SlideShare a Scribd company logo

CybelAngel - Top 10 tips to avoid being the next big data leak

T
Thomas Garnier

Slide from Tanker.io meetup : (Cyber)Security for Software Engineers ! Thanks again guys for inviting us !

Technology
1 of 11
Download to read offline
Top 10 tips to avoid being the next big Data Leak (Cyber)Security for Software Engineers, Topito style...
Thomas Garnier Head of Product @ CybelAngel since 2014 Academics in software engineering Switched to the Dark side (they had cookies) Who ? Gilles d’Arco CTO First employee @ CybelAngel Lived in China, Tunisia and now in Nantes Lua Programmer from time to time
European company created in 2013 Over 50 employees Proprietary technology We detect data leaks and attacks
Where exactly do we find the data ? Clear Web Social networks, forums, paste sites ... Dark Web Everything on Tor-like networks : markets, message boards, etc. Connected Storage Unprotected connected storage devices
Data Leak 90% of data leaks come from third parties
See it’s not just one...
And we detect data leak for our clients everyday... We will show you real life examples, and we’ll try to learn something from it !
Wrap up ! 1 Don’t share access points like chats, proxy, VPNs online (even if they are secured) 2 Don’t hard code your secret keys 3 Don’t store passwords unencrypted 4 Don’t use public Github as cloud storage 5 Apply the same (good) security policy on prod and test environment 6 Ensure that all databases require authentication 7 Never do non-encrypted backups (especially for active directory) 8 Change the default passwords of your FTP/SMB/etc 9 Make sure your cloud configuration is not open by default
But most importantly ... 10 Don’t be too paranoid, keep building awesome stuffs ! True, but a bit cheesy though ….
CybelAngel is hiring ! Talk to Gilles or Thomas Thanks everyone :)

Recommended

PhD-Guidance-in-Information-Security
PhD-Guidance-in-Information-SecurityPhD-Guidance-in-Information-Security
PhD-Guidance-in-Information-SecurityPhdtopiccom
 
Antivirus offer
Antivirus offerAntivirus offer
Antivirus offerantivirus12345
 
Antivirus offer
Antivirus offerAntivirus offer
Antivirus offerantivirus12345
 
PhD-Guidance-in-Security
PhD-Guidance-in-SecurityPhD-Guidance-in-Security
PhD-Guidance-in-SecurityPhdtopiccom
 
Cisco security
Cisco securityCisco security
Cisco securityankitha anu
 
Informe CLIL i video Comunicació.
Informe CLIL i video Comunicació.Informe CLIL i video Comunicació.
Informe CLIL i video Comunicació.lluís nater
 
Ethical Hacking Workshop is an essential for hackers
Ethical Hacking Workshop is an essential for hackersEthical Hacking Workshop is an essential for hackers
Ethical Hacking Workshop is an essential for hackerstechnoxian
 
Emad Farahzadi Signiture
Emad Farahzadi SignitureEmad Farahzadi Signiture
Emad Farahzadi SignitureEMADEDDIN NEMATOLLAH FARAHZADI
 

Recommended

PhD-Guidance-in-Information-Security
PhD-Guidance-in-Information-SecurityPhD-Guidance-in-Information-Security
PhD-Guidance-in-Information-SecurityPhdtopiccom
 
Antivirus offer
Antivirus offerAntivirus offer
Antivirus offerantivirus12345
 
Antivirus offer
Antivirus offerAntivirus offer
Antivirus offerantivirus12345
 
PhD-Guidance-in-Security
PhD-Guidance-in-SecurityPhD-Guidance-in-Security
PhD-Guidance-in-SecurityPhdtopiccom
 
Cisco security
Cisco securityCisco security
Cisco securityankitha anu
 
Informe CLIL i video Comunicació.
Informe CLIL i video Comunicació.Informe CLIL i video Comunicació.
Informe CLIL i video Comunicació.lluís nater
 
Ethical Hacking Workshop is an essential for hackers
Ethical Hacking Workshop is an essential for hackersEthical Hacking Workshop is an essential for hackers
Ethical Hacking Workshop is an essential for hackerstechnoxian
 
Emad Farahzadi Signiture
Emad Farahzadi SignitureEmad Farahzadi Signiture
Emad Farahzadi SignitureEMADEDDIN NEMATOLLAH FARAHZADI
 
Tips to make it security robust against ransomware or malware
Tips to make it security robust against ransomware or malwareTips to make it security robust against ransomware or malware
Tips to make it security robust against ransomware or malwareMultiTech IT
 
Cybersecurity Awareness Training Presentation v1.0
Cybersecurity Awareness Training Presentation v1.0Cybersecurity Awareness Training Presentation v1.0
Cybersecurity Awareness Training Presentation v1.0DallasHaselhorst
 
English Curriculum Csirt
English Curriculum CsirtEnglish Curriculum Csirt
English Curriculum Csirtfrancisco_monserrat
 
Web profile
Web profileWeb profile
Web profileNuuko, Inc.
 
Cyber security
Cyber securityCyber security
Cyber securityИрина Шевченко
 
Progress towards security in the Cloud-Héctor Sánchez, Microsoft
Progress towards security in the Cloud-Héctor Sánchez, MicrosoftProgress towards security in the Cloud-Héctor Sánchez, Microsoft
Progress towards security in the Cloud-Héctor Sánchez, MicrosoftMind the Byte
 
Innovative Security Group Official Flyer
Innovative Security Group Official FlyerInnovative Security Group Official Flyer
Innovative Security Group Official FlyerPaul Mashauri
 
Cybersecurity Awareness Training Presentation v1.1
Cybersecurity Awareness Training Presentation v1.1Cybersecurity Awareness Training Presentation v1.1
Cybersecurity Awareness Training Presentation v1.1DallasHaselhorst
 
1st Russian CSO Summit Trends 2008
1st Russian CSO Summit Trends 20081st Russian CSO Summit Trends 2008
1st Russian CSO Summit Trends 2008Anton Chuvakin
 
Cybersecurity Awareness Training
Cybersecurity Awareness TrainingCybersecurity Awareness Training
Cybersecurity Awareness TrainingDave Monahan
 
Ciberseguridad: Enemigos o defraudadores (MAGISTRAL)
Ciberseguridad: Enemigos o defraudadores (MAGISTRAL)Ciberseguridad: Enemigos o defraudadores (MAGISTRAL)
Ciberseguridad: Enemigos o defraudadores (MAGISTRAL)Cristian Garcia G.
 
WhiteHound - Patch your code in the cloud
WhiteHound - Patch your code in the cloudWhiteHound - Patch your code in the cloud
WhiteHound - Patch your code in the cloudWegilant
 
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)Avansa Mid- en Zuidwest
 
Information Security - A Discussion
Information Security - A DiscussionInformation Security - A Discussion
Information Security - A DiscussionKaushik Patra
 
Heavy Chef Session - Justin Stanford's presentation on Online Security
Heavy Chef Session - Justin Stanford's presentation on Online SecurityHeavy Chef Session - Justin Stanford's presentation on Online Security
Heavy Chef Session - Justin Stanford's presentation on Online SecurityHeavy Chef
 
World of Signals - Devices - Connectivity - Signals - RF - Cyber Security.
World of Signals - Devices - Connectivity - Signals - RF - Cyber Security.World of Signals - Devices - Connectivity - Signals - RF - Cyber Security.
World of Signals - Devices - Connectivity - Signals - RF - Cyber Security.Jan Geirnaert
 
ITrust Company Overview EN
ITrust Company Overview ENITrust Company Overview EN
ITrust Company Overview ENITrust - Cybersecurity as a Service
 
CryptoParty Belfast July 2015 Online Privacy Tips
CryptoParty Belfast July 2015 Online Privacy Tips CryptoParty Belfast July 2015 Online Privacy Tips
CryptoParty Belfast July 2015 Online Privacy Tipspgmaynard
 
Hamza
HamzaHamza
HamzaHamzaBaqee
 
Telecom security issues (Raoul Chiesa, day 1 )
Telecom security issues (Raoul Chiesa, day 1 ) Telecom security issues (Raoul Chiesa, day 1 )
Telecom security issues (Raoul Chiesa, day 1 ) ClubHack
 
Avoid embarrassing press by designing secure IoT products with Misha Seltzer
Avoid embarrassing press by designing secure IoT products with Misha SeltzerAvoid embarrassing press by designing secure IoT products with Misha Seltzer
Avoid embarrassing press by designing secure IoT products with Misha SeltzerProduct of Things
 
Cyber Security Awareness Program.pptx
Cyber Security Awareness Program.pptxCyber Security Awareness Program.pptx
Cyber Security Awareness Program.pptxDinesh582831
 

More Related Content

What's hot

Tips to make it security robust against ransomware or malware
Tips to make it security robust against ransomware or malwareTips to make it security robust against ransomware or malware
Tips to make it security robust against ransomware or malwareMultiTech IT
 
Cybersecurity Awareness Training Presentation v1.0
Cybersecurity Awareness Training Presentation v1.0Cybersecurity Awareness Training Presentation v1.0
Cybersecurity Awareness Training Presentation v1.0DallasHaselhorst
 
Progress towards security in the Cloud-Héctor Sánchez, Microsoft
Progress towards security in the Cloud-Héctor Sánchez, MicrosoftProgress towards security in the Cloud-Héctor Sánchez, Microsoft
Progress towards security in the Cloud-Héctor Sánchez, MicrosoftMind the Byte
 
Innovative Security Group Official Flyer
Innovative Security Group Official FlyerInnovative Security Group Official Flyer
Innovative Security Group Official FlyerPaul Mashauri
 
Cybersecurity Awareness Training Presentation v1.1
Cybersecurity Awareness Training Presentation v1.1Cybersecurity Awareness Training Presentation v1.1
Cybersecurity Awareness Training Presentation v1.1DallasHaselhorst
 
1st Russian CSO Summit Trends 2008
1st Russian CSO Summit Trends 20081st Russian CSO Summit Trends 2008
1st Russian CSO Summit Trends 2008Anton Chuvakin
 
Cybersecurity Awareness Training
Cybersecurity Awareness TrainingCybersecurity Awareness Training
Cybersecurity Awareness TrainingDave Monahan
 
Ciberseguridad: Enemigos o defraudadores (MAGISTRAL)
Ciberseguridad: Enemigos o defraudadores (MAGISTRAL)Ciberseguridad: Enemigos o defraudadores (MAGISTRAL)
Ciberseguridad: Enemigos o defraudadores (MAGISTRAL)Cristian Garcia G.
 
WhiteHound - Patch your code in the cloud
WhiteHound - Patch your code in the cloudWhiteHound - Patch your code in the cloud
WhiteHound - Patch your code in the cloudWegilant
 

What's hot (12)

Tips to make it security robust against ransomware or malware
Tips to make it security robust against ransomware or malwareTips to make it security robust against ransomware or malware
Tips to make it security robust against ransomware or malware
 
Cybersecurity Awareness Training Presentation v1.0
Cybersecurity Awareness Training Presentation v1.0Cybersecurity Awareness Training Presentation v1.0
Cybersecurity Awareness Training Presentation v1.0
 
English Curriculum Csirt
English Curriculum CsirtEnglish Curriculum Csirt
English Curriculum Csirt
 
Web profile
Web profileWeb profile
Web profile
 
Cyber security
Cyber securityCyber security
Cyber security
 
Progress towards security in the Cloud-Héctor Sánchez, Microsoft
Progress towards security in the Cloud-Héctor Sánchez, MicrosoftProgress towards security in the Cloud-Héctor Sánchez, Microsoft
Progress towards security in the Cloud-Héctor Sánchez, Microsoft
 
Innovative Security Group Official Flyer
Innovative Security Group Official FlyerInnovative Security Group Official Flyer
Innovative Security Group Official Flyer
 
Cybersecurity Awareness Training Presentation v1.1
Cybersecurity Awareness Training Presentation v1.1Cybersecurity Awareness Training Presentation v1.1
Cybersecurity Awareness Training Presentation v1.1
 
1st Russian CSO Summit Trends 2008
1st Russian CSO Summit Trends 20081st Russian CSO Summit Trends 2008
1st Russian CSO Summit Trends 2008
 
Cybersecurity Awareness Training
Cybersecurity Awareness TrainingCybersecurity Awareness Training
Cybersecurity Awareness Training
 
Ciberseguridad: Enemigos o defraudadores (MAGISTRAL)
Ciberseguridad: Enemigos o defraudadores (MAGISTRAL)Ciberseguridad: Enemigos o defraudadores (MAGISTRAL)
Ciberseguridad: Enemigos o defraudadores (MAGISTRAL)
 
WhiteHound - Patch your code in the cloud
WhiteHound - Patch your code in the cloudWhiteHound - Patch your code in the cloud
WhiteHound - Patch your code in the cloud
 

Similar to CybelAngel - Top 10 tips to avoid being the next big data leak

OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)Avansa Mid- en Zuidwest
 
Information Security - A Discussion
Information Security - A DiscussionInformation Security - A Discussion
Information Security - A DiscussionKaushik Patra
 
Heavy Chef Session - Justin Stanford's presentation on Online Security
Heavy Chef Session - Justin Stanford's presentation on Online SecurityHeavy Chef Session - Justin Stanford's presentation on Online Security
Heavy Chef Session - Justin Stanford's presentation on Online SecurityHeavy Chef
 
World of Signals - Devices - Connectivity - Signals - RF - Cyber Security.
World of Signals - Devices - Connectivity - Signals - RF - Cyber Security.World of Signals - Devices - Connectivity - Signals - RF - Cyber Security.
World of Signals - Devices - Connectivity - Signals - RF - Cyber Security.Jan Geirnaert
 
CryptoParty Belfast July 2015 Online Privacy Tips
CryptoParty Belfast July 2015 Online Privacy Tips CryptoParty Belfast July 2015 Online Privacy Tips
CryptoParty Belfast July 2015 Online Privacy Tipspgmaynard
 
Telecom security issues (Raoul Chiesa, day 1 )
Telecom security issues (Raoul Chiesa, day 1 ) Telecom security issues (Raoul Chiesa, day 1 )
Telecom security issues (Raoul Chiesa, day 1 ) ClubHack
 
Avoid embarrassing press by designing secure IoT products with Misha Seltzer
Avoid embarrassing press by designing secure IoT products with Misha SeltzerAvoid embarrassing press by designing secure IoT products with Misha Seltzer
Avoid embarrassing press by designing secure IoT products with Misha SeltzerProduct of Things
 
Cyber Security Awareness Program.pptx
Cyber Security Awareness Program.pptxCyber Security Awareness Program.pptx
Cyber Security Awareness Program.pptxDinesh582831
 
Webinar Security: Apps of Steel transcription
Webinar Security: Apps of Steel transcriptionWebinar Security: Apps of Steel transcription
Webinar Security: Apps of Steel transcriptionService2Media
 
Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01Kenneth Carnesi, JD
 
rovide 34 paragraphs that define how the IT security landscape has evo.docx
rovide 34 paragraphs that define how the IT security landscape has evo.docxrovide 34 paragraphs that define how the IT security landscape has evo.docx
rovide 34 paragraphs that define how the IT security landscape has evo.docxacarolyn
 
Securing Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksSecuring Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksHokme
 
It’s time to boost VoIP network security
It’s time to boost VoIP network securityIt’s time to boost VoIP network security
It’s time to boost VoIP network securityBev Robb
 
INSECURE Magazine - 35
INSECURE Magazine - 35INSECURE Magazine - 35
INSECURE Magazine - 35Felipe Prado
 
Simplifying Security: Protecting Your Clients and Your Company
Simplifying Security: Protecting Your Clients and Your CompanySimplifying Security: Protecting Your Clients and Your Company
Simplifying Security: Protecting Your Clients and Your CompanyDrew Gorton
 
Basic Digital Security
Basic Digital SecurityBasic Digital Security
Basic Digital SecurityUjjwal Acharya
 

Similar to CybelAngel - Top 10 tips to avoid being the next big data leak (20)

OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)
OpenTechTalks: Ethical hacking with Kali Linux (Tijl Deneut, UGent)
 
Information Security - A Discussion
Information Security - A DiscussionInformation Security - A Discussion
Information Security - A Discussion
 
Heavy Chef Session - Justin Stanford's presentation on Online Security
Heavy Chef Session - Justin Stanford's presentation on Online SecurityHeavy Chef Session - Justin Stanford's presentation on Online Security
Heavy Chef Session - Justin Stanford's presentation on Online Security
 
World of Signals - Devices - Connectivity - Signals - RF - Cyber Security.
World of Signals - Devices - Connectivity - Signals - RF - Cyber Security.World of Signals - Devices - Connectivity - Signals - RF - Cyber Security.
World of Signals - Devices - Connectivity - Signals - RF - Cyber Security.
 
ITrust Company Overview EN
ITrust Company Overview ENITrust Company Overview EN
ITrust Company Overview EN
 
CryptoParty Belfast July 2015 Online Privacy Tips
CryptoParty Belfast July 2015 Online Privacy Tips CryptoParty Belfast July 2015 Online Privacy Tips
CryptoParty Belfast July 2015 Online Privacy Tips
 
Hamza
HamzaHamza
Hamza
 
Telecom security issues (Raoul Chiesa, day 1 )
Telecom security issues (Raoul Chiesa, day 1 ) Telecom security issues (Raoul Chiesa, day 1 )
Telecom security issues (Raoul Chiesa, day 1 )
 
Avoid embarrassing press by designing secure IoT products with Misha Seltzer
Avoid embarrassing press by designing secure IoT products with Misha SeltzerAvoid embarrassing press by designing secure IoT products with Misha Seltzer
Avoid embarrassing press by designing secure IoT products with Misha Seltzer
 
Cyber Security Awareness Program.pptx
Cyber Security Awareness Program.pptxCyber Security Awareness Program.pptx
Cyber Security Awareness Program.pptx
 
Webinar Security: Apps of Steel transcription
Webinar Security: Apps of Steel transcriptionWebinar Security: Apps of Steel transcription
Webinar Security: Apps of Steel transcription
 
Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01Infosecurity2013nl 131103184054-phpapp01
Infosecurity2013nl 131103184054-phpapp01
 
Cyber security for journalists
Cyber security for journalistsCyber security for journalists
Cyber security for journalists
 
Security in 10 slides
Security in 10 slidesSecurity in 10 slides
Security in 10 slides
 
rovide 34 paragraphs that define how the IT security landscape has evo.docx
rovide 34 paragraphs that define how the IT security landscape has evo.docxrovide 34 paragraphs that define how the IT security landscape has evo.docx
rovide 34 paragraphs that define how the IT security landscape has evo.docx
 
Securing Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksSecuring Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP Leaks
 
It’s time to boost VoIP network security
It’s time to boost VoIP network securityIt’s time to boost VoIP network security
It’s time to boost VoIP network security
 
INSECURE Magazine - 35
INSECURE Magazine - 35INSECURE Magazine - 35
INSECURE Magazine - 35
 
Simplifying Security: Protecting Your Clients and Your Company
Simplifying Security: Protecting Your Clients and Your CompanySimplifying Security: Protecting Your Clients and Your Company
Simplifying Security: Protecting Your Clients and Your Company
 
Basic Digital Security
Basic Digital SecurityBasic Digital Security
Basic Digital Security
 

Recently uploaded

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 

Recently uploaded (20)

Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 

CybelAngel - Top 10 tips to avoid being the next big data leak

  • 1.
  • 2. Top 10 tips to avoid being the next big Data Leak (Cyber)Security for Software Engineers, Topito style...
  • 3. Thomas Garnier Head of Product @ CybelAngel since 2014 Academics in software engineering Switched to the Dark side (they had cookies) Who ? Gilles d’Arco CTO First employee @ CybelAngel Lived in China, Tunisia and now in Nantes Lua Programmer from time to time
  • 4. European company created in 2013 Over 50 employees Proprietary technology We detect data leaks and attacks
  • 5. Where exactly do we find the data ? Clear Web Social networks, forums, paste sites ... Dark Web Everything on Tor-like networks : markets, message boards, etc. Connected Storage Unprotected connected storage devices
  • 6. Data Leak 90% of data leaks come from third parties
  • 7. See it’s not just one...
  • 8. And we detect data leak for our clients everyday... We will show you real life examples, and we’ll try to learn something from it !
  • 9. Wrap up ! 1 Don’t share access points like chats, proxy, VPNs online (even if they are secured) 2 Don’t hard code your secret keys 3 Don’t store passwords unencrypted 4 Don’t use public Github as cloud storage 5 Apply the same (good) security policy on prod and test environment 6 Ensure that all databases require authentication 7 Never do non-encrypted backups (especially for active directory) 8 Change the default passwords of your FTP/SMB/etc 9 Make sure your cloud configuration is not open by default
  • 10. But most importantly ... 10 Don’t be too paranoid, keep building awesome stuffs ! True, but a bit cheesy though ….
  • 11. CybelAngel is hiring ! Talk to Gilles or Thomas Thanks everyone :)