SlideShare a Scribd company logo

Mr. Roland Abi Najem - Security

P
promediakw

This document discusses security and hacking. It defines hacking as attempting to gain unauthorized access to computer resources and lists reasons people hack including for fun, to show off, secretly hack other systems, steal important information, and destroy enemy computer networks during war. It describes different types of hacking like website, network, email, and password hacking. It also outlines the evolution of malware from the 1980s to present day and shows statistics on mobile malware and app vulnerabilities. Finally, it discusses the anatomy of multi-staged cyber attacks and how traditional defenses are failing against new attacks.

Technology
1 of 14
Download to read offline
Security Prepared & Presented by Roland Abi Najem
The process of attempting to gain or successfully gaining, unauthorized access to computer resources is called Hacking. What Is Hacking ? 4/22/2015Roland Abi Najem 2
Just for fun. Show off. Hack other systems secretly. Notify many people their thought. Steal important information. Destroy enemy’s computer network during the war. 4/22/2015Roland Abi Najem 3 Reasons for Hacking
 Website Hacking  Network Hacking  Ethical Hacking  Email Hacking  Password Hacking  Online Banking Hacking  Computer Hacking Types Of Hacking 4/22/2015Roland Abi Najem 4
Evolution Of Malware 4/22/2015Roland Abi Najem 5 APTs Data Loss Filtering URL Filtering 1990s Anti-spam,Anti-spyware 2000s Anti-malware Trojans Worms, Bots Spyware Spam Grey-listing Behavioral Analysis Heuristics Whitelisting Rootkits PhishingZero-days 1980s 2010s OffenseDefense CodeRed Melissa Birth of Anti-Virus Mobile Threats
4/22/2015Roland Abi Najem 6 Statistics Tell A Story More than 5 billion downloads of Google Play apps are vulnerable to remote attacks The Android platform has the most mobile malware, around 96% About 60% popular Google Play apps have crypto weakness
4/22/2015Roland Abi Najem 7 Anatomy Of A Multi-Staged Cyber Attack Exploit Detection is Critical All Subsequent Stages can be Hidden or Obfuscated IP S File Share 2 File Share 1 5. Data Exfiltration 3. Callbacks and Control Established 4.Horizontal Spread Callback Server Exploit Server 1.Exploitation of System 2.Malware Executable Download Firewall
4/22/2015Roland Abi Najem 8 Structure Of A Multi-Flow Attack Exploit injects code in Web browser1 Exploit code downloads encrypted malware (not SSL!)2 3 Exploit code decrypts malware Target end point connects to C&C server4 CallbackExploit in compromise d Web page Encrypted Malware Command and Control Server Embedded Exploit Alters Endpoint Callback Encrypted malware downloads Callback and data exfiltration 1 2 3 4
4/22/2015Roland Abi Najem 9 Structure Of A Multi-Flow Attack Email with weaponized document, opened by user, causing exploit1 Client endpoint calls back to infection server2 3 Backdoor DLL dropped Encrypted callback over HTTP to command and control server4 Callback Server Weaponized Email (2011 Recruitment Plan.xls) Backdoor C&C Server 1 2 3 4
4/22/2015Roland Abi Najem 10 Anatomy Of A Mobile Threat Benign Access 1 Calendar Access 2 Microphone Access 3 Exfiltration 4 The tip of the iceberg Exfiltration Server 10AM CIA – FBI sync on Cuba Hidden Malicious Behavior
4/22/2015Roland Abi Najem 11 Traditional “Defense In Depth” Is Failing Firewalls/ NGFW Secure Web Gateways IPS Anti-Spam Gateways DesktopAV The New Breed of Attacks Evade Signature-Based Defenses
4/22/2015Roland Abi Najem 12 The High Cost Of Being Unprepared 229 Days Median # of days attackers are present on a victim network before detection. 3 Months 6 Months 9 Months Initial Breach of Companies Learned They Were Breached from an External Entity of Victims Had Up-To-Date Anti-Virus Signatures THREAT UNDETECTED REMEDIATION Source: M-Trends Report
4/22/2015Roland Abi Najem 13 The High Cost Of Being Unprepared 3 Months 6 Months 9 Months Initial Breach of Companies Learned They Were Breached from an External Entity of Victims Had Up-To-Date Anti-Virus Signatures THREAT UNDETECTED REMEDIATION Source: M-Trends Report, Ponemon 32 Days Average Time to Resolve an Attack
4/22/2015Roland Abi Najem 14 Thank You 

Recommended

Sophos Day Belgium - The IT Threat Landscape and what to look out for
Sophos Day Belgium - The IT Threat Landscape and what to look out forSophos Day Belgium - The IT Threat Landscape and what to look out for
Sophos Day Belgium - The IT Threat Landscape and what to look out for
Sophos Benelux
 
IT Security landscape and the latest threats and trends
IT Security landscape and the latest threats and trendsIT Security landscape and the latest threats and trends
IT Security landscape and the latest threats and trends
Sophos Benelux
 
Malware's Most Wanted: CryptoLocker—The Ransomware Trojan
Malware's Most Wanted: CryptoLocker—The Ransomware TrojanMalware's Most Wanted: CryptoLocker—The Ransomware Trojan
Malware's Most Wanted: CryptoLocker—The Ransomware Trojan
Cyphort
 
Ransomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDFRansomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDF
Andy Thompson
 
Ransomware: Mitigation Through Preparation
Ransomware: Mitigation Through PreparationRansomware: Mitigation Through Preparation
Ransomware: Mitigation Through Preparation
Hostway|HOSTING
 
Think Like a Hacker
Think Like a HackerThink Like a Hacker
Think Like a Hacker
NormShield, Inc.
 
Post Apocalyptic Cyber Realism
Post Apocalyptic Cyber RealismPost Apocalyptic Cyber Realism
Post Apocalyptic Cyber Realism
Richard Stiennon
 
Advantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity FrameworkAdvantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity Framework
Jack Shaffer
 

Recommended

Sophos Day Belgium - The IT Threat Landscape and what to look out for
Sophos Day Belgium - The IT Threat Landscape and what to look out forSophos Day Belgium - The IT Threat Landscape and what to look out for
Sophos Day Belgium - The IT Threat Landscape and what to look out for
Sophos Benelux
 
IT Security landscape and the latest threats and trends
IT Security landscape and the latest threats and trendsIT Security landscape and the latest threats and trends
IT Security landscape and the latest threats and trends
Sophos Benelux
 
Malware's Most Wanted: CryptoLocker—The Ransomware Trojan
Malware's Most Wanted: CryptoLocker—The Ransomware TrojanMalware's Most Wanted: CryptoLocker—The Ransomware Trojan
Malware's Most Wanted: CryptoLocker—The Ransomware Trojan
Cyphort
 
Ransomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDFRansomware: History, Analysis, & Mitigation - PDF
Ransomware: History, Analysis, & Mitigation - PDF
Andy Thompson
 
Ransomware: Mitigation Through Preparation
Ransomware: Mitigation Through PreparationRansomware: Mitigation Through Preparation
Ransomware: Mitigation Through Preparation
Hostway|HOSTING
 
Think Like a Hacker
Think Like a HackerThink Like a Hacker
Think Like a Hacker
NormShield, Inc.
 
Post Apocalyptic Cyber Realism
Post Apocalyptic Cyber RealismPost Apocalyptic Cyber Realism
Post Apocalyptic Cyber Realism
Richard Stiennon
 
Advantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity FrameworkAdvantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity Framework
Jack Shaffer
 
Ransomware - The Growing Threat
Ransomware - The Growing ThreatRansomware - The Growing Threat
Ransomware - The Growing Threat
Nick Miller
 
3rd Party Cyber Security: Manage your ecosystem!
3rd Party Cyber Security: Manage your ecosystem!3rd Party Cyber Security: Manage your ecosystem!
3rd Party Cyber Security: Manage your ecosystem!
NormShield, Inc.
 
NormShield Cyber Threat & Vulnerability Orchestration Overview
NormShield Cyber Threat & Vulnerability Orchestration OverviewNormShield Cyber Threat & Vulnerability Orchestration Overview
NormShield Cyber Threat & Vulnerability Orchestration Overview
NormShield, Inc.
 
5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...
5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...
5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...
ClearDATACloud
 
Ransomware - Impact, Evolution, Prevention
Ransomware - Impact, Evolution, PreventionRansomware - Impact, Evolution, Prevention
Ransomware - Impact, Evolution, Prevention
Mohammad Yahya
 
Disrupt Hackers With Robust User Authentication
Disrupt Hackers With Robust User AuthenticationDisrupt Hackers With Robust User Authentication
Disrupt Hackers With Robust User Authentication
Intel IT Center
 
MMW April 2016 Ransomware Resurgence
MMW April 2016 Ransomware Resurgence MMW April 2016 Ransomware Resurgence
MMW April 2016 Ransomware Resurgence
Cyphort
 
The EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organizationThe EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organization
Sophos Benelux
 
Enterprise security: ransomware in enterprise and corporate entities
Enterprise security: ransomware in enterprise and corporate entitiesEnterprise security: ransomware in enterprise and corporate entities
Enterprise security: ransomware in enterprise and corporate entities
Quick Heal Technologies Ltd.
 
External threats-to-information-system
External threats-to-information-systemExternal threats-to-information-system
External threats-to-information-system
Souman Guha
 
Don't Rely on Software Alone. Protect Endpoints with Hardware-Enhanced Security.
Don't Rely on Software Alone. Protect Endpoints with Hardware-Enhanced Security.Don't Rely on Software Alone. Protect Endpoints with Hardware-Enhanced Security.
Don't Rely on Software Alone. Protect Endpoints with Hardware-Enhanced Security.
Intel IT Center
 
Ransomware
RansomwareRansomware
Ransomwarem3 Networks Limited
 
Ransomware: History, Analysis, & Mitigation
Ransomware: History, Analysis, & MitigationRansomware: History, Analysis, & Mitigation
Ransomware: History, Analysis, & Mitigation
WhiskeyNeon
 
Ransomware: How to avoid a crypto crisis at your IT business
Ransomware: How to avoid a crypto crisis at your IT businessRansomware: How to avoid a crypto crisis at your IT business
Ransomware: How to avoid a crypto crisis at your IT business
Calyptix Security
 
Webinar: Insights from CYREN's Q3 trend report
Webinar: Insights from CYREN's Q3 trend reportWebinar: Insights from CYREN's Q3 trend report
Webinar: Insights from CYREN's Q3 trend report
Cyren, Inc
 
NewsByte Mumbai October 2017
NewsByte Mumbai October 2017NewsByte Mumbai October 2017
NewsByte Mumbai October 2017
chauhananand17
 
Computer securety
Computer securetyComputer securety
Computer securety
rushil ahmed
 
News Bytes
News BytesNews Bytes
News Bytes
Megha Sahu
 
DDOS ATTACK - MIRAI BOTNET
DDOS ATTACK - MIRAI BOTNET DDOS ATTACK - MIRAI BOTNET
DDOS ATTACK - MIRAI BOTNET
Sukhdeep Singh Sandhu
 
Cyber Espionage Against Georgia (Georbot)
Cyber Espionage Against Georgia (Georbot)Cyber Espionage Against Georgia (Georbot)
Cyber Espionage Against Georgia (Georbot)
DataExchangeAgency
 
بناء الثقافة الوظيفية - محمد كمال
بناء الثقافة الوظيفية - محمد كمال بناء الثقافة الوظيفية - محمد كمال
بناء الثقافة الوظيفية - محمد كمال
promediakw
 
Analisa morfologi barium heksaferit dengan sem
Analisa morfologi barium heksaferit dengan semAnalisa morfologi barium heksaferit dengan sem
Analisa morfologi barium heksaferit dengan semnandasari
 

More Related Content

What's hot

Ransomware - The Growing Threat
Ransomware - The Growing ThreatRansomware - The Growing Threat
Ransomware - The Growing Threat
Nick Miller
 
3rd Party Cyber Security: Manage your ecosystem!
3rd Party Cyber Security: Manage your ecosystem!3rd Party Cyber Security: Manage your ecosystem!
3rd Party Cyber Security: Manage your ecosystem!
NormShield, Inc.
 
NormShield Cyber Threat & Vulnerability Orchestration Overview
NormShield Cyber Threat & Vulnerability Orchestration OverviewNormShield Cyber Threat & Vulnerability Orchestration Overview
NormShield Cyber Threat & Vulnerability Orchestration Overview
NormShield, Inc.
 
5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...
5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...
5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...
ClearDATACloud
 
Ransomware - Impact, Evolution, Prevention
Ransomware - Impact, Evolution, PreventionRansomware - Impact, Evolution, Prevention
Ransomware - Impact, Evolution, Prevention
Mohammad Yahya
 
Disrupt Hackers With Robust User Authentication
Disrupt Hackers With Robust User AuthenticationDisrupt Hackers With Robust User Authentication
Disrupt Hackers With Robust User Authentication
Intel IT Center
 
MMW April 2016 Ransomware Resurgence
MMW April 2016 Ransomware Resurgence MMW April 2016 Ransomware Resurgence
MMW April 2016 Ransomware Resurgence
Cyphort
 
The EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organizationThe EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organization
Sophos Benelux
 
Enterprise security: ransomware in enterprise and corporate entities
Enterprise security: ransomware in enterprise and corporate entitiesEnterprise security: ransomware in enterprise and corporate entities
Enterprise security: ransomware in enterprise and corporate entities
Quick Heal Technologies Ltd.
 
External threats-to-information-system
External threats-to-information-systemExternal threats-to-information-system
External threats-to-information-system
Souman Guha
 
Don't Rely on Software Alone. Protect Endpoints with Hardware-Enhanced Security.
Don't Rely on Software Alone. Protect Endpoints with Hardware-Enhanced Security.Don't Rely on Software Alone. Protect Endpoints with Hardware-Enhanced Security.
Don't Rely on Software Alone. Protect Endpoints with Hardware-Enhanced Security.
Intel IT Center
 
Ransomware: History, Analysis, & Mitigation
Ransomware: History, Analysis, & MitigationRansomware: History, Analysis, & Mitigation
Ransomware: History, Analysis, & Mitigation
WhiskeyNeon
 
Ransomware: How to avoid a crypto crisis at your IT business
Ransomware: How to avoid a crypto crisis at your IT businessRansomware: How to avoid a crypto crisis at your IT business
Ransomware: How to avoid a crypto crisis at your IT business
Calyptix Security
 
Webinar: Insights from CYREN's Q3 trend report
Webinar: Insights from CYREN's Q3 trend reportWebinar: Insights from CYREN's Q3 trend report
Webinar: Insights from CYREN's Q3 trend report
Cyren, Inc
 
NewsByte Mumbai October 2017
NewsByte Mumbai October 2017NewsByte Mumbai October 2017
NewsByte Mumbai October 2017
chauhananand17
 
Computer securety
Computer securetyComputer securety
Computer securety
rushil ahmed
 
News Bytes
News BytesNews Bytes
News Bytes
Megha Sahu
 
DDOS ATTACK - MIRAI BOTNET
DDOS ATTACK - MIRAI BOTNET DDOS ATTACK - MIRAI BOTNET
DDOS ATTACK - MIRAI BOTNET
Sukhdeep Singh Sandhu
 
Cyber Espionage Against Georgia (Georbot)
Cyber Espionage Against Georgia (Georbot)Cyber Espionage Against Georgia (Georbot)
Cyber Espionage Against Georgia (Georbot)
DataExchangeAgency
 

What's hot (20)

Ransomware - The Growing Threat
Ransomware - The Growing ThreatRansomware - The Growing Threat
Ransomware - The Growing Threat
 
3rd Party Cyber Security: Manage your ecosystem!
3rd Party Cyber Security: Manage your ecosystem!3rd Party Cyber Security: Manage your ecosystem!
3rd Party Cyber Security: Manage your ecosystem!
 
NormShield Cyber Threat & Vulnerability Orchestration Overview
NormShield Cyber Threat & Vulnerability Orchestration OverviewNormShield Cyber Threat & Vulnerability Orchestration Overview
NormShield Cyber Threat & Vulnerability Orchestration Overview
 
5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...
5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...
5 Ways to Protect Your Healthcare Organization from a Ransomware Attack - HIM...
 
Ransomware - Impact, Evolution, Prevention
Ransomware - Impact, Evolution, PreventionRansomware - Impact, Evolution, Prevention
Ransomware - Impact, Evolution, Prevention
 
Disrupt Hackers With Robust User Authentication
Disrupt Hackers With Robust User AuthenticationDisrupt Hackers With Robust User Authentication
Disrupt Hackers With Robust User Authentication
 
MMW April 2016 Ransomware Resurgence
MMW April 2016 Ransomware Resurgence MMW April 2016 Ransomware Resurgence
MMW April 2016 Ransomware Resurgence
 
The EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organizationThe EU Data Protection Regulation and what it means for your organization
The EU Data Protection Regulation and what it means for your organization
 
Enterprise security: ransomware in enterprise and corporate entities
Enterprise security: ransomware in enterprise and corporate entitiesEnterprise security: ransomware in enterprise and corporate entities
Enterprise security: ransomware in enterprise and corporate entities
 
External threats-to-information-system
External threats-to-information-systemExternal threats-to-information-system
External threats-to-information-system
 
Don't Rely on Software Alone. Protect Endpoints with Hardware-Enhanced Security.
Don't Rely on Software Alone. Protect Endpoints with Hardware-Enhanced Security.Don't Rely on Software Alone. Protect Endpoints with Hardware-Enhanced Security.
Don't Rely on Software Alone. Protect Endpoints with Hardware-Enhanced Security.
 
Ransomware
RansomwareRansomware
Ransomware
 
Ransomware: History, Analysis, & Mitigation
Ransomware: History, Analysis, & MitigationRansomware: History, Analysis, & Mitigation
Ransomware: History, Analysis, & Mitigation
 
Ransomware: How to avoid a crypto crisis at your IT business
Ransomware: How to avoid a crypto crisis at your IT businessRansomware: How to avoid a crypto crisis at your IT business
Ransomware: How to avoid a crypto crisis at your IT business
 
Webinar: Insights from CYREN's Q3 trend report
Webinar: Insights from CYREN's Q3 trend reportWebinar: Insights from CYREN's Q3 trend report
Webinar: Insights from CYREN's Q3 trend report
 
NewsByte Mumbai October 2017
NewsByte Mumbai October 2017NewsByte Mumbai October 2017
NewsByte Mumbai October 2017
 
Computer securety
Computer securetyComputer securety
Computer securety
 
News Bytes
News BytesNews Bytes
News Bytes
 
DDOS ATTACK - MIRAI BOTNET
DDOS ATTACK - MIRAI BOTNET DDOS ATTACK - MIRAI BOTNET
DDOS ATTACK - MIRAI BOTNET
 
Cyber Espionage Against Georgia (Georbot)
Cyber Espionage Against Georgia (Georbot)Cyber Espionage Against Georgia (Georbot)
Cyber Espionage Against Georgia (Georbot)
 

Viewers also liked

بناء الثقافة الوظيفية - محمد كمال
بناء الثقافة الوظيفية - محمد كمال بناء الثقافة الوظيفية - محمد كمال
بناء الثقافة الوظيفية - محمد كمال
promediakw
 
Analisa morfologi barium heksaferit dengan sem
Analisa morfologi barium heksaferit dengan semAnalisa morfologi barium heksaferit dengan sem
Analisa morfologi barium heksaferit dengan semnandasari
 
Comp plan kick off meeting notes 1 26 2016
Comp plan kick off meeting notes 1 26 2016Comp plan kick off meeting notes 1 26 2016
Comp plan kick off meeting notes 1 26 2016
gscplanning
 
Curso de Capacitación ESI y NTICX
Curso de Capacitación ESI y NTICXCurso de Capacitación ESI y NTICX
Curso de Capacitación ESI y NTICX
Diee Willsong
 
International Mining Projects - Armtec
International Mining Projects - ArmtecInternational Mining Projects - Armtec
International Mining Projects - Armtec
Agata Woźniak
 
Environmentally sensitive areas
Environmentally sensitive areasEnvironmentally sensitive areas
Environmentally sensitive areas
gscplanning
 
Electric utility fuel sources and prices
Electric utility fuel sources and pricesElectric utility fuel sources and prices
Electric utility fuel sources and prices
ElectricityMatch.com
 
Cash for gold company canada
Cash for gold company canadaCash for gold company canada
Cash for gold company canada
Silver and Gold For Cash
 
Evidence 1
Evidence 1Evidence 1
Evidence 1
brookemarshall
 
10 Most Common STD Myths
10 Most Common STD Myths10 Most Common STD Myths
10 Most Common STD Myths
STD Check
 
Evidence 6
Evidence 6Evidence 6
Evidence 6
brookemarshall
 
Dr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talkDr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talk
promediakw
 
Presentación ingenieria de procesos
Presentación ingenieria de procesosPresentación ingenieria de procesos
Presentación ingenieria de procesos
Helmer Fernandez
 
Mumstravel blog - presentation
Mumstravel blog - presentationMumstravel blog - presentation
Mumstravel blog - presentation
naida_mc
 
د. محمد كمال
د. محمد كمال د. محمد كمال
د. محمد كمال
promediakw
 
Lousiest Ways to Tell Someone You Gave Them an STD
Lousiest Ways to Tell Someone You Gave Them an STDLousiest Ways to Tell Someone You Gave Them an STD
Lousiest Ways to Tell Someone You Gave Them an STDSTD Check
 
Cash for Gold
Cash for GoldCash for Gold
Cash for Gold
Silver and Gold For Cash
 
Presentación emprendimiento ing. procesos
Presentación emprendimiento ing. procesosPresentación emprendimiento ing. procesos
Presentación emprendimiento ing. procesos
Helmer Fernandez
 
13 C class notes for Teen Trouble documentary
13 C class notes for Teen Trouble documentary13 C class notes for Teen Trouble documentary
13 C class notes for Teen Trouble documentary
laneford
 

Viewers also liked (20)

بناء الثقافة الوظيفية - محمد كمال
بناء الثقافة الوظيفية - محمد كمال بناء الثقافة الوظيفية - محمد كمال
بناء الثقافة الوظيفية - محمد كمال
 
Analisa morfologi barium heksaferit dengan sem
Analisa morfologi barium heksaferit dengan semAnalisa morfologi barium heksaferit dengan sem
Analisa morfologi barium heksaferit dengan sem
 
Comp plan kick off meeting notes 1 26 2016
Comp plan kick off meeting notes 1 26 2016Comp plan kick off meeting notes 1 26 2016
Comp plan kick off meeting notes 1 26 2016
 
Curso de Capacitación ESI y NTICX
Curso de Capacitación ESI y NTICXCurso de Capacitación ESI y NTICX
Curso de Capacitación ESI y NTICX
 
International Mining Projects - Armtec
International Mining Projects - ArmtecInternational Mining Projects - Armtec
International Mining Projects - Armtec
 
Environmentally sensitive areas
Environmentally sensitive areasEnvironmentally sensitive areas
Environmentally sensitive areas
 
Electric utility fuel sources and prices
Electric utility fuel sources and pricesElectric utility fuel sources and prices
Electric utility fuel sources and prices
 
Cash for gold company canada
Cash for gold company canadaCash for gold company canada
Cash for gold company canada
 
Evidence 1
Evidence 1Evidence 1
Evidence 1
 
10 Most Common STD Myths
10 Most Common STD Myths10 Most Common STD Myths
10 Most Common STD Myths
 
Evidence 6
Evidence 6Evidence 6
Evidence 6
 
Dr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talkDr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talk
 
Delivery kpi
Delivery kpiDelivery kpi
Delivery kpi
 
Presentación ingenieria de procesos
Presentación ingenieria de procesosPresentación ingenieria de procesos
Presentación ingenieria de procesos
 
Mumstravel blog - presentation
Mumstravel blog - presentationMumstravel blog - presentation
Mumstravel blog - presentation
 
د. محمد كمال
د. محمد كمال د. محمد كمال
د. محمد كمال
 
Lousiest Ways to Tell Someone You Gave Them an STD
Lousiest Ways to Tell Someone You Gave Them an STDLousiest Ways to Tell Someone You Gave Them an STD
Lousiest Ways to Tell Someone You Gave Them an STD
 
Cash for Gold
Cash for GoldCash for Gold
Cash for Gold
 
Presentación emprendimiento ing. procesos
Presentación emprendimiento ing. procesosPresentación emprendimiento ing. procesos
Presentación emprendimiento ing. procesos
 
13 C class notes for Teen Trouble documentary
13 C class notes for Teen Trouble documentary13 C class notes for Teen Trouble documentary
13 C class notes for Teen Trouble documentary
 

Similar to Mr. Roland Abi Najem - Security

Issa jason dablow
Issa jason dablowIssa jason dablow
Issa jason dablow
ISSA LA
 
Key Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence IndexKey Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence Index
IBM Security
 
FireEye Use Cases — FireEye Solution Deployment Experience
FireEye Use Cases — FireEye Solution Deployment ExperienceFireEye Use Cases — FireEye Solution Deployment Experience
FireEye Use Cases — FireEye Solution Deployment Experience
Valery Yelanin
 
Emerging Threats and Strategies of Defense
Emerging Threats and Strategies of Defense Emerging Threats and Strategies of Defense
Emerging Threats and Strategies of Defense
Alert Logic
 
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat Report
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat ReportTECHNICAL WHITE PAPER▶ Symantec Website Security Threat Report
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat Report
Symantec
 
Symantec Website Threat Report Part-1 2015
Symantec Website Threat Report Part-1 2015Symantec Website Threat Report Part-1 2015
Symantec Website Threat Report Part-1 2015
RapidSSLOnline.com
 
DEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.pptDEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.ppt
schwarz10
 
Info Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study JamsInfo Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study Jams
GDSCCVR
 
EverSec + Cyphort: Big Trends in Cybersecurity
EverSec + Cyphort: Big Trends in CybersecurityEverSec + Cyphort: Big Trends in Cybersecurity
EverSec + Cyphort: Big Trends in Cybersecurity
Cyphort
 
Stop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by DownloadsStop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by DownloadsInvincea, Inc.
 
Security Lifecycle Management Process
Security Lifecycle Management ProcessSecurity Lifecycle Management Process
Security Lifecycle Management Process
Bill Ross
 
A comprehensive survey ransomware attacks prevention, monitoring and damage c...
A comprehensive survey ransomware attacks prevention, monitoring and damage c...A comprehensive survey ransomware attacks prevention, monitoring and damage c...
A comprehensive survey ransomware attacks prevention, monitoring and damage c...
RSIS International
 
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...
AshishDPatel1
 
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...
RSIS International
 
Secure by design and secure software development
Secure by design and secure software developmentSecure by design and secure software development
Secure by design and secure software development
Bill Ross
 
Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats
Dell World
 
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
Kaukau9
 
need for NS.ppt
need for NS.pptneed for NS.ppt
need for NS.ppt
LahiruRatnayake2
 
Data breach at Target, demystified.
Data breach at Target, demystified.Data breach at Target, demystified.
Data breach at Target, demystified.
Cyphort
 
E-commerce security.ppt
E-commerce security.pptE-commerce security.ppt
E-commerce security.ppt
Susan130641
 

Similar to Mr. Roland Abi Najem - Security (20)

Issa jason dablow
Issa jason dablowIssa jason dablow
Issa jason dablow
 
Key Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence IndexKey Findings from the 2015 IBM Cyber Security Intelligence Index
Key Findings from the 2015 IBM Cyber Security Intelligence Index
 
FireEye Use Cases — FireEye Solution Deployment Experience
FireEye Use Cases — FireEye Solution Deployment ExperienceFireEye Use Cases — FireEye Solution Deployment Experience
FireEye Use Cases — FireEye Solution Deployment Experience
 
Emerging Threats and Strategies of Defense
Emerging Threats and Strategies of Defense Emerging Threats and Strategies of Defense
Emerging Threats and Strategies of Defense
 
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat Report
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat ReportTECHNICAL WHITE PAPER▶ Symantec Website Security Threat Report
TECHNICAL WHITE PAPER▶ Symantec Website Security Threat Report
 
Symantec Website Threat Report Part-1 2015
Symantec Website Threat Report Part-1 2015Symantec Website Threat Report Part-1 2015
Symantec Website Threat Report Part-1 2015
 
DEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.pptDEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.ppt
 
Info Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study JamsInfo Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study Jams
 
EverSec + Cyphort: Big Trends in Cybersecurity
EverSec + Cyphort: Big Trends in CybersecurityEverSec + Cyphort: Big Trends in Cybersecurity
EverSec + Cyphort: Big Trends in Cybersecurity
 
Stop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by DownloadsStop Watering Holes, Spear-Phishing and Drive-by Downloads
Stop Watering Holes, Spear-Phishing and Drive-by Downloads
 
Security Lifecycle Management Process
Security Lifecycle Management ProcessSecurity Lifecycle Management Process
Security Lifecycle Management Process
 
A comprehensive survey ransomware attacks prevention, monitoring and damage c...
A comprehensive survey ransomware attacks prevention, monitoring and damage c...A comprehensive survey ransomware attacks prevention, monitoring and damage c...
A comprehensive survey ransomware attacks prevention, monitoring and damage c...
 
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...
 
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...
A Comprehensive Survey: Ransomware Attacks Prevention, Monitoring and Damage ...
 
Secure by design and secure software development
Secure by design and secure software developmentSecure by design and secure software development
Secure by design and secure software development
 
Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats Key Security Insights: Examining 2014 to predict emerging threats
Key Security Insights: Examining 2014 to predict emerging threats
 
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
30ITSecurityThreatsVulnerabilitiesandCountermeasuresV1.ppt
 
need for NS.ppt
need for NS.pptneed for NS.ppt
need for NS.ppt
 
Data breach at Target, demystified.
Data breach at Target, demystified.Data breach at Target, demystified.
Data breach at Target, demystified.
 
E-commerce security.ppt
E-commerce security.pptE-commerce security.ppt
E-commerce security.ppt
 

More from promediakw

ورقة عمل المؤتمر الخليجي الثاني بالكويت تقديم دكتور عنتر سليمان
ورقة عمل المؤتمر الخليجي الثاني بالكويت تقديم دكتور عنتر سليمانورقة عمل المؤتمر الخليجي الثاني بالكويت تقديم دكتور عنتر سليمان
ورقة عمل المؤتمر الخليجي الثاني بالكويت تقديم دكتور عنتر سليمان
promediakw
 
دور التدريب فى تحقيق الميزة التنافسية محمد عمرو صادق
دور التدريب فى تحقيق الميزة التنافسية محمد عمرو صادق دور التدريب فى تحقيق الميزة التنافسية محمد عمرو صادق
دور التدريب فى تحقيق الميزة التنافسية محمد عمرو صادق
promediakw
 
إنجح في التوظيف ميلاد حدشيتي
إنجح في التوظيف ميلاد حدشيتيإنجح في التوظيف ميلاد حدشيتي
إنجح في التوظيف ميلاد حدشيتي
promediakw
 
الكوتشنج الوظيفي مؤتمر الموارد البشرية الخليجي- أحمد مجدي
الكوتشنج الوظيفي مؤتمر الموارد البشرية الخليجي- أحمد مجدي الكوتشنج الوظيفي مؤتمر الموارد البشرية الخليجي- أحمد مجدي
الكوتشنج الوظيفي مؤتمر الموارد البشرية الخليجي- أحمد مجدي
promediakw
 
2د. محمد كمال
2د. محمد كمال 2د. محمد كمال
2د. محمد كمال
promediakw
 
وليد حمود ورقة الأمانة العامة
وليد حمود ورقة الأمانة العامة وليد حمود ورقة الأمانة العامة
وليد حمود ورقة الأمانة العامة
promediakw
 
محمد العوفي - تنمية الموارد البشرية الخليجية كمدخل استراتيجي لتحقيق ثروة
محمد العوفي - تنمية الموارد البشرية الخليجية كمدخل استراتيجي لتحقيق ثروة محمد العوفي - تنمية الموارد البشرية الخليجية كمدخل استراتيجي لتحقيق ثروة
محمد العوفي - تنمية الموارد البشرية الخليجية كمدخل استراتيجي لتحقيق ثروة
promediakw
 
أمل الرشدان -التحسين المستمر بروميديا
أمل الرشدان -التحسين المستمر بروميديا أمل الرشدان -التحسين المستمر بروميديا
أمل الرشدان -التحسين المستمر بروميديا
promediakw
 
Eng. salman zafar - Concept of zero wastes and role of material recovery faci...
Eng. salman zafar - Concept of zero wastes and role of material recovery faci...Eng. salman zafar - Concept of zero wastes and role of material recovery faci...
Eng. salman zafar - Concept of zero wastes and role of material recovery faci...
promediakw
 
مؤتمر النفايات
مؤتمر النفاياتمؤتمر النفايات
مؤتمر النفايات
promediakw
 
Eng. ch. rama krushna chary drilling waste management
Eng. ch. rama krushna chary drilling waste managementEng. ch. rama krushna chary drilling waste management
Eng. ch. rama krushna chary drilling waste management
promediakw
 
Dr shirish naik - Decentralized wastewater treatment systems
Dr shirish naik - Decentralized wastewater treatment systemsDr shirish naik - Decentralized wastewater treatment systems
Dr shirish naik - Decentralized wastewater treatment systems
promediakw
 
Dr. S. Neelamani - Scrap tires as wave barriers in the marine environmnet ana...
Dr. S. Neelamani - Scrap tires as wave barriers in the marine environmnet ana...Dr. S. Neelamani - Scrap tires as wave barriers in the marine environmnet ana...
Dr. S. Neelamani - Scrap tires as wave barriers in the marine environmnet ana...
promediakw
 
Dr. Faten Al-Attar - Green building and waste management
Dr. Faten Al-Attar - Green building and waste managementDr. Faten Al-Attar - Green building and waste management
Dr. Faten Al-Attar - Green building and waste management
promediakw
 
Dr. Ahmad Abdul Hay Agwa - Offshore drilling waste treatments & risk manageme...
Dr. Ahmad Abdul Hay Agwa - Offshore drilling waste treatments & risk manageme...Dr. Ahmad Abdul Hay Agwa - Offshore drilling waste treatments & risk manageme...
Dr. Ahmad Abdul Hay Agwa - Offshore drilling waste treatments & risk manageme...
promediakw
 
Dr. Abdul Rehman Khan - Rehabilitation of an industrial mercury contaminated ...
Dr. Abdul Rehman Khan - Rehabilitation of an industrial mercury contaminated ...Dr. Abdul Rehman Khan - Rehabilitation of an industrial mercury contaminated ...
Dr. Abdul Rehman Khan - Rehabilitation of an industrial mercury contaminated ...
promediakw
 
Dr. Ziyad Salloum - Geographical Passwords
Dr. Ziyad Salloum - Geographical PasswordsDr. Ziyad Salloum - Geographical Passwords
Dr. Ziyad Salloum - Geographical Passwords
promediakw
 
Mr. Tamer el - Bahey - Leveraging open source intelligence v1.1
Mr. Tamer el - Bahey - Leveraging open source intelligence v1.1Mr. Tamer el - Bahey - Leveraging open source intelligence v1.1
Mr. Tamer el - Bahey - Leveraging open source intelligence v1.1
promediakw
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
promediakw
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
promediakw
 

More from promediakw (20)

ورقة عمل المؤتمر الخليجي الثاني بالكويت تقديم دكتور عنتر سليمان
ورقة عمل المؤتمر الخليجي الثاني بالكويت تقديم دكتور عنتر سليمانورقة عمل المؤتمر الخليجي الثاني بالكويت تقديم دكتور عنتر سليمان
ورقة عمل المؤتمر الخليجي الثاني بالكويت تقديم دكتور عنتر سليمان
 
دور التدريب فى تحقيق الميزة التنافسية محمد عمرو صادق
دور التدريب فى تحقيق الميزة التنافسية محمد عمرو صادق دور التدريب فى تحقيق الميزة التنافسية محمد عمرو صادق
دور التدريب فى تحقيق الميزة التنافسية محمد عمرو صادق
 
إنجح في التوظيف ميلاد حدشيتي
إنجح في التوظيف ميلاد حدشيتيإنجح في التوظيف ميلاد حدشيتي
إنجح في التوظيف ميلاد حدشيتي
 
الكوتشنج الوظيفي مؤتمر الموارد البشرية الخليجي- أحمد مجدي
الكوتشنج الوظيفي مؤتمر الموارد البشرية الخليجي- أحمد مجدي الكوتشنج الوظيفي مؤتمر الموارد البشرية الخليجي- أحمد مجدي
الكوتشنج الوظيفي مؤتمر الموارد البشرية الخليجي- أحمد مجدي
 
2د. محمد كمال
2د. محمد كمال 2د. محمد كمال
2د. محمد كمال
 
وليد حمود ورقة الأمانة العامة
وليد حمود ورقة الأمانة العامة وليد حمود ورقة الأمانة العامة
وليد حمود ورقة الأمانة العامة
 
محمد العوفي - تنمية الموارد البشرية الخليجية كمدخل استراتيجي لتحقيق ثروة
محمد العوفي - تنمية الموارد البشرية الخليجية كمدخل استراتيجي لتحقيق ثروة محمد العوفي - تنمية الموارد البشرية الخليجية كمدخل استراتيجي لتحقيق ثروة
محمد العوفي - تنمية الموارد البشرية الخليجية كمدخل استراتيجي لتحقيق ثروة
 
أمل الرشدان -التحسين المستمر بروميديا
أمل الرشدان -التحسين المستمر بروميديا أمل الرشدان -التحسين المستمر بروميديا
أمل الرشدان -التحسين المستمر بروميديا
 
Eng. salman zafar - Concept of zero wastes and role of material recovery faci...
Eng. salman zafar - Concept of zero wastes and role of material recovery faci...Eng. salman zafar - Concept of zero wastes and role of material recovery faci...
Eng. salman zafar - Concept of zero wastes and role of material recovery faci...
 
مؤتمر النفايات
مؤتمر النفاياتمؤتمر النفايات
مؤتمر النفايات
 
Eng. ch. rama krushna chary drilling waste management
Eng. ch. rama krushna chary drilling waste managementEng. ch. rama krushna chary drilling waste management
Eng. ch. rama krushna chary drilling waste management
 
Dr shirish naik - Decentralized wastewater treatment systems
Dr shirish naik - Decentralized wastewater treatment systemsDr shirish naik - Decentralized wastewater treatment systems
Dr shirish naik - Decentralized wastewater treatment systems
 
Dr. S. Neelamani - Scrap tires as wave barriers in the marine environmnet ana...
Dr. S. Neelamani - Scrap tires as wave barriers in the marine environmnet ana...Dr. S. Neelamani - Scrap tires as wave barriers in the marine environmnet ana...
Dr. S. Neelamani - Scrap tires as wave barriers in the marine environmnet ana...
 
Dr. Faten Al-Attar - Green building and waste management
Dr. Faten Al-Attar - Green building and waste managementDr. Faten Al-Attar - Green building and waste management
Dr. Faten Al-Attar - Green building and waste management
 
Dr. Ahmad Abdul Hay Agwa - Offshore drilling waste treatments & risk manageme...
Dr. Ahmad Abdul Hay Agwa - Offshore drilling waste treatments & risk manageme...Dr. Ahmad Abdul Hay Agwa - Offshore drilling waste treatments & risk manageme...
Dr. Ahmad Abdul Hay Agwa - Offshore drilling waste treatments & risk manageme...
 
Dr. Abdul Rehman Khan - Rehabilitation of an industrial mercury contaminated ...
Dr. Abdul Rehman Khan - Rehabilitation of an industrial mercury contaminated ...Dr. Abdul Rehman Khan - Rehabilitation of an industrial mercury contaminated ...
Dr. Abdul Rehman Khan - Rehabilitation of an industrial mercury contaminated ...
 
Dr. Ziyad Salloum - Geographical Passwords
Dr. Ziyad Salloum - Geographical PasswordsDr. Ziyad Salloum - Geographical Passwords
Dr. Ziyad Salloum - Geographical Passwords
 
Mr. Tamer el - Bahey - Leveraging open source intelligence v1.1
Mr. Tamer el - Bahey - Leveraging open source intelligence v1.1Mr. Tamer el - Bahey - Leveraging open source intelligence v1.1
Mr. Tamer el - Bahey - Leveraging open source intelligence v1.1
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
 
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
Mr. Sayed Rabbani - Quality Assurance - The 80% of Industrial Control System ...
 

Recently uploaded

The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
Jen Stirrup
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
James Anderson
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
Vlad Stirbu
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
Alex Pruden
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
Peter Spielvogel
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 

Recently uploaded (20)

The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...The Metaverse and AI: how can decision-makers harness the Metaverse for their...
The Metaverse and AI: how can decision-makers harness the Metaverse for their...
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
 
Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
Assure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyesAssure Contact Center Experiences for Your Customers With ThousandEyes
Assure Contact Center Experiences for Your Customers With ThousandEyes
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 

Mr. Roland Abi Najem - Security

  • 1. Security Prepared & Presented by Roland Abi Najem
  • 2. The process of attempting to gain or successfully gaining, unauthorized access to computer resources is called Hacking. What Is Hacking ? 4/22/2015Roland Abi Najem 2
  • 3. Just for fun. Show off. Hack other systems secretly. Notify many people their thought. Steal important information. Destroy enemy’s computer network during the war. 4/22/2015Roland Abi Najem 3 Reasons for Hacking
  • 4.  Website Hacking  Network Hacking  Ethical Hacking  Email Hacking  Password Hacking  Online Banking Hacking  Computer Hacking Types Of Hacking 4/22/2015Roland Abi Najem 4
  • 5. Evolution Of Malware 4/22/2015Roland Abi Najem 5 APTs Data Loss Filtering URL Filtering 1990s Anti-spam,Anti-spyware 2000s Anti-malware Trojans Worms, Bots Spyware Spam Grey-listing Behavioral Analysis Heuristics Whitelisting Rootkits PhishingZero-days 1980s 2010s OffenseDefense CodeRed Melissa Birth of Anti-Virus Mobile Threats
  • 6. 4/22/2015Roland Abi Najem 6 Statistics Tell A Story More than 5 billion downloads of Google Play apps are vulnerable to remote attacks The Android platform has the most mobile malware, around 96% About 60% popular Google Play apps have crypto weakness
  • 7. 4/22/2015Roland Abi Najem 7 Anatomy Of A Multi-Staged Cyber Attack Exploit Detection is Critical All Subsequent Stages can be Hidden or Obfuscated IP S File Share 2 File Share 1 5. Data Exfiltration 3. Callbacks and Control Established 4.Horizontal Spread Callback Server Exploit Server 1.Exploitation of System 2.Malware Executable Download Firewall
  • 8. 4/22/2015Roland Abi Najem 8 Structure Of A Multi-Flow Attack Exploit injects code in Web browser1 Exploit code downloads encrypted malware (not SSL!)2 3 Exploit code decrypts malware Target end point connects to C&C server4 CallbackExploit in compromise d Web page Encrypted Malware Command and Control Server Embedded Exploit Alters Endpoint Callback Encrypted malware downloads Callback and data exfiltration 1 2 3 4
  • 9. 4/22/2015Roland Abi Najem 9 Structure Of A Multi-Flow Attack Email with weaponized document, opened by user, causing exploit1 Client endpoint calls back to infection server2 3 Backdoor DLL dropped Encrypted callback over HTTP to command and control server4 Callback Server Weaponized Email (2011 Recruitment Plan.xls) Backdoor C&C Server 1 2 3 4
  • 10. 4/22/2015Roland Abi Najem 10 Anatomy Of A Mobile Threat Benign Access 1 Calendar Access 2 Microphone Access 3 Exfiltration 4 The tip of the iceberg Exfiltration Server 10AM CIA – FBI sync on Cuba Hidden Malicious Behavior
  • 11. 4/22/2015Roland Abi Najem 11 Traditional “Defense In Depth” Is Failing Firewalls/ NGFW Secure Web Gateways IPS Anti-Spam Gateways DesktopAV The New Breed of Attacks Evade Signature-Based Defenses
  • 12. 4/22/2015Roland Abi Najem 12 The High Cost Of Being Unprepared 229 Days Median # of days attackers are present on a victim network before detection. 3 Months 6 Months 9 Months Initial Breach of Companies Learned They Were Breached from an External Entity of Victims Had Up-To-Date Anti-Virus Signatures THREAT UNDETECTED REMEDIATION Source: M-Trends Report
  • 13. 4/22/2015Roland Abi Najem 13 The High Cost Of Being Unprepared 3 Months 6 Months 9 Months Initial Breach of Companies Learned They Were Breached from an External Entity of Victims Had Up-To-Date Anti-Virus Signatures THREAT UNDETECTED REMEDIATION Source: M-Trends Report, Ponemon 32 Days Average Time to Resolve an Attack
  • 14. 4/22/2015Roland Abi Najem 14 Thank You 