The document summarizes evidence from multiple cybersecurity reports to propose an updated set of top five cybersecurity controls. It analyzes data on the most common attack vectors like phishing and use of stolen credentials. Based on this, the proposed top five controls are: 1) Implementing multifactor authentication and privileged access management, 2) Implementing technical email controls, 3) Training users to spot spearphishing, 4) Managing vulnerabilities well through patching and configuration, and 5) Verifying and locking down external-facing systems and limiting internet access points. The document provides support for these recommendations through statistics and examples from real-world cyber attacks and breaches.
Using Canary Honeypots for Network Security Monitoringchrissanders88
In this presentation I talk about how honeypots that have more traditionally been used for research purposes can also be used as an effective part of a network security monitoring strategy.
How to Detect SQL Injections & XSS Attacks with AlienVault USM AlienVault
They may be the oldest tricks in the book, but SQL injection and cross-site scripting (XSS) attacks still put a hurt on thousands of web applications every year, impacting millions of users—your users and customers. SIEM solutions are essential in finding these exposures quickly, by collecting and correlating data to spot patterns and alert you of an attack. Join us for this demo to learn more about how these attacks work and how AlienVault USM gives you the built-in intelligence you need to spot trouble quickly.
You'll learn:
How these attacks work and what you can do to protect your network
What data you need to collect to identify the warning signs of an attack
How to identify impacted assets so you can quickly limit the damage
How AlienVault USM simplifies detection with built-in correlation rules & threat intelligence
Learn how to use an Analytics-Driven SIEM for your Security OperationsSplunk
Join our Security Experts and learn about our Analytics-Driven SIEM, Splunk Enterprise Security (ES) in a live, hands-on session. You will start off with a hands-on tour of Splunk's award-winning SIEM, Splunk Enterprise Security and understand its key frameworks and its unique capabilities. Then, you will work on hands-on exercises that involve threat detection, incident investigation and how to take rapid responses using data from a range of sources such as threat list intelligence feeds, endpoint activity logs, e-mail logs, and web logs. This session is a must session for all security practitioners.
Using Canary Honeypots for Network Security Monitoringchrissanders88
In this presentation I talk about how honeypots that have more traditionally been used for research purposes can also be used as an effective part of a network security monitoring strategy.
How to Detect SQL Injections & XSS Attacks with AlienVault USM AlienVault
They may be the oldest tricks in the book, but SQL injection and cross-site scripting (XSS) attacks still put a hurt on thousands of web applications every year, impacting millions of users—your users and customers. SIEM solutions are essential in finding these exposures quickly, by collecting and correlating data to spot patterns and alert you of an attack. Join us for this demo to learn more about how these attacks work and how AlienVault USM gives you the built-in intelligence you need to spot trouble quickly.
You'll learn:
How these attacks work and what you can do to protect your network
What data you need to collect to identify the warning signs of an attack
How to identify impacted assets so you can quickly limit the damage
How AlienVault USM simplifies detection with built-in correlation rules & threat intelligence
Learn how to use an Analytics-Driven SIEM for your Security OperationsSplunk
Join our Security Experts and learn about our Analytics-Driven SIEM, Splunk Enterprise Security (ES) in a live, hands-on session. You will start off with a hands-on tour of Splunk's award-winning SIEM, Splunk Enterprise Security and understand its key frameworks and its unique capabilities. Then, you will work on hands-on exercises that involve threat detection, incident investigation and how to take rapid responses using data from a range of sources such as threat list intelligence feeds, endpoint activity logs, e-mail logs, and web logs. This session is a must session for all security practitioners.
The Information Security Community on LinkedIn, with the support of Cybereason, conducted a comprehensive online research project to gain
more insight into the state of threat hunting in security
operation centers (SOCs). When the 330 cybersecurity and IT professionals were asked what keeps them up at night, many comments revolved around a central theme of undetected threats slipping through an organization’s defenses. Many
responses included “unknown” and “advanced” when
describing threats, indicating the respondents understand
the challenges and fear those emerging threats.
Read the full report here.
Application Security Architecture and Threat ModellingPriyanka Aash
95% of attacks are against “Web Servers and Web Applications”
Security Architecture and SDLC
3 Tier – Web App Architecture
Would you trust the code?
Traditional SDLC
Secure SDLC
SAST vs. DAST
2017 Secure360 - Hacking SQL Server on Scale with PowerShellScott Sutherland
This presentation will provide an overview of common SQL Server discovery, privilege escalation, persistence, and data targeting techniques. Techniques will be shared for escalating privileges on SQL Server and associated Active Directory domains. Finally I’ll show how PowerShell automation can be used to execute the SQL Server attacks on scale with PowerUpSQL. All scripts demonstrated during the presentation are available on GitHub. This should be useful to penetration testers and system administrators trying to gain a better understanding of their SQL Server attack surface and how it can be exploited.
Code Security with GitHub Advanced SecurityLuis Fraile
Move the security to the left during development can have a lot of challenges, as well as some pitfalls. With the tools of GitHub Advanced Security like, Dependabot, Secret Scanning or CodeQL we can start, step by step, security practices to the very first step in our developments.
Threat hunting foundations: People, process and technology.pptxInfosec
Ever wonder what threat hunting is all about? Join Infosec Principal Security Researcher Keatron Evans as he breaks down the basics of what it’s like to have a career hunting down potential cyber threats.
Join us on for an inside look at a day in the life of a threat hunter, including:
Why threat hunters are more critical today than ever before
Knowledge and skills needed to drive threat hunting success
Live demos of essential threat hunting skills and tools used to detect and mitigate adversarial behavior
One lucky attendee will win a free year of Infosec Skills. Complete the form to save your seat!
P.S. Want to go even deeper into threat hunting? Don’t miss our advanced threat hunting session on June 28, Join the hunt: Threat hunting for proactive cyber defense.
Explain in Hindi: https://www.youtube.com/watch?v=6xqkDB3NHN0
Discovering vulnerabilities is important, but being able to estimate the associated risk to the business is just as important. Early in the life cycle, one may identify security concerns in the architecture or design by using threat modeling. Later, one may find security issues using code review or penetration testing. Or problems may not be discovered until the application is in production and is actually compromised.
Reference: https://owasp.org/www-community/OWASP_Risk_Rating_Methodology
https://www.owasp-risk-rating.com/
My slides for PHDays 2018 Threat Hunting Hands-On Lab - https://www.phdays.com/en/program/reports/build-your-own-threat-hunting-based-on-open-source-tools/
Virtual Machines for lab are available here - https://yadi.sk/d/qB1PNBj_3ViWHe
Effective Threat Hunting with Tactical Threat IntelligenceDhruv Majumdar
How to set up a Threat Hunting Team for Active Defense utilizing Cyber Threat Intelligence and how CTI can help a company grow and improve its security posture.
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
https://www.brighttalk.com/webcast/14723/234829?utm_source=Compliance+Engineering&utm_medium=brighttalk&utm_campaign=234829 :
With cyber attacks on the rise, securing your data is more imperative than ever. In future, organizations will face severe penalties if their data isn’t robustly secured. This will have a far reaching impact for how businesses deal with security in terms of managing their cyber risk.
Join this presentation to learn the cyber security controls prescribed by regulation, how this impacts compliance, and how cyber risk management helps CISOs understand the degree these controls are in place and where to prioritize their cyber dollars and ensure they are not at risk for fines.
Viewers will learn:
- The latest cybercrime trends and targets
- Trends in board involvement in cybersecurity
- How to effectively manage the full range of enterprise risks
- How to protect against ransomware
- Visibility into third party risk
- Data security metrics
Securing Fintech: Threats, Challenges & Best PracticesUlf Mattsson
Cyber attacks have increased in frequency and severity, and financial institutions are particularly interesting targets to cyber criminals. Join this presentation to learn the latest cybersecurity threats and challenges plaguing the financial industry, and the policies and solutions your organization needs to have in place to protect against them.
Viewers will learn:
• Current trends in Cyber attacks
• FFIEC Cyber Assessment Toolkit
• NIST Cybersecurity Framework principles
• Security Metrics
• Oversight of third parties
• How to measure cybersecurity preparedness
• Automated approaches to integrate Security into DevOps
About the Presenter:
Ulf Mattsson is the Chief Technology Officer of Security Solutions at Atlantic BT, and earlier at Compliance Engineering. Ulf was the Chief Technology Officer and a founder of Protegrity, He invented the Protegrity Vaultless Tokenization, Data Type Preservation (DTP2) and created the initial architecture of Protegrity's database security technology. Prior to Protegrity, Ulf worked 20 years at IBM in software development and in IBM's Research organization, in the areas of IT Architecture and Security, and received a US Green Card of class ‘EB 11 – Individual of Extraordinary Ability’ after endorsement by IBM. Ulf is the inventor of more than 45 patents in the areas of Encryption, Policy Driven Data Encryption, Internal Threat Protection, Data Usage Control and Intrusion Prevention
The Information Security Community on LinkedIn, with the support of Cybereason, conducted a comprehensive online research project to gain
more insight into the state of threat hunting in security
operation centers (SOCs). When the 330 cybersecurity and IT professionals were asked what keeps them up at night, many comments revolved around a central theme of undetected threats slipping through an organization’s defenses. Many
responses included “unknown” and “advanced” when
describing threats, indicating the respondents understand
the challenges and fear those emerging threats.
Read the full report here.
Application Security Architecture and Threat ModellingPriyanka Aash
95% of attacks are against “Web Servers and Web Applications”
Security Architecture and SDLC
3 Tier – Web App Architecture
Would you trust the code?
Traditional SDLC
Secure SDLC
SAST vs. DAST
2017 Secure360 - Hacking SQL Server on Scale with PowerShellScott Sutherland
This presentation will provide an overview of common SQL Server discovery, privilege escalation, persistence, and data targeting techniques. Techniques will be shared for escalating privileges on SQL Server and associated Active Directory domains. Finally I’ll show how PowerShell automation can be used to execute the SQL Server attacks on scale with PowerUpSQL. All scripts demonstrated during the presentation are available on GitHub. This should be useful to penetration testers and system administrators trying to gain a better understanding of their SQL Server attack surface and how it can be exploited.
Code Security with GitHub Advanced SecurityLuis Fraile
Move the security to the left during development can have a lot of challenges, as well as some pitfalls. With the tools of GitHub Advanced Security like, Dependabot, Secret Scanning or CodeQL we can start, step by step, security practices to the very first step in our developments.
Threat hunting foundations: People, process and technology.pptxInfosec
Ever wonder what threat hunting is all about? Join Infosec Principal Security Researcher Keatron Evans as he breaks down the basics of what it’s like to have a career hunting down potential cyber threats.
Join us on for an inside look at a day in the life of a threat hunter, including:
Why threat hunters are more critical today than ever before
Knowledge and skills needed to drive threat hunting success
Live demos of essential threat hunting skills and tools used to detect and mitigate adversarial behavior
One lucky attendee will win a free year of Infosec Skills. Complete the form to save your seat!
P.S. Want to go even deeper into threat hunting? Don’t miss our advanced threat hunting session on June 28, Join the hunt: Threat hunting for proactive cyber defense.
Explain in Hindi: https://www.youtube.com/watch?v=6xqkDB3NHN0
Discovering vulnerabilities is important, but being able to estimate the associated risk to the business is just as important. Early in the life cycle, one may identify security concerns in the architecture or design by using threat modeling. Later, one may find security issues using code review or penetration testing. Or problems may not be discovered until the application is in production and is actually compromised.
Reference: https://owasp.org/www-community/OWASP_Risk_Rating_Methodology
https://www.owasp-risk-rating.com/
My slides for PHDays 2018 Threat Hunting Hands-On Lab - https://www.phdays.com/en/program/reports/build-your-own-threat-hunting-based-on-open-source-tools/
Virtual Machines for lab are available here - https://yadi.sk/d/qB1PNBj_3ViWHe
Effective Threat Hunting with Tactical Threat IntelligenceDhruv Majumdar
How to set up a Threat Hunting Team for Active Defense utilizing Cyber Threat Intelligence and how CTI can help a company grow and improve its security posture.
Cyber Risk Management in 2017: Challenges & RecommendationsUlf Mattsson
https://www.brighttalk.com/webcast/14723/234829?utm_source=Compliance+Engineering&utm_medium=brighttalk&utm_campaign=234829 :
With cyber attacks on the rise, securing your data is more imperative than ever. In future, organizations will face severe penalties if their data isn’t robustly secured. This will have a far reaching impact for how businesses deal with security in terms of managing their cyber risk.
Join this presentation to learn the cyber security controls prescribed by regulation, how this impacts compliance, and how cyber risk management helps CISOs understand the degree these controls are in place and where to prioritize their cyber dollars and ensure they are not at risk for fines.
Viewers will learn:
- The latest cybercrime trends and targets
- Trends in board involvement in cybersecurity
- How to effectively manage the full range of enterprise risks
- How to protect against ransomware
- Visibility into third party risk
- Data security metrics
Securing Fintech: Threats, Challenges & Best PracticesUlf Mattsson
Cyber attacks have increased in frequency and severity, and financial institutions are particularly interesting targets to cyber criminals. Join this presentation to learn the latest cybersecurity threats and challenges plaguing the financial industry, and the policies and solutions your organization needs to have in place to protect against them.
Viewers will learn:
• Current trends in Cyber attacks
• FFIEC Cyber Assessment Toolkit
• NIST Cybersecurity Framework principles
• Security Metrics
• Oversight of third parties
• How to measure cybersecurity preparedness
• Automated approaches to integrate Security into DevOps
About the Presenter:
Ulf Mattsson is the Chief Technology Officer of Security Solutions at Atlantic BT, and earlier at Compliance Engineering. Ulf was the Chief Technology Officer and a founder of Protegrity, He invented the Protegrity Vaultless Tokenization, Data Type Preservation (DTP2) and created the initial architecture of Protegrity's database security technology. Prior to Protegrity, Ulf worked 20 years at IBM in software development and in IBM's Research organization, in the areas of IT Architecture and Security, and received a US Green Card of class ‘EB 11 – Individual of Extraordinary Ability’ after endorsement by IBM. Ulf is the inventor of more than 45 patents in the areas of Encryption, Policy Driven Data Encryption, Internal Threat Protection, Data Usage Control and Intrusion Prevention
Final presentation january iia cybersecurity securing your 2016 audit planCameron Forbes Over
With 2015 cybersecurity themes and realities nearly in the rearview mirror, “Cybersecurity – Securing your 2016 Audit Plan” will shift our outlook to looking forward into what cybersecurity predictions are being made for 2016, and what key topics and themes will drive 2016 audit planning in the cybersecurity area.
This webinar series is designed to help internal auditors looking to equip themselves with competencies and confidence to handle audit of IT controls and information security, and learn about the emerging technologies and their underlying risks
The series focuses on contemporary IT audit approaches relevant to Internal Auditors and the processes underlying risk based IT audits.
Session 10 of 10
This Webinar focuses on Advanced Persistent Threats and targeted cyber attacks:
• Advanced Persistent Threats – the shifting paradigm to targeted attacks
• Understanding Advanced Persistent threats
• Overview of popular types of APTs
• Impact of APTs on sensitive data as well as organisation reputation
• Characteristics and Attack sequence of APT attacks and the challenges in detecting APTs
• Assessing, Managing and Auditing APT Risks
• Data loss and Cyber intrusions
Federal Webinar: Leverage IT Operations Monitoring and Log Data to Reduce Ins...SolarWinds
According to the fourth annual Federal Cybersecurity Survey from SolarWinds and Market Connections, insider threats are the leading source of threats to federal agencies. Human error is one of the most common insider threats, followed by abuse of privileges, and theft. The increased sophistication of threats, volume of attacks, and end-user policy violations make agencies more vulnerable than ever. In this webinar, we discussed how implementing the right tools, as well as continuously monitoring systems and networks, can provide the data to make informed decisions and help agencies safeguard against insider threats, and quickly identify and fix vulnerabilities.
During this webinar our presenters discussed:
The 2017 SolarWinds Federal Cybersecurity Survey, and the top sources of threats
How the right tools and technologies can provide IT infrastructure data to help safeguard against malicious and non-malicious internal threats, including:
Utilizing fault, performance, and log management data to help ensure that devices are continuously monitored and operating correctly
Leveraging configuration management to help prevent errors and reduce vulnerabilities
How the implementation of Security Incident and Event Management (SIEM) tools can better equip agencies to quickly detect and respond to security threats and help to reduce vulnerability, including:
Utilizing log data to detect malicious or out-of-policy actions, fine-tune firewall configurations, and monitor Active Directory® changes
How to track devices and users on your network and maintain historic data for forensics
Addressing penetration testing and vulnerabilities, and adding verification m...IT Governance Ltd
This webinar will cover the best practices for penetration testing and vulnerability assessments, and how to use staff training to create a strong information security management system that address people, processes and technology.
You will learn about:
- Conducting penetration testing
- Vulnerability assessments and monitoring
- The need to provide employees with training and monitoring controls
A recording of the webinar can be found here:
https://www.youtube.com/watch?v=gsFmP34K8z0
Using Threat Intelligence to Address Your Growing Digital RiskSurfWatch Labs
Cyber threat intelligence can be used to help organizations to better manage their growing digital risk footprints and drive more effective risk decisions.
Learnings from the Cloud: What to Watch When Watching for BreachPriyanka Aash
Protecting against account breach and misuse when using a cloud service can be challenging, as the cloud service decides what tooling is available, and control may be limited. This session will share learnings and best practices from the Office 365 engineering team: from the patterns observed, what are best practices to protect against account breach?
(Source: RSA Conference USA 2017)
5 Ways Technology Vendors Put Their Healthcare Customer's PHI at RiskClearDATACloud
Healthcare PHI breaches resulting from technology vendor mistakes and misunderstandings have spiked over the past 2-3 years. Litigation, fines, remediation, and restitution can reach into the millions of dollars. This presentation will cover five common, but frequently overlooked, ways that technology vendors put their healthcare customer's PHI at risk. Just as importantly, it provides real world examples and pragmatic recommendations for addressing these issues to significantly reduce risk to you and your customers.
"NormShield 2018 Cyber Security Risk Brief" @NormShield - We analyzed more than 100,000 live assets from over 200 companies to find out which industries are at the head of the class, who needs to get their grades up, and the threats that everyone needs to address.
Corporate Treasurers Focus on Cyber SecurityJoan Weber
Treasury departments at large U.S. companies rank IT security as their top priority for 2015 - ahead of such critical issues as cost management and regulatory/compliance challenges.
These finding come from the results Greenwich Associates 2014 U.S. Large Corporate Finance Study, for which the firm interviewed CFOs or treasury department representatives at more than 500 large U.S. companies.
The study results suggest that U.S. companies are taking action to address security concerns and other IT issues with 63% of the participants saying their treasury departments will increase technology spending in the year ahead.
Big Iron to Big Data Analytics for Security, Compliance, and the MainframePrecisely
Security Information and Event Management (SIEM) technologies and practices continue to expand across IT organizations to address security concerns and meet compliance mandates. However, in many of these organizations the mainframe remains an isolated technology platform. Security & compliance issues are addressed using old tools that are not effectively integrated into big data analytics platforms. In this webinar we discuss how to leverage mainframe (Big Iron) data sources into Big Data analytics platforms to address a variety of mainframe security challenges. Additionally, we cover:
• How to integrate IBM z/OS mainframe security data into an enterprise SIEM solution
• How to leverage IBM z/OS security data to detect threats in the mainframe environment using big data analytics
• Review some compliance uses cases that have been addressed using big iron to big data analytics
In this presentation we will look at the cause and effect of the problem, analyze preparedness and learn how you can better prepare, detect, respond and recover from cyber-attacks.
This presentation is based on the 16th chapter of our textbook Fundamentals of Web Development. The book is published by Addison-Wesley. It can be purchased via http://www.amazon.com/Fundamentals-Web-Development-Randy-Connolly/dp/0133407152.
This book is intended to be used as a textbook on web development suitable for intermediate to upper-level computing students. It may also be of interest to a non-student reader wanting a single book that encompasses the entire breadth of contemporary web development.
This book will be the first in what will hopefully be a textbook series. Each book in the series will have the same topics and coverage but each will use a different web development environment. The first book in the series will use PHP.
To learn more about the book, visit http://www.funwebdev.com.
Digital Personal Data Protection (DPDP) Practical Approach For CISOsPriyanka Aash
Key Discussion Pointers:
1. Introduction to Data Privacy
- What is data privacy
- Privacy laws around the globe
- DPDPA Journey
2. Understanding the New Indian DPDPA 2023
- Objectives
- Principles of DPDPA
- Applicability
- Rights & Duties of Individuals
- Principals
- Legal implications/penalties
3. A practical approach to DPDPA compliance
- Personal data Inventory
- DPIA
- Risk treatment
It covers popular IaaS/PaaS attack vectors, list them, and map to other relevant projects such as STRIDE & MITRE. Security professionals can better understand what are the common attack vectors that are utilized in attacks, examples for previous events, and where they should focus their controls and security efforts.
Discuss Security Incidents & Business Use Case, Understanding Web 3 Pros
and Web 3 Cons. Prevention mechanism and how to make sure that it doesn’t happen to you?
Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)Priyanka Aash
Round Table Discussion On "Emerging New Threats And Top CISO Priorities In 2022"_ Bangalore
Date - 28 September, 2022. Decision Makers of different organizations joined this discussion and spoke on New Threats & Top CISO Priorities
Cloud Security: Limitations of Cloud Security Groups and Flow LogsPriyanka Aash
Cloud Security Groups are the firewalls of the cloud. They are built-in and provide basic access control functionality as part of the shared responsibility model. However, Cloud Security Groups do not provide the same protection or functionality that enterprises have come to expect with on-premises deployments. In this talk we will discuss the top cloud risks in 2020, why perimeters are a concept of the past and how in the world of no perimitiers do Cloud Security groups, the "Cloud FIrewalls", fit it. We will practically explore Cloud Security Group limitations across different cloud setups from a single vNet to multi-cloud
Most organizations have good enterprise-level security policies that define their approach to maintaining, improving, and securing their information and information systems. However, once the policies are signed by senior leadership and distributed throughout the organization, significant cybersecurity governance challenges remain. In this workshop I will explain the transforming organizational security to strengthen defenses and integrate cybersecurity with the overall approach toward security governance, risk management and compliance.
The Internet is home to seemingly infinite amounts of confidential and personal information. As a result of this mass storage of information, the system needs to be constantly updated and enforced to prevent hackers from retrieving such valuable and sensitive data. This increasing number of cyber-attacks has led to an increasing importance of Ethical Hacking. So Ethical hackers' job is to scan vulnerabilities and to find potential threats on a computer or networks. An ethical hacker finds the weakness or loopholes in a computer, web applications or network and reports them to the organization. It requires a thorough knowledge of Networks, web servers, computer viruses, SQL (Structured Query Language), cryptography, penetration testing, Attacks etc. In this session, you will learn all about ethical hacking. You will understand the what ethical hacking, Cyber- attacks, Tools and some hands-on demos. This session will also guide you with the various ethical hacking certifications available today.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
2. # R S A C
Where do you start protecting an enterprise?
2
3. # R S A C
Today’s CIS top 20 controls
• Published and
maintains list of controls
• Often used as a starting point
➢ Because they reduce risk &
some are really hard to do
From: https://www.cisecurity.org/controls/
3
4. # R S A C
Are these top 5 really the best?
4
• In today’s threat environment,
What should controls do?
o Check the “we have security” box?
o Meet compliance requirements?
o Reduce Business Risk?
o Or something else?
5. # R S A C
IT Governance – list of 742 incidents from Jan 17- Mar 18 (Lewis Morgan – Monthly Notes at IT Governance
https://www.itgovernance.co.uk/blog/author/lmorgan/) & speaker analysis & review
Online Trust Alliance - Cyber Incident Trends Report:
https://otalliance.org/system/files/files/initiative/documents/ota_cyber_incident_trends_report_jan2018.pdf
Verizon Data Breach Investigation Report (Apr 2017) (http://www.verizonenterprise.com/verizon-insights-lab/dbir/2017/)
IBM X-Force Threat Intelligence Index March 2018 (https://www.ibm.com/security/data-breach/threat-intelligence)
Crowdstrike Global Threat Report (Feb 26, 2018) (https://go.crowdstrike.com/CrowdStrike-Threat-Report.html)
Symantec 2018 Internet Security Threat Report (March 22, 2018) (https://www.symantec.com/content/dam/symantec/docs/reports/istr-23-
executive-summary-en.pdf)
Harvard Business Review - https://hbr.org/2017/12/which-of-your-employees-are-most-likely-to-expose-your-company-to-a-cyberattack (Dec,
2017)
2017 Healthcare Breaches - 2017 Breach Report: 477 Breaches, 5.6M Patient Records Affected https://www.healthcare-informatics.com/news-
item/cybersecurity/2017-breach-report-477-breaches-56m-patient-records-affected
Aetna fined for 12,000 lost records - https://healthitsecurity.com/news/17m-settlement-agreement-reached-in-aetna-data-breach-case
10 Largest Health care organizations by membership - http://www.beckersasc.com/asc-coding-billing-and-collections/the-10-largest-
health-insurance-companies-by-membership.html
RSA Phishlabs reporting: https://info.phishlabs.com/blog/rsa-2018-preview-phishing-trends-intelligence-report
5
Image used with credit to
https://www.flickr.com/photos/generated/3408879691
6. # R S A C
Analyzed multiple data sources
IT Governance List 742
incidents from Jan
2017-Mar 20181
Online Threat Alliance
identified 159,700
total cyber incidents in
20172
“93% of breaches
could have been
prevented”2
➢ 2FA would have
stopped or reduced
the impact of every
one
1 Lewis Morgan – Monthly Notes at IT Governance https://www.itgovernance.co.uk/blog/author/lmorgan/
2Online Trust Alliance: https://otalliance.org/system/files/files/initiative/documents/ota_cyber_incident_trends_report_jan2018.pdf
6
7. # R S A C
Considered the major attacks of 2017
7
Attack Methodologies
SWIFT Attacks (2016) Spearphishing, Credential misuse
HBO Spearphishing, Credential misuse
Leaked Government Tools Unknown – could be spearphishing, credential misuse, disgruntled insider
AWS Misconfigurations Scan for vulnerabilities, Credential misuse
WannaCry Privilege escalation, credential misuse
NotPetya S/W Supply chain exploit, Privilege escalation, credential misuse
Equifax Scan for vulnerabilities, Credential misuse
Ransomware Spear/phishing
Bad Rabbit Spear/phishing, privilege escalation, credential misuse,
8. # R S A C
Examined our experience
8
Financial Services
- 17 of the Top 25 US FIs
Banking
Hedge Funds
Health & Life Sciences
- 4 of the Top 15 Bio-
Pharma's + Ultra-rare
Biotech
Pharmaceutical
Transportation
- Multiple automakers/ OEMs
- Multiple US-based Airlines
Automotive
Aviation
Energy
- Fortune 50 Super-Major Oil &
Gas companies
Utilities
Nuclear
Exchanges
Insurance Technology
Logistics
Medical Devices Oil & Gas
9. # R S A C
How do breaches and attacks start?
9
Evidence: Phishing & Spearphishing
• Spear phishing is the number one infection vector employed by 71 percent of organized
groups in 2017 (Symantec ISTR)
• Phishing & Spearphishing are significant attack vectors across attack groups and methods
(Crowdstrike GTR)
• 66% of malware from email attachments (Verizon DBIR)
Solution: Technical Email Controls
• Active Spam & Phishing controls
• Sandboxing, prefetch
• DMARC, SPF, DKIM
• Track ‘Clicks’
• Mark ‘external’ email
10. # R S A C
Wait, how do breaches start?
10
Evidence: Clicking on Links or Opening Attachments
• 90% of incidents due to human error (OTA)
• More than 1/3 of inadvertent activity involved attackers tricking users with links and
attachments (IBM X-Force)
• Click rates of 7-14% are typical and vary by industry; much higher rates are surprisingly
common (Verizon DBIR)
Solution: Train Users To Spot Spear/Phishing
• Mark ‘external’ email
• Enable easy user reporting
• Phish yourself
• Manage incentives and penalties
11. # R S A C
How do attackers get in and move laterally?
11
Evidence: Privileged access - stolen or weak passwords
• 81% of incidents involved weak or stolen passwords or both;
“only a single-digit percentage of breaches…involved exploiting a vulnerability” (Verizon
DBIR)
• Stolen credentials were the most commonly seen lateral movement technique (Symantec)
• More than 1/3 of inadvertent activity involved attackers tricking users with links and
attachments (IBM X-Force)
• Multi-factor authentication would have stopped or reduced the impact of virtually every
attack in 2017 (& 2016, 2015, 2014....)
Solution: Implement multifactor authentication & manage privileged access
• Virtually any kind of two-factor solution is better than none
• Especially for privileged users and administrators
• Manage privileges, privilege groups, stored & cached credentials, and privilege groups
12. # R S A C
How do attackers “break systems’
12
Evidence: Exploiting known vulnerabilities
• Time to Patch a known vulnerability is 6 weeks or more (Verizon DBIR)
• Misconfigured servers and networked backup incidents exposed more than 2 billion records
in 2017 (IBM X-Force)
• Zero day attacks used by only 27 percent of the 140 targeted attack groups tracked by
Symantec
• Privilege escalation through known vulnerabilities is commonly used by attackers
(Crowdstrike)
Solution: Patch Quickly & Configure Properly
• Scans for vulnerabilities and configuration issues regularly
• Patch & fix identified vulnerabilities promptly
• Especially on Internet facing systems
13. # R S A C
Where do attackers start?
13
Evidence: Exploiting known vulnerabilities
• Overall targeted attack activity is up by 10 percent in 2017 (Symantec)
• Trade secrets, followed by personal information are the top data targets (Verizon DBIR)
• Top targeted industries are: financial services, info & comms technology, manufacturing,
retail, and professional services (IBM X-Force)
• eCrime groups and nation states target specific victims (Crowdstrike)
• Every adversary threat model starts with reconnaissance
Solution: Verify what’s facing the world & lock it down
• Use red teams to simulate adversary activity attacks
• Learn from offer external scans and risk scores
• Assess business and technology connections (aka dependencies)
• Especially on Internet facing systems
• Limit Internet Points of Presence; establish strong gateways/DMZs
14. # R S A C
The new Top Five
14
1. Implement multifactor authentication (MFA) & privileged access
management
2. Email technical controls
3. Train users to spot Spearphishing
4. Manage vulnerabilities well
5. Verify what’s facing the world & lock it down
15. # R S A C
Are there really only two kinds of companies?
Largest Health Insurance
Providers
# of Subscribers #of Data Records Lost to
Cyber Incidents (2012-2017)
1. United Healthcare 70 million 0
2. Anthem 39.4 million members 78 million1
3. Aetna 23 million members 12,000
4. Health Care Services Corp. 15 million members 0
5. Cigna 14.7 million members 0
6. Humana, 14.23 million members 3,831
7. Centene Corp. 11 million members 0
8. Kaiser Permanente 10.7 million members 8020
9. Highmark 5.3 million members 0
10. WellCare Health Plans 3.68 million members 24,809
Totals: ~207 million members ~78 million
1 The # of records lost at many companies exceeds the number of subscribers because the records of multiple family members may be associated with a single subscriber; in some cases, both current and past customer information was
lost.
Note: Companies that did not report a cybersecurity incident may have reported loss due to physical theft, employee negligence, or other factors.
15
16. # R S A C
How do these and other companies succeed?
16
• Nation-states and Criminals are looking for their
information
• Breach notification laws require reporting
• Under Executive Order 13636, the government
notifies companies when they are the target of an
incident.
➢ Focus on preparation based on reality
17. # R S A C
Some bonus ideas
17
• Practice and plan for major incidents
• Establish network & endpoint visibility for early
detection
• Breakout time <2 hours
• Dwell time ~86 days
• Review software supply chains & update processes
• Exercise realistic cyber incident plans
• Find comprehensive threat intelligence services and
automate integration
• Support a culture of innovation around all aspects of
the NIST Cybersecurity Framework
https://www.nist.gov/cyberframework
GOVERNANCE
18. # R S A C
When you get back to the office
18
• Review privileged account usage throughout the organization and investigate/implement MFA
• Begin Planning the implementation of MFA – even periodically for some applications that address APIs with
privilege
• Lock down email, DMARC/SPF/DKIM, Sandboxing, URL blocking attachment screening, marking email
“External”
• Think about anything that gives your users an edge –
• Expand phishing training – hit everyone with it on an irregular, but frequent basis increase awareness
• Then phish yourselves – use outlook/email tool buttons to increase reporting
• Update vulnerability management processes planning
• Focus on using inventory and architecture to drive patching the right things
• Review pentesting and red teaming plans – use external tools to look at yourselves from outside – like
the bad guys do
• Lock down anything that’s externally facing – especially cloud services from AWS & Axure to Google Docs,
Salesforce and ServiceNow.
20. # R S A C
References – partial list
IT Governance – list of 742 incidents from Jan 17- Mar 18 (Lewis Morgan – Monthly Notes at IT Governance
https://www.itgovernance.co.uk/blog/author/lmorgan/)
Online Trust Alliance - Cyber Incident Trends Report:
https://otalliance.org/system/files/files/initiative/documents/ota_cyber_incident_trends_report_jan2018.pdf
Verizon Data Breach Investigation Report (Apr 2017) (http://www.verizonenterprise.com/verizon-insights-lab/dbir/2017/)
IBM X-Force Threat Intelligence Index March 2018 (https://www.ibm.com/security/data-breach/threat-intelligence)
Crowdstrike Global Threat Report (Feb 26, 2018) (https://go.crowdstrike.com/CrowdStrike-Threat-Report.html)
Symantec 2018 Internet Security Threat Report (March 22, 2018) (https://www.symantec.com/content/dam/symantec/docs/reports/istr-23-executive-
summary-en.pdf)
Harvard Business Review - https://hbr.org/2017/12/which-of-your-employees-are-most-likely-to-expose-your-company-to-a-cyberattack (Dec, 2017)
2017 Healthcare Breaches - 2017 Breach Report: 477 Breaches, 5.6M Patient Records Affected https://www.healthcare-informatics.com/news-
item/cybersecurity/2017-breach-report-477-breaches-56m-patient-records-affected
Aetna fined for 12,000 lost records - https://healthitsecurity.com/news/17m-settlement-agreement-reached-in-aetna-data-breach-case
10 Largest Health care organizations by membership - http://www.beckersasc.com/asc-coding-billing-and-collections/the-10-largest-health-insurance-
companies-by-membership.html
RSA Phishlabs reporting: https://info.phishlabs.com/blog/rsa-2018-preview-phishing-trends-intelligence-report
20
21. # R S A C
Highlights - Symantec
Symantec 2018 Internet Security Threat Report (March 22, 2018)
(https://www.symantec.com/content/dam/symantec/docs/reports/istr-23-
executive-summary-en.pdf)
targeted attack activity is up by 10 percent in 2017, motivated primarily (90 percent) by
intelligence gathering.
Spear phishing is the number one infection vector employed by 71 percent of organized
groups in 2017. The use of zero days continues to fall out of favor. In fact, only 27 percent of
the 140 targeted attack groups tracked by Symantec
1 in 13 Web requests lead to malware Up 3% from 2016
~140 groups of attackers, criminal, nation-state and intelligence gathering
stolen credentials were the most commonly seen lateral movement technique employed.
Attackers often use hacking software tools to obtain credentials from a compromised
computer and then use them to attempt to log into other computers on the network.
There was at least one large software update supply chain attack reported every month in
2017.
21
22. # R S A C
Highlights - Crowdstrike
Crowdstrike Global Threat Report (Feb 26, 2018)
(https://go.crowdstrike.com/CrowdStrike-Threat-Report.html)
Trickle-down of military grade cyberweapons to mass criminal use &
concommitent use of criminal attacks like ransomware in nation-state attacks
Breakout time of <2 hours to move laterally
Average Dwell time – 86 days
Slow Down Attackers
— limiting user account permissions
— application whitelisting
— segregating users and networks,
— And aggressively applying available patches.
22
23. # R S A C
Highlights – IBM X-Force
IBM X-Force Threat Intelligence Index March 2018
(https://www.ibm.com/security/data-breach/threat-intelligence)
Ransomware attacks cost more than $8B (US) globally in 2017
Misconfigured cloud servers and networked backup incidents unintentionally
exposed more than 2 billion records
More than one-third of inadvertent activity experienced by X-Force-monitored
clients involved attackers attempting to trick users into clicking on a link or
opening an attachment.
23
24. # R S A C
Highlights - Verizon
Verizon Data Breach Investigation Report (Apr 2017)
(http://www.verizonenterprise.com/verizon-insights-lab/dbir/2017/)
81% of breaches used stolen/weak passwords
66% of malware from email attachments
Breach timelines continue to paint a rather dismal picture—with time-to-
compromise being only seconds, time-to-exfiltration taking days, and times to
discovery and containment staying firmly in the months camp. Not surprisingly,
fraud detection was the most prominent discovery method, accounting for
85% of all breaches...
Phishing was again the top variety, found in over 90% of both incidents and
breaches.
24
25. # R S A C
Highlights - RSA
RSA Phishlabs Early Report (https://info.phishlabs.com/blog/rsa-2018-
preview-phishing-trends-intelligence-report)
Targeting shifted to Enterprise users
Webmail now #1 target vs FS before
Number of Office 365 Attacks
Shift to enterprises
Phishing on SMS & Social Media growing
25