SlideShare a Scribd company logo

Cyber Security and Cloud Computing

K
Keet Sugathadasa

This presentation is on the basics of cyber security and cloud computing, where it also addresses the aspects ethical hacking in detail. The url of the live presentation: http://syscolabs.lk/blog/cyber-security-and-cloud-computing/

Technology
1 of 37
Download to read offline
Let's prepare for what's next, and not what was last... Keet Malin Sugathadasa Software Engineer Sysco Labs Cyber Security and Cloud Computing
• What is Cyber Security? • Cryptanalysis • Computer Hacking • Cloud Computing Architecture • Cloud Security • Notorious 9 threats in cloud computing • AWS Cloud Security AGENDA
Cyber Security Are we really secure?
Best Practices and Measures taken to protect a computer or a computer system, against an unauthorized access or attack • Hardware, Software, Data... • Security Standards • Ethical Hacking • Best Practices CYBER SECURITY Cyber Security
• Interruption • Interception • Modification • Fabrication Threats and Attacks on Security CYBER SECURITY
• Confidentiality (Privacy) • Integrity (Trust) • Availability The CIA in Computer Security CYBER SECURITY
Cryptanalysis Analyzing and breaking encryption schemes
This uses a simple file containing words that can be surprisingly found in a dictionary. • “Iamthebest” • “Iloveblahblah” CRYPTANALYSIS Dictionary Attacks
dictionary + non-dictionary words by working through all possible alpha-numeric combinations • “aaaa901” • “Iloveblahblah2233a” CRYPTANALYSIS Brute Force Attack
Keeps a table of hashes for all possible password combinations. Adding salts will make this task even tougher • “aaaa901” • “fsdfwer232532” CRYPTANALYSIS Rainbow Table Attack
Ask the user for his or her password. A phishing email leads the unsuspecting reader to a faked portal and collect credentials • Sending a fake email related to bank payments CRYPTANALYSIS Phishing
Social engineering takes the whole ‘ask the user’ concept outside of the inbox that phishing tends to stick with and into the real world. • Call a person posing as a bank or other security guy CRYPTANALYSIS Social Engineering
Computer Hacking Cyber war is the new battlefield now...
Anonymous Your ignorance is our Power...
• Trojans • Backdoors • Sniffers • Rootkits • Exploits • Buffer overflows • SQL injection Hacking Technologies COMPUTER HACKING
• Reconnaissance (“Gathering information about a potential target”) • Scanning (“Using the info gathered during reconnaissance to examine the network”) • Gaining access (“Owning the system”) • Maintaining access (“Backdoors, Rootkits, Trojans”) • Covering tracks (“Alter log entries, removing alarms”) 5 Phases in Computer Hacking COMPUTER HACKING
Hacker Classes COMPUTER HACKING
• Discuss the need for testing • Sign an NDA • Tiger team prepares a schedule for testing • Conduct tests • Analysis and report preparation • Present the report to the client Conducting Ethical Hacking COMPUTER HACKING
Legality in Sri Lanka COMPUTER HACKING source: http://www.slcert.gov.lk/Downloads/Acts/Computer_Crimes_Act_No_24_of_2007(E).pdf
Cloud Computer Architecture Cloud is not magic, It’s just another computer...
Definition of Cloud Computing - NIST CLOUD COMPUTING ARCHITECTURE source: https://ww w.nist.gov/
Service Models CLOUD COMPUTING ARCHITECTURE
Cloud Security Basics Security is a process, not a product...
Security in the cloud is much like security in your on-premises data centers - only without the costs of maintaining facilities and hardware. In the cloud, you don’t have to manage physical servers or storage devices. Instead, you use software-based security tools to monitor and protect the flow of information into and of out of your cloud resources. CLOUD SECURITY BASICS Cloud Security
How Secure is the Cloud? CLOUD SECURITY source: https://www.youtube.com/watch?v=8g0NrHExD3g Layer 1: • Perimeter Defense Layer 2: • Clear Zone Layer 3: • Facility facade/ reception area Layer 4: • Hallway/ Escorted Area/ Gray Space Layer 5: • Data Center Room/ White Space Layer 6: • Data Center Cabinet/ White Space
CLOUD SECURITY Strict Regulatory Standards Security Tools Confidentiality DDoS Mitigation
Key Security Aspect in Cloud CLOUD SECURITY • Network Security ↳ Firewall • Configuration Management • Data Encryption • Access Control • Monitoring and Logging
Notorious Nine Threats Cloud Security Alliance (CSA)
1. Data Breaches 2. Data Loss 3. Account or Service Traffic Hijacking 4. Insecure Interfaces and APIs 5. Denial of Service 6. Malicious Insiders 7. Abuse of Cloud Services 8. Insufficient Due Diligence 9. Shared Technology Vulnerabilities NOTORIOUS NINE THREATS
AWS Cloud Security Amazon Web Services Cloud Platform
AWS CLOUD SECURITY Shared Responsibility
AWS Shield AWS CLOUD SECURITY • AWS Shield is a managed Distributed Denial of Service (DDoS) protection service • AWS Shield provides always-on detection and automatic inline mitigations that minimize application downtime and latency • Happens real-time (No support needed)
AWS WAF AWS CLOUD SECURITY • AWS WAF is a web application firewall that helps protect your web applications from common web exploits • AWS WAF gives you control over which traffic to allow or block to your web applications • block common attack patterns, such as SQL injection or cross-site scripting
AWS IAM AWS CLOUD SECURITY • Access Control • Use AWS Identity and Access Management (IAM) to control users' access to AWS services • Create and manage users and groups, and grant or deny access
1. AWS Artifact 2. AWS Certificate Manager 3. Amazon Cloud Directory 4. AWS CloudHSM 5. Amazon Cognito 6. AWS Directory Service 7. Amazon GuardDuty 8. Amazon Inspector 9. And many more... AWS CLOUD SECURITY source: https://aws.amazon.com/products/security/
Think twice before you connect
Thank you

Recommended

Cloud with Cyber Security
Cloud with Cyber SecurityCloud with Cyber Security
Cloud with Cyber Security
Niki Upadhyay
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
AWS User Group Bengaluru
 
Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security Presentation
Ajay p
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
Ninh Nguyen
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
Venkatesh Chary
 
Cloud security
Cloud securityCloud security
Cloud security
Tushar Kayande
 
Application security
Application securityApplication security
Application security
Hagar Alaa el-din
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...
Edureka!
 

Recommended

Cloud with Cyber Security
Cloud with Cyber SecurityCloud with Cyber Security
Cloud with Cyber Security
Niki Upadhyay
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
AWS User Group Bengaluru
 
Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security Presentation
Ajay p
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
Ninh Nguyen
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
Venkatesh Chary
 
Cloud security
Cloud securityCloud security
Cloud security
Tushar Kayande
 
Application security
Application securityApplication security
Application security
Hagar Alaa el-din
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...
Edureka!
 
Cloud security
Cloud securityCloud security
Cloud security
Niharika Varshney
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security ppt
SAIKAT BISWAS
 
Zero Trust Model Presentation
Zero Trust Model PresentationZero Trust Model Presentation
Zero Trust Model Presentation
Gowdhaman Jothilingam
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Edureka!
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
AWS User Group Bengaluru
 
Cyber security
Cyber securityCyber security
Cyber security
Manjushree Mashal
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentals
Cloudflare
 
Cloud security
Cloud securityCloud security
Cloud security
BikashPokharel3
 
Cyber Security 101
Cyber Security 101Cyber Security 101
Cyber Security 101
Cloudflare
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
TriCorps Technologies
 
Cybersecurity Basics - Aravindr.com
Cybersecurity Basics - Aravindr.comCybersecurity Basics - Aravindr.com
Cybersecurity Basics - Aravindr.com
Aravind R
 
Security architecture
Security architectureSecurity architecture
Security architecture
Duncan Unwin
 
Multi cloud security architecture
Multi cloud security architecture Multi cloud security architecture
Multi cloud security architecture
Maganathin Veeraragaloo
 
Cloud security
Cloud security Cloud security
Cloud security
n|u - The Open Security Community
 
Cyber security
Cyber securityCyber security
Cyber security
Harsh verma
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Ramiro Cid
 
Cloud computing and data security
Cloud computing and data securityCloud computing and data security
Cloud computing and data security
Mohammed Fazuluddin
 
Cloud Security Fundamentals Webinar
Cloud Security Fundamentals WebinarCloud Security Fundamentals Webinar
Cloud Security Fundamentals Webinar
Joseph Holbrook, Chief Learning Officer (CLO)
 
What is network security and Types
What is network security and TypesWhat is network security and Types
What is network security and Types
Vikram Khanna
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
Krutarth Vasavada
 
Azure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure CloudAzure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure Cloud
Paulo Renato
 
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
Ruby Meditation
 

More Related Content

What's hot

What's hot (20)

Cloud security
Cloud securityCloud security
Cloud security
 
Network Security ppt
Network Security pptNetwork Security ppt
Network Security ppt
 
Zero Trust Model Presentation
Zero Trust Model PresentationZero Trust Model Presentation
Zero Trust Model Presentation
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentals
 
Cloud security
Cloud securityCloud security
Cloud security
 
Cyber Security 101
Cyber Security 101Cyber Security 101
Cyber Security 101
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
 
Cybersecurity Basics - Aravindr.com
Cybersecurity Basics - Aravindr.comCybersecurity Basics - Aravindr.com
Cybersecurity Basics - Aravindr.com
 
Security architecture
Security architectureSecurity architecture
Security architecture
 
Multi cloud security architecture
Multi cloud security architecture Multi cloud security architecture
Multi cloud security architecture
 
Cloud security
Cloud security Cloud security
Cloud security
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Cloud computing and data security
Cloud computing and data securityCloud computing and data security
Cloud computing and data security
 
Cloud Security Fundamentals Webinar
Cloud Security Fundamentals WebinarCloud Security Fundamentals Webinar
Cloud Security Fundamentals Webinar
 
What is network security and Types
What is network security and TypesWhat is network security and Types
What is network security and Types
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
 

Similar to Cyber Security and Cloud Computing

Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
Ruby Meditation
 
Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...
Ulf Mattsson
 
Defenders of the Galaxy - Protecting the (Cloud) galaxy from threats.pptx
Defenders of the Galaxy - Protecting the (Cloud) galaxy from threats.pptxDefenders of the Galaxy - Protecting the (Cloud) galaxy from threats.pptx
Defenders of the Galaxy - Protecting the (Cloud) galaxy from threats.pptx
Matthew Levy
 
Te chnical presentation networkexploits and security
Te chnical presentation networkexploits and securityTe chnical presentation networkexploits and security
Te chnical presentation networkexploits and security
Kartik Rao
 
AWS April Webianr Series - How Willbros Builds Securely in AWS with Trend Micro
AWS April Webianr Series - How Willbros Builds Securely in AWS with Trend MicroAWS April Webianr Series - How Willbros Builds Securely in AWS with Trend Micro
AWS April Webianr Series - How Willbros Builds Securely in AWS with Trend Micro
Amazon Web Services
 

Similar to Cyber Security and Cloud Computing (20)

Azure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure CloudAzure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure Cloud
 
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
 
Shared Security Responsibility for the Azure Cloud
Shared Security Responsibility for the Azure CloudShared Security Responsibility for the Azure Cloud
Shared Security Responsibility for the Azure Cloud
 
A Throwaway Deck for Cloud Security Essentials 2.0 delivered at RSA 2016
A Throwaway Deck for Cloud Security Essentials 2.0 delivered at RSA 2016A Throwaway Deck for Cloud Security Essentials 2.0 delivered at RSA 2016
A Throwaway Deck for Cloud Security Essentials 2.0 delivered at RSA 2016
 
Managed Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS ApplicationsManaged Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS Applications
 
Managed Threat Detection and Response
Managed Threat Detection and ResponseManaged Threat Detection and Response
Managed Threat Detection and Response
 
Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...
 
Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014
 
Azure Fundamentals Part 3
Azure Fundamentals Part 3Azure Fundamentals Part 3
Azure Fundamentals Part 3
 
Dark Insight: the Basic of Security - Alexander Obozinskiy
Dark Insight: the Basic of Security - Alexander ObozinskiyDark Insight: the Basic of Security - Alexander Obozinskiy
Dark Insight: the Basic of Security - Alexander Obozinskiy
 
Cloud Security and some preferred practices
Cloud Security and some preferred practicesCloud Security and some preferred practices
Cloud Security and some preferred practices
 
Alabama CyberNow 2018: Cloud Hardening and Digital Forensics Readiness
Alabama CyberNow 2018: Cloud Hardening and Digital Forensics ReadinessAlabama CyberNow 2018: Cloud Hardening and Digital Forensics Readiness
Alabama CyberNow 2018: Cloud Hardening and Digital Forensics Readiness
 
Defenders of the Galaxy - Protecting the (Cloud) galaxy from threats.pptx
Defenders of the Galaxy - Protecting the (Cloud) galaxy from threats.pptxDefenders of the Galaxy - Protecting the (Cloud) galaxy from threats.pptx
Defenders of the Galaxy - Protecting the (Cloud) galaxy from threats.pptx
 
Te chnical presentation networkexploits and security
Te chnical presentation networkexploits and securityTe chnical presentation networkexploits and security
Te chnical presentation networkexploits and security
 
AWS April Webianr Series - How Willbros Builds Securely in AWS with Trend Micro
AWS April Webianr Series - How Willbros Builds Securely in AWS with Trend MicroAWS April Webianr Series - How Willbros Builds Securely in AWS with Trend Micro
AWS April Webianr Series - How Willbros Builds Securely in AWS with Trend Micro
 
Slide Deck CISSP Class Session 5
Slide Deck CISSP Class Session 5Slide Deck CISSP Class Session 5
Slide Deck CISSP Class Session 5
 
Cybersecurity Roadmap for Beginners
Cybersecurity Roadmap for BeginnersCybersecurity Roadmap for Beginners
Cybersecurity Roadmap for Beginners
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and Compliance
 
Cloud Security Essentials 2.0 at RSA
Cloud Security Essentials 2.0 at RSACloud Security Essentials 2.0 at RSA
Cloud Security Essentials 2.0 at RSA
 
Protecting microservices using secure design patterns 1.0
Protecting microservices using secure design patterns 1.0Protecting microservices using secure design patterns 1.0
Protecting microservices using secure design patterns 1.0
 

More from Keet Sugathadasa

Site Reliability Engineering (SRE) - Tech Talk by Keet Sugathadasa
Site Reliability Engineering (SRE) - Tech Talk by Keet SugathadasaSite Reliability Engineering (SRE) - Tech Talk by Keet Sugathadasa
Site Reliability Engineering (SRE) - Tech Talk by Keet Sugathadasa
Keet Sugathadasa
 
Training Report WSO2 internship
Training Report WSO2 internshipTraining Report WSO2 internship
Training Report WSO2 internship
Keet Sugathadasa
 
Revolutionizing digital authentication with gsma mobile connect
Revolutionizing digital authentication with gsma mobile connectRevolutionizing digital authentication with gsma mobile connect
Revolutionizing digital authentication with gsma mobile connect
Keet Sugathadasa
 

More from Keet Sugathadasa (9)

Chaos Engineering - The Art of Breaking Things in Production
Chaos Engineering - The Art of Breaking Things in ProductionChaos Engineering - The Art of Breaking Things in Production
Chaos Engineering - The Art of Breaking Things in Production
 
Site Reliability Engineering (SRE) - Tech Talk by Keet Sugathadasa
Site Reliability Engineering (SRE) - Tech Talk by Keet SugathadasaSite Reliability Engineering (SRE) - Tech Talk by Keet Sugathadasa
Site Reliability Engineering (SRE) - Tech Talk by Keet Sugathadasa
 
Human Computer Interaction - Facebook Messenger
Human Computer Interaction - Facebook MessengerHuman Computer Interaction - Facebook Messenger
Human Computer Interaction - Facebook Messenger
 
How to compete in hackathons
How to compete in hackathonsHow to compete in hackathons
How to compete in hackathons
 
Quality Engineering - When to Stop Testing
Quality Engineering - When to Stop TestingQuality Engineering - When to Stop Testing
Quality Engineering - When to Stop Testing
 
Training Report WSO2 internship
Training Report WSO2 internshipTraining Report WSO2 internship
Training Report WSO2 internship
 
Object oriented programming interview questions
Object oriented programming interview questionsObject oriented programming interview questions
Object oriented programming interview questions
 
Interview Facing Workshop
Interview Facing WorkshopInterview Facing Workshop
Interview Facing Workshop
 
Revolutionizing digital authentication with gsma mobile connect
Revolutionizing digital authentication with gsma mobile connectRevolutionizing digital authentication with gsma mobile connect
Revolutionizing digital authentication with gsma mobile connect
 

Recently uploaded

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Recently uploaded (20)

CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Navigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern EnterpriseNavigating Identity and Access Management in the Modern Enterprise
Navigating Identity and Access Management in the Modern Enterprise
 
Simplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptxSimplifying Mobile A11y Presentation.pptx
Simplifying Mobile A11y Presentation.pptx
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...Stronger Together: Developing an Organizational Strategy for Accessible Desig...
Stronger Together: Developing an Organizational Strategy for Accessible Desig...
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 

Cyber Security and Cloud Computing

  • 1. Let's prepare for what's next, and not what was last... Keet Malin Sugathadasa Software Engineer Sysco Labs Cyber Security and Cloud Computing
  • 2. • What is Cyber Security? • Cryptanalysis • Computer Hacking • Cloud Computing Architecture • Cloud Security • Notorious 9 threats in cloud computing • AWS Cloud Security AGENDA
  • 3. Cyber Security Are we really secure?
  • 4. Best Practices and Measures taken to protect a computer or a computer system, against an unauthorized access or attack • Hardware, Software, Data... • Security Standards • Ethical Hacking • Best Practices CYBER SECURITY Cyber Security
  • 5. • Interruption • Interception • Modification • Fabrication Threats and Attacks on Security CYBER SECURITY
  • 6. • Confidentiality (Privacy) • Integrity (Trust) • Availability The CIA in Computer Security CYBER SECURITY
  • 8. This uses a simple file containing words that can be surprisingly found in a dictionary. • “Iamthebest” • “Iloveblahblah” CRYPTANALYSIS Dictionary Attacks
  • 9. dictionary + non-dictionary words by working through all possible alpha-numeric combinations • “aaaa901” • “Iloveblahblah2233a” CRYPTANALYSIS Brute Force Attack
  • 10. Keeps a table of hashes for all possible password combinations. Adding salts will make this task even tougher • “aaaa901” • “fsdfwer232532” CRYPTANALYSIS Rainbow Table Attack
  • 11. Ask the user for his or her password. A phishing email leads the unsuspecting reader to a faked portal and collect credentials • Sending a fake email related to bank payments CRYPTANALYSIS Phishing
  • 12. Social engineering takes the whole ‘ask the user’ concept outside of the inbox that phishing tends to stick with and into the real world. • Call a person posing as a bank or other security guy CRYPTANALYSIS Social Engineering
  • 13. Computer Hacking Cyber war is the new battlefield now...
  • 15. • Trojans • Backdoors • Sniffers • Rootkits • Exploits • Buffer overflows • SQL injection Hacking Technologies COMPUTER HACKING
  • 16. • Reconnaissance (“Gathering information about a potential target”) • Scanning (“Using the info gathered during reconnaissance to examine the network”) • Gaining access (“Owning the system”) • Maintaining access (“Backdoors, Rootkits, Trojans”) • Covering tracks (“Alter log entries, removing alarms”) 5 Phases in Computer Hacking COMPUTER HACKING
  • 18. • Discuss the need for testing • Sign an NDA • Tiger team prepares a schedule for testing • Conduct tests • Analysis and report preparation • Present the report to the client Conducting Ethical Hacking COMPUTER HACKING
  • 19. Legality in Sri Lanka COMPUTER HACKING source: http://www.slcert.gov.lk/Downloads/Acts/Computer_Crimes_Act_No_24_of_2007(E).pdf
  • 20. Cloud Computer Architecture Cloud is not magic, It’s just another computer...
  • 21. Definition of Cloud Computing - NIST CLOUD COMPUTING ARCHITECTURE source: https://ww w.nist.gov/
  • 23. Cloud Security Basics Security is a process, not a product...
  • 24. Security in the cloud is much like security in your on-premises data centers - only without the costs of maintaining facilities and hardware. In the cloud, you don’t have to manage physical servers or storage devices. Instead, you use software-based security tools to monitor and protect the flow of information into and of out of your cloud resources. CLOUD SECURITY BASICS Cloud Security
  • 25. How Secure is the Cloud? CLOUD SECURITY source: https://www.youtube.com/watch?v=8g0NrHExD3g Layer 1: • Perimeter Defense Layer 2: • Clear Zone Layer 3: • Facility facade/ reception area Layer 4: • Hallway/ Escorted Area/ Gray Space Layer 5: • Data Center Room/ White Space Layer 6: • Data Center Cabinet/ White Space
  • 26. CLOUD SECURITY Strict Regulatory Standards Security Tools Confidentiality DDoS Mitigation
  • 27. Key Security Aspect in Cloud CLOUD SECURITY • Network Security ↳ Firewall • Configuration Management • Data Encryption • Access Control • Monitoring and Logging
  • 28. Notorious Nine Threats Cloud Security Alliance (CSA)
  • 29. 1. Data Breaches 2. Data Loss 3. Account or Service Traffic Hijacking 4. Insecure Interfaces and APIs 5. Denial of Service 6. Malicious Insiders 7. Abuse of Cloud Services 8. Insufficient Due Diligence 9. Shared Technology Vulnerabilities NOTORIOUS NINE THREATS
  • 30. AWS Cloud Security Amazon Web Services Cloud Platform
  • 31. AWS CLOUD SECURITY Shared Responsibility
  • 32. AWS Shield AWS CLOUD SECURITY • AWS Shield is a managed Distributed Denial of Service (DDoS) protection service • AWS Shield provides always-on detection and automatic inline mitigations that minimize application downtime and latency • Happens real-time (No support needed)
  • 33. AWS WAF AWS CLOUD SECURITY • AWS WAF is a web application firewall that helps protect your web applications from common web exploits • AWS WAF gives you control over which traffic to allow or block to your web applications • block common attack patterns, such as SQL injection or cross-site scripting
  • 34. AWS IAM AWS CLOUD SECURITY • Access Control • Use AWS Identity and Access Management (IAM) to control users' access to AWS services • Create and manage users and groups, and grant or deny access
  • 35. 1. AWS Artifact 2. AWS Certificate Manager 3. Amazon Cloud Directory 4. AWS CloudHSM 5. Amazon Cognito 6. AWS Directory Service 7. Amazon GuardDuty 8. Amazon Inspector 9. And many more... AWS CLOUD SECURITY source: https://aws.amazon.com/products/security/