SlideShare a Scribd company logo

Security is a process, not a plugin (WordCamp London 2018)

Thomas Vitale
Thomas Vitale

In 2000, the internationally renowned security technologist Bruce Schneier wrote: “Security is a process, not a product”. In the same essay, he wondered: “Will we ever learn?”. Apparently not. How many times have you considered your WordPress application security only once completed? How many times have you installed a security plugin and thought it was enough? Securing a web application doesn’t mean installing a plugin just before deployment. Not at all. I’m very passionate about security and I’d like to share my thoughts with you. My focus will be the security awareness related to web applications. Is WordPress secure? I will answer this question very clearly. And you’re not gonna like it!

1 of 39
Download to read offline
Thomas Vitale | thomasvitale.com | @vitalethomas WordCamp London 2018 | #wcldn SECURITY IS A PROCESS, NOT A PLUGIN
THE ENEMY INTRODUCTION TO SECURITY
WHO IS ATTACKING YOUR WEBSITE? PERSON BOT BOTNET
“I have just a small blog. Who cares?”
STEAL DATA STEAL RESOURCES SEND SPAM ATTACK OTHER WEBSITES EARN MONEY WHY ARE THEY ATTACKING YOUR WEBSITE?
THE IMPACT INTRODUCTION TO SECURITY
WHY SECURITY MATTERS? TIME REPUTATION LEGAL ISSUES SEARCH POSITIONING MONEY
OUR GOALS INTRODUCTION TO SECURITY
CORE SECURITY GOALS AVAILABILITYINTEGRITY CONFIDENTIALITY CIA Triad
“I have installed a plugin for security. I’m good.”
SECURITY IS A PROCESS, NOT A PRODUCT. Bruce Schneier The Process of Security, April 2000
1. MANAGE SECURITY RISKS SECURITY PRINCIPLES
RISK MANAGEMENT VULNERABILITY THREAT RISK
“WordPress is not secure.”
2. BE RELUCTANT TO TRUST SECURITY PRINCIPLES
THEMES AND PLUGINS Trusted Source
TRUST BOUNDARY YOUR WORDPRESS APPLICATION 3rd PARTY SERVICES USER INPUT HTTP/S REQUEST DATA More on Secure Coding Patterns by Andreas Hallberg
DATA VALIDATION isset() empty() in_array() is_email() username_exists() validate_file()
SECURING INPUT: SANITIZING sanitize_email() esc_url_raw() wp_filter_post_kses()
SECURING OUTPUT: ESCAPING esc_html() esc_url() esc_attr()
SECURING HTTP/S REQUESTS: NONCES wp_create_nonce() wp_verify_nonce() wp_nonce_field()
USER ROLES AND CAPABILITIES SUPER ADMINISTRATOR ADMINISTRATOR EDITOR AUTHOR CONTRIBUTOR SUBSCRIBER
3. PRACTICE DEFENCE IN DEPTH SECURITY PRINCIPLES
PRACTICE DEFENCE IN DEPTH CLIENT NETWORK HOST WORDPRESS WEB SERVER CORE THEMES PLUGINS DATABASE
4. STAY UP TO DATE SECURITY PRINCIPLES
UPDATE
PRESERVE
BACKUP
IS WORDPRESS SECURE?
SECURITY TECHNOLOGY PROCESS PEOPLE
5. SECURE THE WEAKEST LINK SECURITY PRINCIPLES
PEOPLE ARE THE WEAKEST LINK
SECURITY IS A SHARED RESPONSIBILITY
BUILD A BETTER WEB
NEXT? RESOURCES
RESOURCES SECURITY & SOFTWARE ▸ The Process of Security (Bruce Schneier) ▸ The Basics of Web Application Security (Cade Cairns, Daniel Somerfield) ▸ Secure Coding Patterns (Andreas Hallberg) ▸ OWASP Top 10 Most Critical Web Application Security Risks - 2017 ▸ Software Security: Building Security In, Gary McGraw ▸ Building Secure Software: How to Avoid Security Problems the Right Way, John Viega and Gary McGraw
RESOURCES SECURITY & WORDPRESS ▸ WordPress Security (WordPress.org) ▸ Hardening WordPress (Codex) ▸ Plugin Security (WordPress Plugin Handbook) ▸ Theme Security (WordPress Theme Handbook) ▸ An Introduction to WordPress Security (Sucuri) ▸ WordPress Security Fundamentals (WordFence)
SECURITY IS A PROCESS, NOT A PLUGIN Thomas Vitale |@vitalethomas | #wcldn This work is licensed under a Creative Commons Attribution 4.0 International License. Images source: Pexels

Recommended

DIU ISACA STUDENT GROUP 2019 version2
DIU ISACA STUDENT GROUP 2019 version2DIU ISACA STUDENT GROUP 2019 version2
DIU ISACA STUDENT GROUP 2019 version2
A. Z. M. JALAL UDDIN JOY
 
Top10 Biggest Security Threats
Top10 Biggest Security ThreatsTop10 Biggest Security Threats
Top10 Biggest Security Threats
Kim Jensen
 
JP Cybersecurity Awareness Cartoons
JP Cybersecurity Awareness CartoonsJP Cybersecurity Awareness Cartoons
JP Cybersecurity Awareness Cartoons
NetLockSmith
 
Towards security and resilience cyberspace
Towards security and resilience cyberspaceTowards security and resilience cyberspace
Towards security and resilience cyberspace
Cybersecurity & ECommerce Expert
 
TOP10 Security Predictions for 2010
TOP10 Security Predictions for 2010TOP10 Security Predictions for 2010
TOP10 Security Predictions for 2010
Kim Jensen
 
What I learned from protecting over 1 million crypto traders and investors fr...
What I learned from protecting over 1 million crypto traders and investors fr...What I learned from protecting over 1 million crypto traders and investors fr...
What I learned from protecting over 1 million crypto traders and investors fr...
Paul Walsh
 
Introduction to Personal Privacy and Security
Introduction to Personal Privacy and SecurityIntroduction to Personal Privacy and Security
Introduction to Personal Privacy and Security
Robert Hurlbut
 
ITAM AUS 2017 Harnessing the power of SAM Intelligence for Cyber Security
ITAM AUS 2017 Harnessing the power of SAM Intelligence for Cyber SecurityITAM AUS 2017 Harnessing the power of SAM Intelligence for Cyber Security
ITAM AUS 2017 Harnessing the power of SAM Intelligence for Cyber Security
Martin Thompson
 

Recommended

DIU ISACA STUDENT GROUP 2019 version2
DIU ISACA STUDENT GROUP 2019 version2DIU ISACA STUDENT GROUP 2019 version2
DIU ISACA STUDENT GROUP 2019 version2
A. Z. M. JALAL UDDIN JOY
 
Top10 Biggest Security Threats
Top10 Biggest Security ThreatsTop10 Biggest Security Threats
Top10 Biggest Security Threats
Kim Jensen
 
JP Cybersecurity Awareness Cartoons
JP Cybersecurity Awareness CartoonsJP Cybersecurity Awareness Cartoons
JP Cybersecurity Awareness Cartoons
NetLockSmith
 
Towards security and resilience cyberspace
Towards security and resilience cyberspaceTowards security and resilience cyberspace
Towards security and resilience cyberspace
Cybersecurity & ECommerce Expert
 
TOP10 Security Predictions for 2010
TOP10 Security Predictions for 2010TOP10 Security Predictions for 2010
TOP10 Security Predictions for 2010
Kim Jensen
 
What I learned from protecting over 1 million crypto traders and investors fr...
What I learned from protecting over 1 million crypto traders and investors fr...What I learned from protecting over 1 million crypto traders and investors fr...
What I learned from protecting over 1 million crypto traders and investors fr...
Paul Walsh
 
Introduction to Personal Privacy and Security
Introduction to Personal Privacy and SecurityIntroduction to Personal Privacy and Security
Introduction to Personal Privacy and Security
Robert Hurlbut
 
ITAM AUS 2017 Harnessing the power of SAM Intelligence for Cyber Security
ITAM AUS 2017 Harnessing the power of SAM Intelligence for Cyber SecurityITAM AUS 2017 Harnessing the power of SAM Intelligence for Cyber Security
ITAM AUS 2017 Harnessing the power of SAM Intelligence for Cyber Security
Martin Thompson
 
TOP10 Security Stories Of 2009
TOP10 Security Stories Of 2009TOP10 Security Stories Of 2009
TOP10 Security Stories Of 2009
Kim Jensen
 
9 LinkedIn Marketing Hacks to Use RIGHT NOW
9 LinkedIn Marketing Hacks to Use RIGHT NOW9 LinkedIn Marketing Hacks to Use RIGHT NOW
9 LinkedIn Marketing Hacks to Use RIGHT NOW
Ryan Stewart
 
The dark side of cybersecurity: International Awareness Cybersecurity Month
The dark side of cybersecurity: International Awareness Cybersecurity MonthThe dark side of cybersecurity: International Awareness Cybersecurity Month
The dark side of cybersecurity: International Awareness Cybersecurity Month
ITrust - Cybersecurity as a Service
 
Securing the Web with the Crowd
Securing the Web with the CrowdSecuring the Web with the Crowd
Securing the Web with the Crowd
Crowdsourcing Week
 
Security is a process not a magic
Security is a process not a magicSecurity is a process not a magic
Security is a process not a magic
Cahyo Darujati
 
[Cisco Connect 2018 - Vietnam] Trung nguyen and an le demo security everywher...
[Cisco Connect 2018 - Vietnam] Trung nguyen and an le demo security everywher...[Cisco Connect 2018 - Vietnam] Trung nguyen and an le demo security everywher...
[Cisco Connect 2018 - Vietnam] Trung nguyen and an le demo security everywher...
Nur Shiqim Chok
 
Fantastic Beasts and where to hide from them
Fantastic Beasts and where to hide from themFantastic Beasts and where to hide from them
Fantastic Beasts and where to hide from them
Vlad Styran
 
Microservices - enough with theory, let's do some code @Geecon Prague 2015
Microservices - enough with theory, let's do some code @Geecon Prague 2015Microservices - enough with theory, let's do some code @Geecon Prague 2015
Microservices - enough with theory, let's do some code @Geecon Prague 2015
Marcin Grzejszczak
 
[THEC Talk] The Secure Network
[THEC Talk] The Secure Network[THEC Talk] The Secure Network
[THEC Talk] The Secure Network
David Metge
 
The Path of DevOps Enlightenment for InfoSec
The Path of DevOps Enlightenment for InfoSecThe Path of DevOps Enlightenment for InfoSec
The Path of DevOps Enlightenment for InfoSec
James Wickett
 
Practical Encryption Tips and Tools
Practical Encryption Tips and ToolsPractical Encryption Tips and Tools
Practical Encryption Tips and Tools
Heidi Alexander
 
Personal Cloud Application Architectures
Personal Cloud Application ArchitecturesPersonal Cloud Application Architectures
Personal Cloud Application Architectures
Phil Windley
 
D3SF17 -Keynote - Staying Ahead of the Curve
D3SF17 -Keynote - Staying Ahead of the CurveD3SF17 -Keynote - Staying Ahead of the Curve
D3SF17 -Keynote - Staying Ahead of the Curve
Imperva Incapsula
 
10 Step Guide to Cloud Security - 10th Magnitude - CSS Dallas Azure
10 Step Guide to Cloud Security - 10th Magnitude - CSS Dallas Azure10 Step Guide to Cloud Security - 10th Magnitude - CSS Dallas Azure
10 Step Guide to Cloud Security - 10th Magnitude - CSS Dallas Azure
Alert Logic
 
Sept 2014 cloud security presentation
Sept 2014 cloud security presentationSept 2014 cloud security presentation
Sept 2014 cloud security presentation
Joan Dembowski
 
Disaster Proof your WordPress Website
Disaster Proof your WordPress WebsiteDisaster Proof your WordPress Website
Disaster Proof your WordPress Website
Kate Newbill
 
10 Cyber Safety Tips Every Internet User Must Follow
10 Cyber Safety Tips Every Internet User Must Follow10 Cyber Safety Tips Every Internet User Must Follow
10 Cyber Safety Tips Every Internet User Must Follow
Quick Heal Technologies Ltd.
 
Extreme Hacking: Encrypted Networks SWAT style - Wayne Burke
Extreme Hacking: Encrypted Networks SWAT style - Wayne BurkeExtreme Hacking: Encrypted Networks SWAT style - Wayne Burke
Extreme Hacking: Encrypted Networks SWAT style - Wayne Burke
EC-Council
 
Predrag cv short english
Predrag cv short englishPredrag cv short english
Predrag cv short english
Predrag Mitrovic
 
Security is a process, not a plugin (WordCamp Torino 2018)
Security is a process, not a plugin (WordCamp Torino 2018)Security is a process, not a plugin (WordCamp Torino 2018)
Security is a process, not a plugin (WordCamp Torino 2018)
Thomas Vitale
 
Security is a process, not a plugin (WordCamp Oslo 2018)
Security is a process, not a plugin (WordCamp Oslo 2018)Security is a process, not a plugin (WordCamp Oslo 2018)
Security is a process, not a plugin (WordCamp Oslo 2018)
Thomas Vitale
 
Cyber Security: A Common Problem 2018
Cyber Security: A Common Problem 2018Cyber Security: A Common Problem 2018
Cyber Security: A Common Problem 2018
joshquarrie
 

More Related Content

What's hot

TOP10 Security Stories Of 2009
TOP10 Security Stories Of 2009TOP10 Security Stories Of 2009
TOP10 Security Stories Of 2009
Kim Jensen
 
9 LinkedIn Marketing Hacks to Use RIGHT NOW
9 LinkedIn Marketing Hacks to Use RIGHT NOW9 LinkedIn Marketing Hacks to Use RIGHT NOW
9 LinkedIn Marketing Hacks to Use RIGHT NOW
Ryan Stewart
 
The dark side of cybersecurity: International Awareness Cybersecurity Month
The dark side of cybersecurity: International Awareness Cybersecurity MonthThe dark side of cybersecurity: International Awareness Cybersecurity Month
The dark side of cybersecurity: International Awareness Cybersecurity Month
ITrust - Cybersecurity as a Service
 
Securing the Web with the Crowd
Securing the Web with the CrowdSecuring the Web with the Crowd
Securing the Web with the Crowd
Crowdsourcing Week
 
Security is a process not a magic
Security is a process not a magicSecurity is a process not a magic
Security is a process not a magic
Cahyo Darujati
 
[Cisco Connect 2018 - Vietnam] Trung nguyen and an le demo security everywher...
[Cisco Connect 2018 - Vietnam] Trung nguyen and an le demo security everywher...[Cisco Connect 2018 - Vietnam] Trung nguyen and an le demo security everywher...
[Cisco Connect 2018 - Vietnam] Trung nguyen and an le demo security everywher...
Nur Shiqim Chok
 
Fantastic Beasts and where to hide from them
Fantastic Beasts and where to hide from themFantastic Beasts and where to hide from them
Fantastic Beasts and where to hide from them
Vlad Styran
 
Microservices - enough with theory, let's do some code @Geecon Prague 2015
Microservices - enough with theory, let's do some code @Geecon Prague 2015Microservices - enough with theory, let's do some code @Geecon Prague 2015
Microservices - enough with theory, let's do some code @Geecon Prague 2015
Marcin Grzejszczak
 
[THEC Talk] The Secure Network
[THEC Talk] The Secure Network[THEC Talk] The Secure Network
[THEC Talk] The Secure Network
David Metge
 
The Path of DevOps Enlightenment for InfoSec
The Path of DevOps Enlightenment for InfoSecThe Path of DevOps Enlightenment for InfoSec
The Path of DevOps Enlightenment for InfoSec
James Wickett
 
Practical Encryption Tips and Tools
Practical Encryption Tips and ToolsPractical Encryption Tips and Tools
Practical Encryption Tips and Tools
Heidi Alexander
 
Personal Cloud Application Architectures
Personal Cloud Application ArchitecturesPersonal Cloud Application Architectures
Personal Cloud Application Architectures
Phil Windley
 
D3SF17 -Keynote - Staying Ahead of the Curve
D3SF17 -Keynote - Staying Ahead of the CurveD3SF17 -Keynote - Staying Ahead of the Curve
D3SF17 -Keynote - Staying Ahead of the Curve
Imperva Incapsula
 
10 Step Guide to Cloud Security - 10th Magnitude - CSS Dallas Azure
10 Step Guide to Cloud Security - 10th Magnitude - CSS Dallas Azure10 Step Guide to Cloud Security - 10th Magnitude - CSS Dallas Azure
10 Step Guide to Cloud Security - 10th Magnitude - CSS Dallas Azure
Alert Logic
 
Sept 2014 cloud security presentation
Sept 2014 cloud security presentationSept 2014 cloud security presentation
Sept 2014 cloud security presentation
Joan Dembowski
 
Disaster Proof your WordPress Website
Disaster Proof your WordPress WebsiteDisaster Proof your WordPress Website
Disaster Proof your WordPress Website
Kate Newbill
 
10 Cyber Safety Tips Every Internet User Must Follow
10 Cyber Safety Tips Every Internet User Must Follow10 Cyber Safety Tips Every Internet User Must Follow
10 Cyber Safety Tips Every Internet User Must Follow
Quick Heal Technologies Ltd.
 
Extreme Hacking: Encrypted Networks SWAT style - Wayne Burke
Extreme Hacking: Encrypted Networks SWAT style - Wayne BurkeExtreme Hacking: Encrypted Networks SWAT style - Wayne Burke
Extreme Hacking: Encrypted Networks SWAT style - Wayne Burke
EC-Council
 
Predrag cv short english
Predrag cv short englishPredrag cv short english
Predrag cv short english
Predrag Mitrovic
 

What's hot (19)

TOP10 Security Stories Of 2009
TOP10 Security Stories Of 2009TOP10 Security Stories Of 2009
TOP10 Security Stories Of 2009
 
9 LinkedIn Marketing Hacks to Use RIGHT NOW
9 LinkedIn Marketing Hacks to Use RIGHT NOW9 LinkedIn Marketing Hacks to Use RIGHT NOW
9 LinkedIn Marketing Hacks to Use RIGHT NOW
 
The dark side of cybersecurity: International Awareness Cybersecurity Month
The dark side of cybersecurity: International Awareness Cybersecurity MonthThe dark side of cybersecurity: International Awareness Cybersecurity Month
The dark side of cybersecurity: International Awareness Cybersecurity Month
 
Securing the Web with the Crowd
Securing the Web with the CrowdSecuring the Web with the Crowd
Securing the Web with the Crowd
 
Security is a process not a magic
Security is a process not a magicSecurity is a process not a magic
Security is a process not a magic
 
[Cisco Connect 2018 - Vietnam] Trung nguyen and an le demo security everywher...
[Cisco Connect 2018 - Vietnam] Trung nguyen and an le demo security everywher...[Cisco Connect 2018 - Vietnam] Trung nguyen and an le demo security everywher...
[Cisco Connect 2018 - Vietnam] Trung nguyen and an le demo security everywher...
 
Fantastic Beasts and where to hide from them
Fantastic Beasts and where to hide from themFantastic Beasts and where to hide from them
Fantastic Beasts and where to hide from them
 
Microservices - enough with theory, let's do some code @Geecon Prague 2015
Microservices - enough with theory, let's do some code @Geecon Prague 2015Microservices - enough with theory, let's do some code @Geecon Prague 2015
Microservices - enough with theory, let's do some code @Geecon Prague 2015
 
[THEC Talk] The Secure Network
[THEC Talk] The Secure Network[THEC Talk] The Secure Network
[THEC Talk] The Secure Network
 
The Path of DevOps Enlightenment for InfoSec
The Path of DevOps Enlightenment for InfoSecThe Path of DevOps Enlightenment for InfoSec
The Path of DevOps Enlightenment for InfoSec
 
Practical Encryption Tips and Tools
Practical Encryption Tips and ToolsPractical Encryption Tips and Tools
Practical Encryption Tips and Tools
 
Personal Cloud Application Architectures
Personal Cloud Application ArchitecturesPersonal Cloud Application Architectures
Personal Cloud Application Architectures
 
D3SF17 -Keynote - Staying Ahead of the Curve
D3SF17 -Keynote - Staying Ahead of the CurveD3SF17 -Keynote - Staying Ahead of the Curve
D3SF17 -Keynote - Staying Ahead of the Curve
 
10 Step Guide to Cloud Security - 10th Magnitude - CSS Dallas Azure
10 Step Guide to Cloud Security - 10th Magnitude - CSS Dallas Azure10 Step Guide to Cloud Security - 10th Magnitude - CSS Dallas Azure
10 Step Guide to Cloud Security - 10th Magnitude - CSS Dallas Azure
 
Sept 2014 cloud security presentation
Sept 2014 cloud security presentationSept 2014 cloud security presentation
Sept 2014 cloud security presentation
 
Disaster Proof your WordPress Website
Disaster Proof your WordPress WebsiteDisaster Proof your WordPress Website
Disaster Proof your WordPress Website
 
10 Cyber Safety Tips Every Internet User Must Follow
10 Cyber Safety Tips Every Internet User Must Follow10 Cyber Safety Tips Every Internet User Must Follow
10 Cyber Safety Tips Every Internet User Must Follow
 
Extreme Hacking: Encrypted Networks SWAT style - Wayne Burke
Extreme Hacking: Encrypted Networks SWAT style - Wayne BurkeExtreme Hacking: Encrypted Networks SWAT style - Wayne Burke
Extreme Hacking: Encrypted Networks SWAT style - Wayne Burke
 
Predrag cv short english
Predrag cv short englishPredrag cv short english
Predrag cv short english
 

Similar to Security is a process, not a plugin (WordCamp London 2018)

Security is a process, not a plugin (WordCamp Torino 2018)
Security is a process, not a plugin (WordCamp Torino 2018)Security is a process, not a plugin (WordCamp Torino 2018)
Security is a process, not a plugin (WordCamp Torino 2018)
Thomas Vitale
 
Security is a process, not a plugin (WordCamp Oslo 2018)
Security is a process, not a plugin (WordCamp Oslo 2018)Security is a process, not a plugin (WordCamp Oslo 2018)
Security is a process, not a plugin (WordCamp Oslo 2018)
Thomas Vitale
 
Cyber Security: A Common Problem 2018
Cyber Security: A Common Problem 2018Cyber Security: A Common Problem 2018
Cyber Security: A Common Problem 2018
joshquarrie
 
1st Russian CSO Summit Trends 2008
1st Russian CSO Summit Trends 20081st Russian CSO Summit Trends 2008
1st Russian CSO Summit Trends 2008
Anton Chuvakin
 
The 10 Secret Codes of Security
The 10 Secret Codes of SecurityThe 10 Secret Codes of Security
The 10 Secret Codes of SecurityKarina Elise
 
Cyber Security: Most Important Aspect of a Successful Business
Cyber Security: Most Important Aspect of a Successful BusinessCyber Security: Most Important Aspect of a Successful Business
Cyber Security: Most Important Aspect of a Successful Business
Fibonalabs
 
How to Secure America
How to Secure AmericaHow to Secure America
How to Secure America
SecurityStudio
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Tushar Nikam
 
Information Security: Effects On Businesses and Consumers
Information Security: Effects On Businesses and ConsumersInformation Security: Effects On Businesses and Consumers
Information Security: Effects On Businesses and Consumersvictoriamac2009
 
Information security awareness (sept 2012) bis handout
Information security awareness (sept 2012) bis handoutInformation security awareness (sept 2012) bis handout
Information security awareness (sept 2012) bis handout
Marc Vael
 
Rainer+3e Student Pp Ts Ch03
Rainer+3e Student Pp Ts Ch03Rainer+3e Student Pp Ts Ch03
Rainer+3e Student Pp Ts Ch03
kbzdox ivanovich
 
Computer And Internet Security
Computer And Internet SecurityComputer And Internet Security
Computer And Internet SecurityAshley Zimmerman
 
Computer And Internet Security
Computer And Internet SecurityComputer And Internet Security
Computer And Internet SecurityJFashant
 
What is Information Security and why you should care ...
What is Information Security and why you should care ...What is Information Security and why you should care ...
What is Information Security and why you should care ...
James Mulhern
 
7 Important Cybersecurity Trends
7 Important Cybersecurity Trends7 Important Cybersecurity Trends
7 Important Cybersecurity Trends
Marco
 
Cyber security
Cyber securityCyber security
Cyber security
Manjushree Mashal
 
INFOSEK 2016 Slovenia - Cyber Risk Insurance - Scenario and Evaluation
INFOSEK 2016 Slovenia - Cyber Risk Insurance - Scenario and Evaluation INFOSEK 2016 Slovenia - Cyber Risk Insurance - Scenario and Evaluation
INFOSEK 2016 Slovenia - Cyber Risk Insurance - Scenario and Evaluation
Luca Moroni ✔✔
 
How Cyber-Secure is your Family Enterprise? A special report for clients of P...
How Cyber-Secure is your Family Enterprise? A special report for clients of P...How Cyber-Secure is your Family Enterprise? A special report for clients of P...
How Cyber-Secure is your Family Enterprise? A special report for clients of P...
Declan Winston Ramsaran
 
Appsecco Sanity Check Baseline Cyber Audit 2018
Appsecco Sanity Check Baseline Cyber Audit 2018Appsecco Sanity Check Baseline Cyber Audit 2018
Appsecco Sanity Check Baseline Cyber Audit 2018
Appsecco
 

Similar to Security is a process, not a plugin (WordCamp London 2018) (20)

Security is a process, not a plugin (WordCamp Torino 2018)
Security is a process, not a plugin (WordCamp Torino 2018)Security is a process, not a plugin (WordCamp Torino 2018)
Security is a process, not a plugin (WordCamp Torino 2018)
 
Security is a process, not a plugin (WordCamp Oslo 2018)
Security is a process, not a plugin (WordCamp Oslo 2018)Security is a process, not a plugin (WordCamp Oslo 2018)
Security is a process, not a plugin (WordCamp Oslo 2018)
 
Cyber Security: A Common Problem 2018
Cyber Security: A Common Problem 2018Cyber Security: A Common Problem 2018
Cyber Security: A Common Problem 2018
 
Hacking_SharePoint_FINAL
Hacking_SharePoint_FINALHacking_SharePoint_FINAL
Hacking_SharePoint_FINAL
 
1st Russian CSO Summit Trends 2008
1st Russian CSO Summit Trends 20081st Russian CSO Summit Trends 2008
1st Russian CSO Summit Trends 2008
 
The 10 Secret Codes of Security
The 10 Secret Codes of SecurityThe 10 Secret Codes of Security
The 10 Secret Codes of Security
 
Cyber Security: Most Important Aspect of a Successful Business
Cyber Security: Most Important Aspect of a Successful BusinessCyber Security: Most Important Aspect of a Successful Business
Cyber Security: Most Important Aspect of a Successful Business
 
How to Secure America
How to Secure AmericaHow to Secure America
How to Secure America
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Information Security: Effects On Businesses and Consumers
Information Security: Effects On Businesses and ConsumersInformation Security: Effects On Businesses and Consumers
Information Security: Effects On Businesses and Consumers
 
Information security awareness (sept 2012) bis handout
Information security awareness (sept 2012) bis handoutInformation security awareness (sept 2012) bis handout
Information security awareness (sept 2012) bis handout
 
Rainer+3e Student Pp Ts Ch03
Rainer+3e Student Pp Ts Ch03Rainer+3e Student Pp Ts Ch03
Rainer+3e Student Pp Ts Ch03
 
Computer And Internet Security
Computer And Internet SecurityComputer And Internet Security
Computer And Internet Security
 
Computer And Internet Security
Computer And Internet SecurityComputer And Internet Security
Computer And Internet Security
 
What is Information Security and why you should care ...
What is Information Security and why you should care ...What is Information Security and why you should care ...
What is Information Security and why you should care ...
 
7 Important Cybersecurity Trends
7 Important Cybersecurity Trends7 Important Cybersecurity Trends
7 Important Cybersecurity Trends
 
Cyber security
Cyber securityCyber security
Cyber security
 
INFOSEK 2016 Slovenia - Cyber Risk Insurance - Scenario and Evaluation
INFOSEK 2016 Slovenia - Cyber Risk Insurance - Scenario and Evaluation INFOSEK 2016 Slovenia - Cyber Risk Insurance - Scenario and Evaluation
INFOSEK 2016 Slovenia - Cyber Risk Insurance - Scenario and Evaluation
 
How Cyber-Secure is your Family Enterprise? A special report for clients of P...
How Cyber-Secure is your Family Enterprise? A special report for clients of P...How Cyber-Secure is your Family Enterprise? A special report for clients of P...
How Cyber-Secure is your Family Enterprise? A special report for clients of P...
 
Appsecco Sanity Check Baseline Cyber Audit 2018
Appsecco Sanity Check Baseline Cyber Audit 2018Appsecco Sanity Check Baseline Cyber Audit 2018
Appsecco Sanity Check Baseline Cyber Audit 2018
 

Recently uploaded

Lecture 1 Introduction to games development
Lecture 1 Introduction to games developmentLecture 1 Introduction to games development
Lecture 1 Introduction to games development
abdulrafaychaudhry
 
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, BetterWebinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
XfilesPro
 
Explore Modern SharePoint Templates for 2024
Explore Modern SharePoint Templates for 2024Explore Modern SharePoint Templates for 2024
Explore Modern SharePoint Templates for 2024
Sharepoint Designs
 
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...
Hivelance Technology
 
Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024
Paco van Beckhoven
 
Using IESVE for Room Loads Analysis - Australia & New Zealand
Using IESVE for Room Loads Analysis - Australia & New ZealandUsing IESVE for Room Loads Analysis - Australia & New Zealand
Using IESVE for Room Loads Analysis - Australia & New Zealand
IES VE
 
De mooiste recreatieve routes ontdekken met RouteYou en FME
De mooiste recreatieve routes ontdekken met RouteYou en FMEDe mooiste recreatieve routes ontdekken met RouteYou en FME
De mooiste recreatieve routes ontdekken met RouteYou en FME
Jelle | Nordend
 
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamOpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
takuyayamamoto1800
 
Software Testing Exam imp Ques Notes.pdf
Software Testing Exam imp Ques Notes.pdfSoftware Testing Exam imp Ques Notes.pdf
Software Testing Exam imp Ques Notes.pdf
MayankTawar1
 
Cyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdfCyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdf
Cyanic lab
 
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdfDominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
AMB-Review
 
Vitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume MontevideoVitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume Montevideo
Vitthal Shirke
 
A Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdfA Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdf
kalichargn70th171
 
How Does XfilesPro Ensure Security While Sharing Documents in Salesforce?
How Does XfilesPro Ensure Security While Sharing Documents in Salesforce?How Does XfilesPro Ensure Security While Sharing Documents in Salesforce?
How Does XfilesPro Ensure Security While Sharing Documents in Salesforce?
XfilesPro
 
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Anthony Dahanne
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
Matt Welsh
 
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
informapgpstrackings
 
First Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User EndpointsFirst Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User Endpoints
Globus
 
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisProviding Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Globus
 
Enhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdfEnhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdf
Globus
 

Recently uploaded (20)

Lecture 1 Introduction to games development
Lecture 1 Introduction to games developmentLecture 1 Introduction to games development
Lecture 1 Introduction to games development
 
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, BetterWebinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
Webinar: Salesforce Document Management 2.0 - Smarter, Faster, Better
 
Explore Modern SharePoint Templates for 2024
Explore Modern SharePoint Templates for 2024Explore Modern SharePoint Templates for 2024
Explore Modern SharePoint Templates for 2024
 
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...
Multiple Your Crypto Portfolio with the Innovative Features of Advanced Crypt...
 
Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024Cracking the code review at SpringIO 2024
Cracking the code review at SpringIO 2024
 
Using IESVE for Room Loads Analysis - Australia & New Zealand
Using IESVE for Room Loads Analysis - Australia & New ZealandUsing IESVE for Room Loads Analysis - Australia & New Zealand
Using IESVE for Room Loads Analysis - Australia & New Zealand
 
De mooiste recreatieve routes ontdekken met RouteYou en FME
De mooiste recreatieve routes ontdekken met RouteYou en FMEDe mooiste recreatieve routes ontdekken met RouteYou en FME
De mooiste recreatieve routes ontdekken met RouteYou en FME
 
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamOpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoam
 
Software Testing Exam imp Ques Notes.pdf
Software Testing Exam imp Ques Notes.pdfSoftware Testing Exam imp Ques Notes.pdf
Software Testing Exam imp Ques Notes.pdf
 
Cyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdfCyaniclab : Software Development Agency Portfolio.pdf
Cyaniclab : Software Development Agency Portfolio.pdf
 
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdfDominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
Dominate Social Media with TubeTrivia AI’s Addictive Quiz Videos.pdf
 
Vitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume MontevideoVitthal Shirke Microservices Resume Montevideo
Vitthal Shirke Microservices Resume Montevideo
 
A Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdfA Comprehensive Look at Generative AI in Retail App Testing.pdf
A Comprehensive Look at Generative AI in Retail App Testing.pdf
 
How Does XfilesPro Ensure Security While Sharing Documents in Salesforce?
How Does XfilesPro Ensure Security While Sharing Documents in Salesforce?How Does XfilesPro Ensure Security While Sharing Documents in Salesforce?
How Does XfilesPro Ensure Security While Sharing Documents in Salesforce?
 
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
Paketo Buildpacks : la meilleure façon de construire des images OCI? DevopsDa...
 
Large Language Models and the End of Programming
Large Language Models and the End of ProgrammingLarge Language Models and the End of Programming
Large Language Models and the End of Programming
 
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
Field Employee Tracking System| MiTrack App| Best Employee Tracking Solution|...
 
First Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User EndpointsFirst Steps with Globus Compute Multi-User Endpoints
First Steps with Globus Compute Multi-User Endpoints
 
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data AnalysisProviding Globus Services to Users of JASMIN for Environmental Data Analysis
Providing Globus Services to Users of JASMIN for Environmental Data Analysis
 
Enhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdfEnhancing Research Orchestration Capabilities at ORNL.pdf
Enhancing Research Orchestration Capabilities at ORNL.pdf
 

Security is a process, not a plugin (WordCamp London 2018)