plant is fully prepared to defend against potential cyber attacks, we provide a range of ICS Cyber Security services, each customised for your plant’s unique requirements, based on the latest international cyber security standards and best practice. Pöyry is active in designing, assessing and supervising the implementation of ICS cyber security programmes to both operating and greenfield facilities.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
Simon Wong and Chris Cram, Scalar security experts, discuss how Palo Alto Networks technology disrupts the entire malware kill chain. Attendees will also gain insight on flexible deployment options to better serve their mobile users, and how to get the most out of their Palo Alto Networks deployment.
Supply Chain Threats to the US Energy SectorKaspersky
This presentation by Cynthia James discusses steps to take towards cyber-securing the supply chain of Energy sector organizations in the U.S. From the biggest challenges to a review of regulation and compliance guidelines, this deck covers three areas of Energy: nuclear, electric and "other".
Cynthia James is a CISSP (Certified Information Systems Security Professional) and frequent presenter for the TABD group at Kaspersky Lab, global provider of cybersecurity solutions. With 9 years of experience in the cybersecurity space, Cynthia is a regular speaker on the subject and has authored a book on cybercrime: “Stop Cybercrime from Ruining Your Life".
There are many threats to cloud security. The main treats arise from account hijacking, data breaches, inadequate cloud security architecture and strategy, insecure interfaces and APIs, insider threats, limited visibility with regard to cloud usage etc.
Cloud summit demystifying cloud securityDavid De Vos
During this session we’ll cover the key solutions and steps to securing a cloud environment.
We’ll cover policy creation, security posture management & cybersecurity incident analysis. You’ll see how compliance is made easy in the cloud and how continuous monitoring works. We’ll explain how multi-cloud security works as well!
As we walk through the solutions, we’ll share some best practices and use cases from our experience.
Cybersecurity roadmap : Global healthcare security architecturePriyanka Aash
Using NIST cybersecurity framework, one of the largest healthcare IT firms in the US developed the global security architecture and roadmap addressing security gaps by architecture domain and common security capability. This session will discuss the architecture framework, capability matrix, the architecture development methodology and key deliverables.
(Source : RSA Conference USA 2017)
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...Cam Fulton
Learn how to evaluate risk, what the differences are between vulnerability assessments and penetration tests, and when to implement both.
Presented by AWA International, a division of I.S. Partners, LLC https://www.ispartnersllc.com/awa-international-group/
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014Andris Soroka
Presentation from "International Data Protection Day" IT Security seminary on 28th of January, 2014, organized by "Data Security Solutions", IBM Security Systems partner in the Baltic States.
How to Solve Your Top IT Security Reporting Challenges with AlienVaultAlienVault
Watch this on-demand webast to learn how to acheive security compliance with AlienVault Unified Security Management (USM): https://www.alienvault.com/resource-center/webcasts/how-to-solve-your-top-it-security-reporting-challenges-with-alienvault?utm_medium=Social&utm_source=SlideShare&utm_campaign=solve-it-compliance-usm-webinar
Learn how you can take your on-premises and cloud security to the next level with a free online demo at: https://www.alienvault.com/products/usm-anywhere/demo?utm_medium=Social&utm_source=SlideShare&utm_campaign=solve-it-compliance-usm-webinar
A Pragmatic Approach to Network Security Across Your Hybrid Cloud EnvironmentAlgoSec
How we think about and architect network security has stayed fairly constant for quite some time.
Until we moved to the cloud.
Things may look the same on the surface, but dig a little deeper and you quickly realize that network security for cloud computing and hybrid networks requires a different mindset, different tools, and a new approach. Hybrid networks complicate management, both in your data center and in the cloud. Each side uses a different basic configuration and security controls, so the challenge is to maintain consistency across both, even though the tools you use – such as your nifty next generation firewall – might not work the same (if at all) in both environments.
Presented by AlgoSec and Rich Mogull, Analyst and CEO at Securosis, this webinar explains how cloud network security is different, and how to pragmatically manage it for both pure cloud and hybrid cloud networks. We will start with some background material and Cloud Networking 101, then move into cloud network security controls, and specific recommendations on how to use and manage them in a hybrid environment.
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...AlgoSec
Public clouds such as Amazon Web Services (AWS) are a critical part of your hybrid network. It is important to keep out the bad guys (including untrusted insiders) and proactively secure your entire hybrid network.
From SIEM to SOC: Crossing the Cybersecurity ChasmPriyanka Aash
You own a SIEM, but to be secure, you need a Security Operations Center! How do you cross the chasm? Do you hire staff or outsource? And what skills are needed? Mike Ostrowski, a cybersecurity industry veteran, will review common pitfalls experienced through the journey from SIEM to SOC, the pros and cons of an all in-house SOC vs. outsourcing, and the benefits of a hybrid SOC model.
Learning Objectives:
1: You own a SIEM, but to be secure, you need a SOC. How do you cross the chasm?
2: What are the pros and cons of in-house, fully managed and hybrid security?
3: What considerations go into deciding whether to employ a hybrid strategy?
(Source: RSA Conference USA 2018)
Overview of Google’s BeyondCorp Approach to SecurityPriyanka Aash
Need a different approach – Google BeyondCorp Principles:
- Connecting from a particular network must not determine your trust level
- Access to service is granted based on what we know about you and your device
- All access to services must be Authenticated, Authorized and Encrypted
- Zero-Trust Model
A successful cyber attack on a plant’s Industrial Control Systems (ICS) can be catastrophic. It can impact the plant’s operations, finances, damage reputation and even threaten lives. A resilient cyber security programme is essential in order to mitigate against potential cyber attacks. To help ensure that your plant is fully prepared to defend against potential cyber attacks, we provide a range of ICS Cyber Security services, each customised for your plant’s unique requirements, based on the latest international cyber security standards and best practice. Pöyry is active in designing, assessing and supervising the implementation of ICS cyber security programmes to both operating and greenfield facilities.
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.Scalar Decisions
Simon Wong and Chris Cram, Scalar security experts, discuss how Palo Alto Networks technology disrupts the entire malware kill chain. Attendees will also gain insight on flexible deployment options to better serve their mobile users, and how to get the most out of their Palo Alto Networks deployment.
Supply Chain Threats to the US Energy SectorKaspersky
This presentation by Cynthia James discusses steps to take towards cyber-securing the supply chain of Energy sector organizations in the U.S. From the biggest challenges to a review of regulation and compliance guidelines, this deck covers three areas of Energy: nuclear, electric and "other".
Cynthia James is a CISSP (Certified Information Systems Security Professional) and frequent presenter for the TABD group at Kaspersky Lab, global provider of cybersecurity solutions. With 9 years of experience in the cybersecurity space, Cynthia is a regular speaker on the subject and has authored a book on cybercrime: “Stop Cybercrime from Ruining Your Life".
There are many threats to cloud security. The main treats arise from account hijacking, data breaches, inadequate cloud security architecture and strategy, insecure interfaces and APIs, insider threats, limited visibility with regard to cloud usage etc.
Cloud summit demystifying cloud securityDavid De Vos
During this session we’ll cover the key solutions and steps to securing a cloud environment.
We’ll cover policy creation, security posture management & cybersecurity incident analysis. You’ll see how compliance is made easy in the cloud and how continuous monitoring works. We’ll explain how multi-cloud security works as well!
As we walk through the solutions, we’ll share some best practices and use cases from our experience.
Cybersecurity roadmap : Global healthcare security architecturePriyanka Aash
Using NIST cybersecurity framework, one of the largest healthcare IT firms in the US developed the global security architecture and roadmap addressing security gaps by architecture domain and common security capability. This session will discuss the architecture framework, capability matrix, the architecture development methodology and key deliverables.
(Source : RSA Conference USA 2017)
When to Implement a Vulnerability Assessment or Pen Test | IT Security & Risk...Cam Fulton
Learn how to evaluate risk, what the differences are between vulnerability assessments and penetration tests, and when to implement both.
Presented by AWA International, a division of I.S. Partners, LLC https://www.ispartnersllc.com/awa-international-group/
Data security solutions_Baltics_IBM_QRadar_SIEM_Use_Cases_28.01.2014Andris Soroka
Presentation from "International Data Protection Day" IT Security seminary on 28th of January, 2014, organized by "Data Security Solutions", IBM Security Systems partner in the Baltic States.
How to Solve Your Top IT Security Reporting Challenges with AlienVaultAlienVault
Watch this on-demand webast to learn how to acheive security compliance with AlienVault Unified Security Management (USM): https://www.alienvault.com/resource-center/webcasts/how-to-solve-your-top-it-security-reporting-challenges-with-alienvault?utm_medium=Social&utm_source=SlideShare&utm_campaign=solve-it-compliance-usm-webinar
Learn how you can take your on-premises and cloud security to the next level with a free online demo at: https://www.alienvault.com/products/usm-anywhere/demo?utm_medium=Social&utm_source=SlideShare&utm_campaign=solve-it-compliance-usm-webinar
A Pragmatic Approach to Network Security Across Your Hybrid Cloud EnvironmentAlgoSec
How we think about and architect network security has stayed fairly constant for quite some time.
Until we moved to the cloud.
Things may look the same on the surface, but dig a little deeper and you quickly realize that network security for cloud computing and hybrid networks requires a different mindset, different tools, and a new approach. Hybrid networks complicate management, both in your data center and in the cloud. Each side uses a different basic configuration and security controls, so the challenge is to maintain consistency across both, even though the tools you use – such as your nifty next generation firewall – might not work the same (if at all) in both environments.
Presented by AlgoSec and Rich Mogull, Analyst and CEO at Securosis, this webinar explains how cloud network security is different, and how to pragmatically manage it for both pure cloud and hybrid cloud networks. We will start with some background material and Cloud Networking 101, then move into cloud network security controls, and specific recommendations on how to use and manage them in a hybrid environment.
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...AlgoSec
Public clouds such as Amazon Web Services (AWS) are a critical part of your hybrid network. It is important to keep out the bad guys (including untrusted insiders) and proactively secure your entire hybrid network.
Alcatel-Lucent Tech Symposium 2013: SDN: Innovating for Growth with Nuage Net...Nuage Networks
At the Alcatel-Lucent Tech Symposium in November 2013: Sunil Khandekar, CEO, Nuage Networks presented "SDN: Innovating for Growth with Nuage Networks." Nuage Networks launched itself into the market in April 2013. What’s happened since then? How are the trials progressing? How are people using software defined network technology and how fast will we see take up in the industry?
Cisco Cloud Connect Solutions Extend Your Private Network to AWS and Maintain...Amazon Web Services
Cloud Connect is a key component of the Cisco hybrid cloud portfolio. In this session, we review how Cloud Connect solutions can securely extend your private network to the AWS Cloud and ensure the application experience. The products we cover include the CSR1000v and vEdge with Umbrella integration.
Succeeding with Secure Access Service Edge (SASE)Cloudflare
With the emergence of the Secure Access Service Edge (SASE), network and security professionals are struggling to build a migration plan for this new platform that adapts to the distributed nature of users and data.
SASE promises to reduce complexity and cost, improve performance, increase accessibility and enhance security. The question is: How do you gain these benefits as you work towards implementing a SASE architecture? View to learn:
-Why SASE should be less complicated than many vendors are making it
-What to look for when evaluating a migration to a SASE platform
-A 3 month, 6 month, and 12 month roadmap for implementation
-How Cloudflare One, a purpose-built SASE platform, delivers on these promised benefits
Learn How Salesforce used ADCs for App Load Balancing for an International Ro...Amazon Web Services
Organizations use application delivery controllers (ADCs) to ensure that their most important applications receive the best performance across their network. In this session, you learn how and why Salesforce used the F5 BIG-IP platform, an ADC solution from AWS Marketplace, during a migration to AWS. To preserve an existing skillset within their business, Salesforce chose AWS Marketplace to first evaluate the solution on the AWS platform before ultimately selecting it as part of their international rollout. You see how BIG-IP performs application routing and security, and how it works with existing AWS networking solutions to provide a consistent experience for domestic and international rollouts. You also learn how Salesforce successfully used the AWS Marketplace Private Offers program to procure an enterprise license and consolidate the expenditure onto their AWS bill.
MSC202_Learn How Salesforce Used ADCs for App Load Balancing for an Internati...Amazon Web Services
Organizations use application delivery controllers (ADCs) to ensure that their most important applications receive the best performance across their network. In this session, you learn how and why Salesforce used the F5 BIG-IP platform, an ADC solution from AWS Marketplace, during a migration to AWS. To preserve an existing skillset within their business, Salesforce chose AWS Marketplace to first evaluate the solution on the AWS platform before ultimately selecting it as part of their international rollout. You see how BIG-IP performs application routing and security, and how it works with existing AWS networking solutions to provide a consistent experience for domestic and international rollouts. You also learn how Salesforce successfully used the AWS Marketplace Private Offers program to procure an enterprise license and consolidate the expenditure onto their AWS bill.
Policy Based SDN Solution for DC and Branch Office by Suresh Boddapatibuildacloud
In this talk Suresh will discuss how Nuage Networks Virtualized Services Platform (VSP) helps overcome the challenges that cloud service providers and large enterprises face delivering, and managing, large multi-tenant clouds. He will discuss how Nuage Networks delivers a massively scalable SDN solution that ensures that datacenters, and wide area networks, are able to respond instantly to demand, and are boundary-less. The talk will also provide an overview of the SDN capabilities that Nuage VSP adds to CloudStack.
Bio
Suresh is the VP of Engineering at Nuage Networks. He has over 19 years experience in software development, building great teams and delivering high quality software. As the first engineer at Nuage Networks, Suresh played a key role in shaping the architecture of the Nuage Virtualized Services Platform (VSP). Suresh’s experience includes extensive protocol development, having developed IP routing and multicast protocols from scratch and deploying them in large ISPs. Suresh was part of the original TiMetra team before becoming part of Alcatel Lucent as Principal Engineer. He then took a role as Director of Engineering at Juniper where he worked on their QFabric product. Earlier in his career, Suresh worked in software engineering at Shasta Networks (Nortel acquired) as well as Fore Systems (Marconi, Ericsson acquired).
SDN's managing security across the virtual network finalAlgoSec
Software defined networks (SDNs) offer an agile and scalable network option, yet the lack of visibility presents a huge challenge for the security and network operations teams who need to secure and manage it.
Join Omer Ganot, Product Manager at AlgoSec, for this technical webinar on best practices for managing security across the SDN environment.
Key topics include:
• How to securely discover, map and migrate application connectivity to the SDN
• Holistically managing the entire hybrid SDN, cloud and on-premise enterprise network through a single pane of glass
• Assessing risk and compliance cohesively for the entire end-to-end enterprise environment, including SDN
• Best practices for managing security policies across Cisco ACI, VMware NSX and OpenStack
• Tips and tricks to avoid the pitfalls when managing east-west and north-south security policies
In this session, we review how the combined use of Amazon Web Services native tools, advanced modeling, and machine learning techniques can simplify many of the hardest security problems that are within the customer’s responsibility. Join us as we explore how services like Amazon Virtual Private Cloud flow logs, AWS CloudTrail, and Amazon Inspector combine to enable highly automated, scalable, and comprehensive security for your AWS applications. Learn how to effectively harness the data provided by AWS for security, and understand how Cisco Stealthwatch Cloud and AWS create an integrated, effective security solution.
Azure Arc is a solution that simplifies management across different hybrid clouds or multi-clouds. Azure Arc extends Azure management and security beyond the walls of Azure to other cloud platforms or on-premises environments enabling you to make use of Azure services to manage infrastructure at these environments. In this session, you will be introduced to Azure Arc, why should you use it and how to make use of it in different scenarios.
Selecting the Best VPC Network Architecture (CPN208) | AWS re:Invent 2013Amazon Web Services
Which is better: a single VPC with multiple subnets or multiple accounts with many VPCs? Should you simplify management with a single VPC or use multiple VPCs to lessen the blast radius of network changes? In this session, we hear from customers who've implemented each approach and discuss how they addressed management, security, and connectivity for their Amazon EC2 environments.
PCI compliance is a steep enough challenge, but what happens when your entire infrastructure is in AWS? Do the same concepts of network segmentation and separation apply, and if so how? At what point do AWS compliance efforts intersect with your compliance efforts? This session will cover how Warren Rogers Associates is using the Palo Alto Networks VM-Series for AWS to maintain separation of data and traffic in AWS to improve security and achieve PCI compliance.
Warren Rogers Associates pioneered the development of Statistical Inventory Reconciliation Analysis (SIRA) and Continual Reconciliation for monitoring underground fuel tanks and associated lines. These methods are certified in accordance with EPA requirements and have been used by petroleum marketers for more than 25 years. Today, Warren Rogers specializes in statistical analysis and precision fuel system diagnostics for the retail petroleum industry and develops innovative ways to identify and combat fuel shrinkage and theft. Session sponsored by Palo Alto Networks.
Digital Personal Data Protection (DPDP) Practical Approach For CISOsPriyanka Aash
Key Discussion Pointers:
1. Introduction to Data Privacy
- What is data privacy
- Privacy laws around the globe
- DPDPA Journey
2. Understanding the New Indian DPDPA 2023
- Objectives
- Principles of DPDPA
- Applicability
- Rights & Duties of Individuals
- Principals
- Legal implications/penalties
3. A practical approach to DPDPA compliance
- Personal data Inventory
- DPIA
- Risk treatment
It covers popular IaaS/PaaS attack vectors, list them, and map to other relevant projects such as STRIDE & MITRE. Security professionals can better understand what are the common attack vectors that are utilized in attacks, examples for previous events, and where they should focus their controls and security efforts.
Discuss Security Incidents & Business Use Case, Understanding Web 3 Pros
and Web 3 Cons. Prevention mechanism and how to make sure that it doesn’t happen to you?
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Priyanka Aash
Round Table Discussion On "Emerging New Threats And Top CISO Priorities In 2022"_ Bangalore
Date - 28 September, 2022. Decision Makers of different organizations joined this discussion and spoke on New Threats & Top CISO Priorities
The Internet is home to seemingly infinite amounts of confidential and personal information. As a result of this mass storage of information, the system needs to be constantly updated and enforced to prevent hackers from retrieving such valuable and sensitive data. This increasing number of cyber-attacks has led to an increasing importance of Ethical Hacking. So Ethical hackers' job is to scan vulnerabilities and to find potential threats on a computer or networks. An ethical hacker finds the weakness or loopholes in a computer, web applications or network and reports them to the organization. It requires a thorough knowledge of Networks, web servers, computer viruses, SQL (Structured Query Language), cryptography, penetration testing, Attacks etc. In this session, you will learn all about ethical hacking. You will understand the what ethical hacking, Cyber- attacks, Tools and some hands-on demos. This session will also guide you with the various ethical hacking certifications available today.
Introduction of Ethical Hacking, Life cycle of Hacking, Introduction of Penetration testing, Steps in Penetration Testing, Foot printing Module, Scanning Module, Live Demos on Finding Vulnerabilities a) Bypass Authentication b) Sql Injection c) Cross site Scripting d) File upload Vulnerability (Web Server Hacking) Countermeasures of Securing Web applications
Bring out the hacker in you by trying out Security Innovation’s Hacking CyberRange – specially designed web applications with real world vulnerabilities. A parallel class session will also teach novices about how to uncover simple vulnerabilities and evolve into uncovering more complex vulnerabilities. You can simply sit and learn or get straight to hacking our application or follow along and do both. Live scores of participants will be displayed.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
"Impact of front-end architecture on development cost", Viktor TurskyiFwdays
I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Knowledge engineering: from people to machines and back
Cloud Security: Limitations of Cloud Security Groups and Flow Logs
1. Best Of The World In Security Conference
Best Of The World In Security
12-13 November 2020
Cloud Security
Limitations of Cloud Security Groups and Flow logs
Avishag Daniely
Guardicore
S. Director of Product Marketing
@avishugz
2. Best Of The World In Security Conference
Boulderer,
Painter,
Yogarer,
Dog lover
Fluent in 3
languages +
Learning
Chinese
Cyber Geek for
11+ years,
Passion for
Products,
Marketing and
Growth
About Me
3. Best Of The World In Security Conference
Agenda
• The shift away from perimeters
• Top Cloud Security Threats
• Azure Terminology
• NSGs and ASGs
• Cloud Security Groups
• Flow Logs
• Limitations - Scenario Deep Dives
• Single vNet
• Multi vNet
• Multi Cloud
• AWS Security Groups and ACLs
4. Best Of The World In Security Conference
We now live in a world with no defined
perimeters
5. Best Of The World In Security Conference
We are in the era of hybrid-cloud
You own it: bare metals, routers,
access switches
1993
Internet is more popular than ever,
Facebook and Google emerge, SSL is
the thing
2005
The cloud is born. You no longer
own all the infrastructure
2006–2010
Containers are introduced to the
world
2013
Data centers are hybrid. Virtual,
Cloud, Bare Metal, serverless, VDI,
laptops, DaaS - people work from
Anywhere and everywhere
2021
6. Best Of The World In Security Conference
90% OF BUSINESS ARE IN THE
CLOUD
45% OF INFECTION VECTORS ARE
BASED ON CLOUD APPLICATIONS
Based on 451 Based on X-Force
7. Best Of The World In Security Conference
Access
Management
Network
Misconfigurations
Data Breaches
and Data Leaks
Insecure APIs Data Loss
Top Cloud Security Threats
8. Best Of The World In Security Conference
Some Concepts
9. Best Of The World In Security Conference
VNET vs VPC
VNET – AZURE VPC – AWS
More info here
10. Best Of The World In Security Conference
Cloud Security Groups
11. Best Of The World In Security Conference
Source: arcitura
12. Best Of The World In Security Conference
Azure Security Groups
13. Best Of The World In Security Conference
Azure Security Groups
The
difference
NSG is the Azure Resource that you will use to enforce and
control the network traffic with
ASG is an object reference within a Network Security Group.
ASG & NSG
NSG’s (Network Security Group) & ASG’s (Application Security
Group) are used to administrate and control network traffic
within a virtual network (vNET).
14. Best Of The World In Security Conference
NSGs
NSG’s control access by permitting or
denying network traffic
Between different workloads on a vNET
From on-site environment into Azure
Directly from the internet
Theoretically: NSGs are a group of ACL rules that either allow or deny network
traffic to a specific destination located on your vNET.
All traffic entering or leaving your Azure network can be processed via the NSG
They can be applied either on a virtual machine or subnet (one NSG can be
applied to multiple subnets or virtual machines)
15. Best Of The World In Security Conference
ASGs
Used within an NSG to apply a
network security rule to a specific
workload or group of VMs
Typically used for
scalability
Creating the virtual
machine and assigning
it to an ASG will provide
it with all the NSG rules
in place for that specific
ASG
16. Best Of The World In Security Conference
Limitations in a single vNet
17. Best Of The World In Security Conference
Simulation
Time –
Application
Migration
to Azure
Our Goal:
Migrate App SWIFT to Azure
Azure setup:
Single vNet – subnet 10.0.2.0/24
vNet region – Brazil
NSG assigned to our vNet
ASGs assigned per Server roles
18. Best Of The World In Security Conference
• The NSG
• The ASGs
19. Best Of The World In Security Conference
What this looks like
Brazil Customer vNet –
NSG assigned
swift-all
swift-apps
swift-DBS
swift-LBS
20. Best Of The World In Security Conference
Following NSG rules were set:
• Load Balancers to Web Servers, over specific ports, allow
• Web Servers to Databases, over specific ports, allow
• Deny all else between SWIFT servers.
21. Best Of The World In Security Conference
What this looks like
Brazil Customer vNet –
NSG assigned
swift-all
swift-apps
swift-DBS
swift-LBS
22. Best Of The World In Security Conference
The problem
A critical backup operation fails What can be the cause?
A configuration issue within the application, not
policy related at all.
The ASGs are misconfigured while NSGs are
configured correctly.
The ASGs are configured correctly but the NSGs
are misconfigured.
23. Best Of The World In Security Conference
Flow Logs
24. Best Of The World In Security Conference
Flow log
limitations
• Dynamic IPs make it nearly impossible to
track changes
• Needle in a haystack – with no context of
time or which server is the culprit
• No Security Groups affect on traffic, only
blocked indication, but by which rule?
• No application or user context – only Ips
and ports
25. Best Of The World In Security Conference
Simulation
Time –
Let’s block
threats
Our Goal:
Block Telnet & Insecure FTP
Block a malware propegation
Azure setup (same):
Single vNet – subnet 10.0.2.0/24
vNet region – Brazil
NSG assigned to our vNet
ASGs assigned per Server roles
26. Best Of The World In Security Conference
Security Group
limitations
• Block Telnet – Block over port 23
• Block FTP – HOW?
• 21 not enough
• What about dynamic high ports?
• Block malware propagation – HOW?
• Ports? Not good enough
• No application aware policies!
• No process level policies!
27. Best Of The World In Security Conference
Limitation in multiple vNets
28. Best Of The World In Security Conference
Simulation
Time –
Policies
between
applications,
between
VNets
Our Goal:
Security Policies between CMS to Billing
and SWIFT
Azure setup:
2 vNets
vNet1 region – Brazil
vNet2 region - West Europe
NSG assigned to each vNet
ASG assigned per app
29. Best Of The World In Security Conference
• The NSG
• The ASGs
30. Best Of The World In Security Conference
Brazil Customer vNet
App_Swift
Billing_all
West Europe Customer vNet
CMS_ALL_Servers
31. Best Of The World In Security Conference
What’s our goal?
Allow CMS over port 80 to SWIFT
and Billing
Block all other port 80
32. Best Of The World In Security Conference
The problem
Would it be possible to create a rule with an
ASG for the CMS App servers to the SWIFT &
Billing applications even though they are in
separate vNets?
34. Best Of The World In Security Conference
According to Azure documentation
Each subscription in Azure is assigned to a specific, single, region.
Multiple subscriptions cannot share the same vNet.
NSGs can only be applied within a vNet.
35. Best Of The World In Security Conference
documentation
“If you specify an application security group as the source and
destination in a security rule, the network interfaces in both application
security groups must exist in the same virtual network. For example, if
AsgLogic contained network interfaces from VNet1, and
AsgDbcontained network interfaces from VNet2, you could not assign
AsgLogic as the source and AsgDb as the destination in a rule. All
network interfaces for both the source and destination application
security groups need to exist in the same virtual network.”
36. Best Of The World In Security Conference
It is not possible to create policies for
applications spanning vNets or Regions!
37. Best Of The World In Security Conference
Limitation in multi-cloud
38. Best Of The World In Security Conference
Simulation
Time –
Application
Migration
from Azure
to AWS
Our Goal:
Migrate App CMS from Azure to AWS
Azure setup:
2 vNets, Brazil & West Europe
AWS setup:
Single VPC
39. Best Of The World In Security Conference
• The NSG
• The ASGs
40. Best Of The World In Security Conference
• The rules
41. Best Of The World In Security Conference
Migrating The policy Rules from Azure to
AWS
Deny rules in Azure Security Groups must be translated into
either:
• Allow rules for all other traffic in AWS security groups
• Network layer deny rules in AWS access control lists (ACLs).
42. Best Of The World In Security Conference
AWS ACLs & Sec Groups
Sec Groups
Security groups are applied at the EC2 level and are tied to an asset,
not an IP. They only enable whitelisting traffic and are stateful. This is
the first layer of defense; thus traffic must be allowed by Security
Groups to then be analyzed by an ACL.
ACLs
Access control lists are applied at the VPC level, thus are directly tied
to IPs. They support both allow and deny rules, but as they are tied to
specific IPs, they do not support blocking by application context. They
are not stateful and thus are not valid for compliance requirements.
43. Best Of The World In Security Conference
AWS security
groups vs ACLs
Security groups
• do not support blacklisting functionalities and
only enable whitelisting
ACLs
• support both deny and allow rules but are
tied to an IP address within a VPC, enabling
blocking only static IPs or a whole subnet
44. Best Of The World In Security Conference
Simulation
Time –
Policies
cross cloud
Our Goal:
Accounting App in AWS must access ONLY
the Billing App in Azure (and no other app in
azure)
Azure setup:
2 vNets, Brazil & West Europe
AWS setup:
Single VPC, London
45. Best Of The World In Security Conference
The
problem
Cloud providers’ native tools do not offer full
support for other providers’ clouds, which can
limit their usability in multicloud environments
46. Best Of The World In Security Conference
Security
Groups
Limitations Azure and AWS Security Groups or ACLs
enable controlling cross-cloud traffic based
only on the public IPs of the cloud
providers
47. Best Of The World In Security Conference
Sum Up -
Limitations
Azure Security Groups & Flow logs
• Limited visibility
• No policy simulation or indication of impact on traffic
• NSGs can only be applied within a Vnet
• Multiple subscriptions cannot share the same VNet
• To allow connections between clouds, one must permit
the whole cloud range to communicate
• Default NSGs are set in a permissive mode from day 1
• ASGs are assigned to assets by IPs. What if the ip is
dynamic? needs to change?
48. Best Of The World In Security Conference
Sum Up -
Limitations
AWS Security Groups & ACLs
• Limited visibility
• No policy simulation or indication of impact on
traffic
• Security groups only enable Allow, no deny
• AWS ACLs support both deny and allow
rules, but are tied to an IP address within a
VPC in AWS, enabling blocking only static
IPs or a whole subnet
49. Best Of The World In Security Conference
Thank You!
@avishugz
avishag-daniely