SlideShare a Scribd company logo

WordPress Security: Beyond The Plugin

Download as PPTX, PDF
Stacy Clements
Stacy Clements

A common question in online WordPress forums is: “What plugin should I use to secure my site?” While there are several good security plugins that are a useful part of a security plan, securing a WordPress site requires more than a plugin. While a security plugin is a useful tool, it can give a false sense of security if the entire security landscape is not considered. Not every small business or website owner can afford an expensive, robust security and monitoring system, but there are basic actions that every site owner and user can take to help us all be more secure. In this session, you’ll learn a framework and some essential actions to provide a basic level of security and “harden” your WordPress website.

Internet
1 of 37
WordPress Security: Beyond The Plugin WordCamp Sacramento 2018 Stacy M. Clements
Who Am I? • Small Business Owner • Air Force veteran • Fixer/Problem Solver/Pitbull
WordPress Security? “What security plugin should I use to secure my site?” “Which security plugin is better, XXXXXX or YYYYYY?” “Secure your website in 2 minutes by installing XXXXXX plugin.”
WordPress Security? “What security plugin should I use to secure my site?” “Which security plugin is better, XXXXXX or YYYYYY?” “Secure your website in 2 minutes by installing XXXXXX plugin.”
THAT’S NOT HOW THIS WORKS THAT’S NOT HOW ANY OF THIS WORKS
Where’s The Checklist?
The solution lies in redefining the problem.
Changing The Game
GAME SCORE Changing The Game
Changing The Game Security is not an IT issue. It’s a business issue. We can’t eliminate risk. We navigate it. TechnologyProcess People
So What Can We Do?
I’m from the government, and I’m here to help.
• Collaborative effort • Built using “best practice” standards and guidelines • Checklist • One-size-fits-all • Designed to be flexible NIST Cybersecurity Framework
NIST Cybersecurity Framework Core What needs protection? What safeguards are available? What techniques can identify incidents? Processes to contain impacts of incidents? Processes to restore capabilities?
Framework Core Elements Functions organize basic cybersecurity activities at the highest level
Framework Core Elements Categories break down Functions into groups of cybersecurity outcomes
Framework Core Elements Subcategories get more specific – describing specific outcomes of technical and/or management activities
Framework Core Elements Informative References are common standards, guidelines, and practices used to achieve these outcomes
Identify IDENTIFY Asset Management • Website – files and database • Plugins/extensions • Third party integrations • Cloud storage, payment processor, accounting • Users – and what roles? • Who has access to your data?
Identify IDENTIFY Asset Management • Website is not just a collection of files and database • Do you have a written inventory of: • Domain registrar • Web host • SSL certificate • What about ways people access the site? • Computer, mobile device? What about WiFi?
Identify IDENTIFY Asset Management Risk Assessment • You need to know what you have, and know what the threats/vulnerabilities are • How do you get your “cyber threat intelligence”? • US-CERT • Vendor-specific • WordPress specific
Protect PROTECT Access Control • Manage users / roles (does everyone REALLY need admin access?) • And no one is named “admin” • Enforce strong passwords (website AND devices) • Two-factor authentication
Protect PROTECT Access Control Information Protection Procedures • Update – everything (plugins, core, access devices) • Backups – regularly made and tested • Appropriate actions for known vulnerabilities • VPN, SFTP • Develop and exercise incident response and recovery plans
Protect PROTECT Access Control Information Protection Procedures Protective Technology • Firewalls – cloud-based, endpoint • Antivirus / malware scanner on access devices • Block brute force login attempts • Blacklist IPs – or whitelist • Web server – updated software versions? Secure file permissions?
Detect • Server • Application • Access • Change – did something get modified? • Malware scanning DETECT Security Continuous Monitoring
Detect • Who is getting and assessing alerts? • Who is taking action? • Check for blacklisting • Mxtoolbox • Google Search Console DETECT Security Continuous Monitoring Detection Processes
How Are We Looking? IDENTIFY Asset Management Risk Assessment PROTECT Access Control Information Protection Procedures Protective Technology DETECT Security Continuous Monitoring Detection Processes TechnologyProcessPeople
How Are We Looking? IDENTIFY Asset Management Risk Assessment PROTECT Access Control Information Protection Procedures Protective Technology DETECT Security Continuous Monitoring Detection Processes TechnologyProcessPeople
Respond RESPOND Execute Response Plan • Don’t Panic! • Major / Minor? • Quarantine site - preserve log files • Notifications • Failover
Respond RESPOND Execute Response Plan Analysis & Mitigation • What happened? • Investigate notifications – assess impact • What immediate actions do you need to take? (put out the fire)
Recover • Restore site from the backup you created and tested (you did do that, right?) RECOVER Execute Recovery Plan
Recover • Recovery is not just returning to the pre- incident state • Hotwash • Lessons Learned? RECOVER Execute Recovery Plan Improvements
Continuous Process DETECT RESPOND PROTECT IDENTIFY RECOVER
Takeaways • Security is more than a plugin • Not (just) IT! • Always have backup • Lessons learned – not burned KNOWLEDGE IS OF NO VALUE UNLESS PUT INTO PRACTICE
THANK YOU! QUESTIONS? Stacy M. Clements https://www.linkedin.com/in/stacyclements https://twitter.com/stacyclements https://milepost42.com

Recommended

DevSecCon Asia 2017 Ofer Maor: AppSec DevOps automation – real world cases
DevSecCon Asia 2017 Ofer Maor: AppSec DevOps automation – real world casesDevSecCon Asia 2017 Ofer Maor: AppSec DevOps automation – real world cases
DevSecCon Asia 2017 Ofer Maor: AppSec DevOps automation – real world casesDevSecCon
 
Why does security matter for devops by Caroline Wong
Why does security matter for devops by Caroline WongWhy does security matter for devops by Caroline Wong
Why does security matter for devops by Caroline WongDevSecCon
 
Top 5 Data Security Strategies in QA
Top 5 Data Security Strategies in QATop 5 Data Security Strategies in QA
Top 5 Data Security Strategies in QAQASource
 
Jason Kent - AppSec Without Additional Tools
Jason Kent - AppSec Without Additional ToolsJason Kent - AppSec Without Additional Tools
Jason Kent - AppSec Without Additional Toolscentralohioissa
 
[Webinar] Building a Product Security Incident Response Team: Learnings from ...
[Webinar] Building a Product Security Incident Response Team: Learnings from ...[Webinar] Building a Product Security Incident Response Team: Learnings from ...
[Webinar] Building a Product Security Incident Response Team: Learnings from ...bugcrowd
 
451 AppSense Webinar - Why blame the user?
451 AppSense Webinar - Why blame the user?451 AppSense Webinar - Why blame the user?
451 AppSense Webinar - Why blame the user?Adrian Sanabria
 
DevSecCon Asia 2017 - Abhay Bhargav: Building an Application Vulnerability To...
DevSecCon Asia 2017 - Abhay Bhargav: Building an Application Vulnerability To...DevSecCon Asia 2017 - Abhay Bhargav: Building an Application Vulnerability To...
DevSecCon Asia 2017 - Abhay Bhargav: Building an Application Vulnerability To...DevSecCon
 
Open Source Defense for Edge 2017
Open Source Defense for Edge 2017Open Source Defense for Edge 2017
Open Source Defense for Edge 2017Adrian Sanabria
 

Recommended

DevSecCon Asia 2017 Ofer Maor: AppSec DevOps automation – real world cases
DevSecCon Asia 2017 Ofer Maor: AppSec DevOps automation – real world casesDevSecCon Asia 2017 Ofer Maor: AppSec DevOps automation – real world cases
DevSecCon Asia 2017 Ofer Maor: AppSec DevOps automation – real world casesDevSecCon
 
Why does security matter for devops by Caroline Wong
Why does security matter for devops by Caroline WongWhy does security matter for devops by Caroline Wong
Why does security matter for devops by Caroline WongDevSecCon
 
Top 5 Data Security Strategies in QA
Top 5 Data Security Strategies in QATop 5 Data Security Strategies in QA
Top 5 Data Security Strategies in QAQASource
 
Jason Kent - AppSec Without Additional Tools
Jason Kent - AppSec Without Additional ToolsJason Kent - AppSec Without Additional Tools
Jason Kent - AppSec Without Additional Toolscentralohioissa
 
[Webinar] Building a Product Security Incident Response Team: Learnings from ...
[Webinar] Building a Product Security Incident Response Team: Learnings from ...[Webinar] Building a Product Security Incident Response Team: Learnings from ...
[Webinar] Building a Product Security Incident Response Team: Learnings from ...bugcrowd
 
451 AppSense Webinar - Why blame the user?
451 AppSense Webinar - Why blame the user?451 AppSense Webinar - Why blame the user?
451 AppSense Webinar - Why blame the user?Adrian Sanabria
 
DevSecCon Asia 2017 - Abhay Bhargav: Building an Application Vulnerability To...
DevSecCon Asia 2017 - Abhay Bhargav: Building an Application Vulnerability To...DevSecCon Asia 2017 - Abhay Bhargav: Building an Application Vulnerability To...
DevSecCon Asia 2017 - Abhay Bhargav: Building an Application Vulnerability To...DevSecCon
 
Open Source Defense for Edge 2017
Open Source Defense for Edge 2017Open Source Defense for Edge 2017
Open Source Defense for Edge 2017Adrian Sanabria
 
Nick Drage & Fraser Scott - Epic battle devops vs security
Nick Drage & Fraser Scott - Epic battle devops vs securityNick Drage & Fraser Scott - Epic battle devops vs security
Nick Drage & Fraser Scott - Epic battle devops vs securityDevSecCon
 
Application Security within Agile
Application Security within AgileApplication Security within Agile
Application Security within AgileNetlight Consulting
 
Equifax Breach Postmortem
Equifax Breach PostmortemEquifax Breach Postmortem
Equifax Breach PostmortemAdrian Sanabria
 
Silver Lining for Miles: DevOps for Building Security Solutions
Silver Lining for Miles: DevOps for Building Security SolutionsSilver Lining for Miles: DevOps for Building Security Solutions
Silver Lining for Miles: DevOps for Building Security SolutionsSeniorStoryteller
 
Secure Your WordPress Site - And Your Business
Secure Your WordPress Site - And Your BusinessSecure Your WordPress Site - And Your Business
Secure Your WordPress Site - And Your BusinessStacy Clements
 
Quick & Dirty Dozen: PCI Compliance Simplified
Quick & Dirty Dozen: PCI Compliance SimplifiedQuick & Dirty Dozen: PCI Compliance Simplified
Quick & Dirty Dozen: PCI Compliance SimplifiedAlienVault
 
[OWASP Poland Day] Security in developer's life
[OWASP Poland Day] Security in developer's life[OWASP Poland Day] Security in developer's life
[OWASP Poland Day] Security in developer's lifeOWASP
 
The Journey to DevSecOps
The Journey to DevSecOpsThe Journey to DevSecOps
The Journey to DevSecOpsSeniorStoryteller
 
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр АнтухOWASP Russia
 
Finding Security a Home in a DevOps World
Finding Security a Home in a DevOps WorldFinding Security a Home in a DevOps World
Finding Security a Home in a DevOps WorldShannon Lietz
 
Security and DevOps Overview
Security and DevOps OverviewSecurity and DevOps Overview
Security and DevOps OverviewAdrian Sanabria
 
Building Security Controls around Attack Models
Building Security Controls around Attack ModelsBuilding Security Controls around Attack Models
Building Security Controls around Attack ModelsSeniorStoryteller
 
Outpost24 webinar - Why security perfection is the enemy of DevSecOps
Outpost24 webinar - Why security perfection is the enemy of DevSecOpsOutpost24 webinar - Why security perfection is the enemy of DevSecOps
Outpost24 webinar - Why security perfection is the enemy of DevSecOpsOutpost24
 
[OWASP Poland Day] Embedding security into SDLC + GDPR
[OWASP Poland Day] Embedding security into SDLC + GDPR[OWASP Poland Day] Embedding security into SDLC + GDPR
[OWASP Poland Day] Embedding security into SDLC + GDPROWASP
 
Securing Systems - Still Crazy After All These Years
Securing Systems - Still Crazy After All These YearsSecuring Systems - Still Crazy After All These Years
Securing Systems - Still Crazy After All These YearsAdrian Sanabria
 
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Denim Group
 
The road goes ever on and on by Ciaran Conliffe
The road goes ever on and on by Ciaran ConliffeThe road goes ever on and on by Ciaran Conliffe
The road goes ever on and on by Ciaran ConliffeDevSecCon
 
451 and Cylance - The Roadmap To Better Endpoint Security
451 and Cylance - The Roadmap To Better Endpoint Security451 and Cylance - The Roadmap To Better Endpoint Security
451 and Cylance - The Roadmap To Better Endpoint SecurityAdrian Sanabria
 
Stephen Sadowski - Securely automating infrastructure in the cloud
Stephen Sadowski - Securely automating infrastructure in the cloudStephen Sadowski - Securely automating infrastructure in the cloud
Stephen Sadowski - Securely automating infrastructure in the cloudDevSecCon
 
DevSecCon London 2017: Threat modeling in a CI environment by Steven Wierckx
DevSecCon London 2017: Threat modeling in a CI environment by Steven WierckxDevSecCon London 2017: Threat modeling in a CI environment by Steven Wierckx
DevSecCon London 2017: Threat modeling in a CI environment by Steven WierckxDevSecCon
 
Top Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions TodayTop Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions TodayChris Gates
 
Ryan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja Warriors
Ryan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja WarriorsRyan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja Warriors
Ryan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja WarriorsRyan Elkins
 

More Related Content

What's hot

Nick Drage & Fraser Scott - Epic battle devops vs security
Nick Drage & Fraser Scott - Epic battle devops vs securityNick Drage & Fraser Scott - Epic battle devops vs security
Nick Drage & Fraser Scott - Epic battle devops vs securityDevSecCon
 
Application Security within Agile
Application Security within AgileApplication Security within Agile
Application Security within AgileNetlight Consulting
 
Equifax Breach Postmortem
Equifax Breach PostmortemEquifax Breach Postmortem
Equifax Breach PostmortemAdrian Sanabria
 
Silver Lining for Miles: DevOps for Building Security Solutions
Silver Lining for Miles: DevOps for Building Security SolutionsSilver Lining for Miles: DevOps for Building Security Solutions
Silver Lining for Miles: DevOps for Building Security SolutionsSeniorStoryteller
 
Secure Your WordPress Site - And Your Business
Secure Your WordPress Site - And Your BusinessSecure Your WordPress Site - And Your Business
Secure Your WordPress Site - And Your BusinessStacy Clements
 
Quick & Dirty Dozen: PCI Compliance Simplified
Quick & Dirty Dozen: PCI Compliance SimplifiedQuick & Dirty Dozen: PCI Compliance Simplified
Quick & Dirty Dozen: PCI Compliance SimplifiedAlienVault
 
[OWASP Poland Day] Security in developer's life
[OWASP Poland Day] Security in developer's life[OWASP Poland Day] Security in developer's life
[OWASP Poland Day] Security in developer's lifeOWASP
 
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр АнтухOWASP Russia
 
Finding Security a Home in a DevOps World
Finding Security a Home in a DevOps WorldFinding Security a Home in a DevOps World
Finding Security a Home in a DevOps WorldShannon Lietz
 
Security and DevOps Overview
Security and DevOps OverviewSecurity and DevOps Overview
Security and DevOps OverviewAdrian Sanabria
 
Building Security Controls around Attack Models
Building Security Controls around Attack ModelsBuilding Security Controls around Attack Models
Building Security Controls around Attack ModelsSeniorStoryteller
 
Outpost24 webinar - Why security perfection is the enemy of DevSecOps
Outpost24 webinar - Why security perfection is the enemy of DevSecOpsOutpost24 webinar - Why security perfection is the enemy of DevSecOps
Outpost24 webinar - Why security perfection is the enemy of DevSecOpsOutpost24
 
[OWASP Poland Day] Embedding security into SDLC + GDPR
[OWASP Poland Day] Embedding security into SDLC + GDPR[OWASP Poland Day] Embedding security into SDLC + GDPR
[OWASP Poland Day] Embedding security into SDLC + GDPROWASP
 
Securing Systems - Still Crazy After All These Years
Securing Systems - Still Crazy After All These YearsSecuring Systems - Still Crazy After All These Years
Securing Systems - Still Crazy After All These YearsAdrian Sanabria
 
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Denim Group
 
The road goes ever on and on by Ciaran Conliffe
The road goes ever on and on by Ciaran ConliffeThe road goes ever on and on by Ciaran Conliffe
The road goes ever on and on by Ciaran ConliffeDevSecCon
 
451 and Cylance - The Roadmap To Better Endpoint Security
451 and Cylance - The Roadmap To Better Endpoint Security451 and Cylance - The Roadmap To Better Endpoint Security
451 and Cylance - The Roadmap To Better Endpoint SecurityAdrian Sanabria
 
Stephen Sadowski - Securely automating infrastructure in the cloud
Stephen Sadowski - Securely automating infrastructure in the cloudStephen Sadowski - Securely automating infrastructure in the cloud
Stephen Sadowski - Securely automating infrastructure in the cloudDevSecCon
 
DevSecCon London 2017: Threat modeling in a CI environment by Steven Wierckx
DevSecCon London 2017: Threat modeling in a CI environment by Steven WierckxDevSecCon London 2017: Threat modeling in a CI environment by Steven Wierckx
DevSecCon London 2017: Threat modeling in a CI environment by Steven WierckxDevSecCon
 

What's hot (20)

Nick Drage & Fraser Scott - Epic battle devops vs security
Nick Drage & Fraser Scott - Epic battle devops vs securityNick Drage & Fraser Scott - Epic battle devops vs security
Nick Drage & Fraser Scott - Epic battle devops vs security
 
Application Security within Agile
Application Security within AgileApplication Security within Agile
Application Security within Agile
 
Equifax Breach Postmortem
Equifax Breach PostmortemEquifax Breach Postmortem
Equifax Breach Postmortem
 
Silver Lining for Miles: DevOps for Building Security Solutions
Silver Lining for Miles: DevOps for Building Security SolutionsSilver Lining for Miles: DevOps for Building Security Solutions
Silver Lining for Miles: DevOps for Building Security Solutions
 
Secure Your WordPress Site - And Your Business
Secure Your WordPress Site - And Your BusinessSecure Your WordPress Site - And Your Business
Secure Your WordPress Site - And Your Business
 
Quick & Dirty Dozen: PCI Compliance Simplified
Quick & Dirty Dozen: PCI Compliance SimplifiedQuick & Dirty Dozen: PCI Compliance Simplified
Quick & Dirty Dozen: PCI Compliance Simplified
 
[OWASP Poland Day] Security in developer's life
[OWASP Poland Day] Security in developer's life[OWASP Poland Day] Security in developer's life
[OWASP Poland Day] Security in developer's life
 
The Journey to DevSecOps
The Journey to DevSecOpsThe Journey to DevSecOps
The Journey to DevSecOps
 
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух
 
Finding Security a Home in a DevOps World
Finding Security a Home in a DevOps WorldFinding Security a Home in a DevOps World
Finding Security a Home in a DevOps World
 
Security and DevOps Overview
Security and DevOps OverviewSecurity and DevOps Overview
Security and DevOps Overview
 
Building Security Controls around Attack Models
Building Security Controls around Attack ModelsBuilding Security Controls around Attack Models
Building Security Controls around Attack Models
 
Outpost24 webinar - Why security perfection is the enemy of DevSecOps
Outpost24 webinar - Why security perfection is the enemy of DevSecOpsOutpost24 webinar - Why security perfection is the enemy of DevSecOps
Outpost24 webinar - Why security perfection is the enemy of DevSecOps
 
[OWASP Poland Day] Embedding security into SDLC + GDPR
[OWASP Poland Day] Embedding security into SDLC + GDPR[OWASP Poland Day] Embedding security into SDLC + GDPR
[OWASP Poland Day] Embedding security into SDLC + GDPR
 
Securing Systems - Still Crazy After All These Years
Securing Systems - Still Crazy After All These YearsSecuring Systems - Still Crazy After All These Years
Securing Systems - Still Crazy After All These Years
 
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security ...
 
The road goes ever on and on by Ciaran Conliffe
The road goes ever on and on by Ciaran ConliffeThe road goes ever on and on by Ciaran Conliffe
The road goes ever on and on by Ciaran Conliffe
 
451 and Cylance - The Roadmap To Better Endpoint Security
451 and Cylance - The Roadmap To Better Endpoint Security451 and Cylance - The Roadmap To Better Endpoint Security
451 and Cylance - The Roadmap To Better Endpoint Security
 
Stephen Sadowski - Securely automating infrastructure in the cloud
Stephen Sadowski - Securely automating infrastructure in the cloudStephen Sadowski - Securely automating infrastructure in the cloud
Stephen Sadowski - Securely automating infrastructure in the cloud
 
DevSecCon London 2017: Threat modeling in a CI environment by Steven Wierckx
DevSecCon London 2017: Threat modeling in a CI environment by Steven WierckxDevSecCon London 2017: Threat modeling in a CI environment by Steven Wierckx
DevSecCon London 2017: Threat modeling in a CI environment by Steven Wierckx
 

Similar to WordPress Security: Beyond The Plugin

Top Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions TodayTop Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions TodayChris Gates
 
Ryan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja Warriors
Ryan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja WarriorsRyan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja Warriors
Ryan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja WarriorsRyan Elkins
 
Application Security in an Agile World - Agile Singapore 2016
Application Security in an Agile World - Agile Singapore 2016Application Security in an Agile World - Agile Singapore 2016
Application Security in an Agile World - Agile Singapore 2016Stefan Streichsbier
 
A Practical Security Framework for Website Owners
A Practical Security Framework for Website OwnersA Practical Security Framework for Website Owners
A Practical Security Framework for Website OwnersTony Perez
 
What Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software SecurityWhat Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software SecurityAnne Oikarinen
 
Security Teams & Tech In A Cloud World
Security Teams & Tech In A Cloud WorldSecurity Teams & Tech In A Cloud World
Security Teams & Tech In A Cloud WorldMark Nunnikhoven
 
SecArmour Security Group
SecArmour Security GroupSecArmour Security Group
SecArmour Security GroupSec Armour
 
VMWare Tech Talk: "The Road from Rugged DevOps to Security Chaos Engineering"
VMWare Tech Talk: "The Road from Rugged DevOps to Security Chaos Engineering"VMWare Tech Talk: "The Road from Rugged DevOps to Security Chaos Engineering"
VMWare Tech Talk: "The Road from Rugged DevOps to Security Chaos Engineering"Aaron Rinehart
 
All You Need is One - A ClickOnce Love Story - Secure360 2015
All You Need is One - A ClickOnce Love Story - Secure360 2015All You Need is One - A ClickOnce Love Story - Secure360 2015
All You Need is One - A ClickOnce Love Story - Secure360 2015NetSPI
 
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...Emrah Alpa, CISSP CEH CCSK
 
Zen and the art of Security Testing
Zen and the art of Security TestingZen and the art of Security Testing
Zen and the art of Security TestingTEST Huddle
 
For Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecFor Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecLalit Kale
 
CyberKnight capabilties
CyberKnight capabiltiesCyberKnight capabilties
CyberKnight capabiltiesSneha .
 
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0Amazon Web Services
 
SPI Dynamics web application security 101
SPI Dynamics web application security 101 SPI Dynamics web application security 101
SPI Dynamics web application security 101 Wade Malone
 
ComResource - NW Agent Cybersecurity
ComResource - NW Agent CybersecurityComResource - NW Agent Cybersecurity
ComResource - NW Agent CybersecurityAnthony Dials
 
IPNEC - Security Services
IPNEC - Security ServicesIPNEC - Security Services
IPNEC - Security ServicesAbdus Saboor
 
Windows Active Directory Security with IS Decisions
Windows Active Directory Security with IS DecisionsWindows Active Directory Security with IS Decisions
Windows Active Directory Security with IS DecisionsIS Decisions
 
How to Leverage Log Data for Effective Threat Detection
How to Leverage Log Data for Effective Threat DetectionHow to Leverage Log Data for Effective Threat Detection
How to Leverage Log Data for Effective Threat DetectionAlienVault
 

Similar to WordPress Security: Beyond The Plugin (20)

Top Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions TodayTop Security Challenges Facing Credit Unions Today
Top Security Challenges Facing Credit Unions Today
 
Ryan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja Warriors
Ryan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja WarriorsRyan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja Warriors
Ryan Elkins - Simple Security Defense to Thwart an Army of Cyber Ninja Warriors
 
Application Security in an Agile World - Agile Singapore 2016
Application Security in an Agile World - Agile Singapore 2016Application Security in an Agile World - Agile Singapore 2016
Application Security in an Agile World - Agile Singapore 2016
 
A Practical Security Framework for Website Owners
A Practical Security Framework for Website OwnersA Practical Security Framework for Website Owners
A Practical Security Framework for Website Owners
 
What Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software SecurityWhat Every Developer And Tester Should Know About Software Security
What Every Developer And Tester Should Know About Software Security
 
Security Teams & Tech In A Cloud World
Security Teams & Tech In A Cloud WorldSecurity Teams & Tech In A Cloud World
Security Teams & Tech In A Cloud World
 
SecArmour Security Group
SecArmour Security GroupSecArmour Security Group
SecArmour Security Group
 
VMWare Tech Talk: "The Road from Rugged DevOps to Security Chaos Engineering"
VMWare Tech Talk: "The Road from Rugged DevOps to Security Chaos Engineering"VMWare Tech Talk: "The Road from Rugged DevOps to Security Chaos Engineering"
VMWare Tech Talk: "The Road from Rugged DevOps to Security Chaos Engineering"
 
It security cognic_systems
It security cognic_systemsIt security cognic_systems
It security cognic_systems
 
All You Need is One - A ClickOnce Love Story - Secure360 2015
All You Need is One - A ClickOnce Love Story - Secure360 2015All You Need is One - A ClickOnce Love Story - Secure360 2015
All You Need is One - A ClickOnce Love Story - Secure360 2015
 
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
Micro Focus SRG Solution Mapping to the New BDDK Regulations for Turkish Fina...
 
Zen and the art of Security Testing
Zen and the art of Security TestingZen and the art of Security Testing
Zen and the art of Security Testing
 
For Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecFor Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSec
 
CyberKnight capabilties
CyberKnight capabiltiesCyberKnight capabilties
CyberKnight capabilties
 
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
 
SPI Dynamics web application security 101
SPI Dynamics web application security 101 SPI Dynamics web application security 101
SPI Dynamics web application security 101
 
ComResource - NW Agent Cybersecurity
ComResource - NW Agent CybersecurityComResource - NW Agent Cybersecurity
ComResource - NW Agent Cybersecurity
 
IPNEC - Security Services
IPNEC - Security ServicesIPNEC - Security Services
IPNEC - Security Services
 
Windows Active Directory Security with IS Decisions
Windows Active Directory Security with IS DecisionsWindows Active Directory Security with IS Decisions
Windows Active Directory Security with IS Decisions
 
How to Leverage Log Data for Effective Threat Detection
How to Leverage Log Data for Effective Threat DetectionHow to Leverage Log Data for Effective Threat Detection
How to Leverage Log Data for Effective Threat Detection
 

Recently uploaded

Gram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of indiaGram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of indiaimessage0108
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...SofiyaSharma5
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...Diya Sharma
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Roomishabajaj13
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Roomgirls4nights
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts servicevipmodelshub1
 
Radiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsRadiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsstephieert
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Sheetaleventcompany
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Callshivangimorya083
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Dana Luther
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Roomdivyansh0kumar0
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Roomdivyansh0kumar0
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsThierry TROUIN ☁
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebJames Anderson
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024APNIC
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersDamian Radcliffe
 

Recently uploaded (20)

Gram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of indiaGram Darshan PPT cyber rural in villages of india
Gram Darshan PPT cyber rural in villages of india
 
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
Low Rate Young Call Girls in Sector 63 Mamura Noida ✔️☆9289244007✔️☆ Female E...
 
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
 
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With RoomVIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
VIP Kolkata Call Girls Salt Lake 8250192130 Available With Room
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
 
Radiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsRadiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girls
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
 
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip CallDelhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
Delhi Call Girls Rohini 9711199171 ☎✔👌✔ Whatsapp Hard And Sexy Vip Call
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
 
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICECall Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
Call Girls In South Ex 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SERVICE
 
AlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with FlowsAlbaniaDreamin24 - How to easily use an API with Flows
AlbaniaDreamin24 - How to easily use an API with Flows
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
 

WordPress Security: Beyond The Plugin

  • 1. WordPress Security: Beyond The Plugin WordCamp Sacramento 2018 Stacy M. Clements
  • 2. Who Am I? • Small Business Owner • Air Force veteran • Fixer/Problem Solver/Pitbull
  • 3. WordPress Security? “What security plugin should I use to secure my site?” “Which security plugin is better, XXXXXX or YYYYYY?” “Secure your website in 2 minutes by installing XXXXXX plugin.”
  • 4. WordPress Security? “What security plugin should I use to secure my site?” “Which security plugin is better, XXXXXX or YYYYYY?” “Secure your website in 2 minutes by installing XXXXXX plugin.”
  • 5. THAT’S NOT HOW THIS WORKS THAT’S NOT HOW ANY OF THIS WORKS
  • 7.
  • 8.
  • 9. The solution lies in redefining the problem.
  • 12. Changing The Game Security is not an IT issue. It’s a business issue. We can’t eliminate risk. We navigate it. TechnologyProcess People
  • 13. So What Can We Do?
  • 14. I’m from the government, and I’m here to help.
  • 15. • Collaborative effort • Built using “best practice” standards and guidelines • Checklist • One-size-fits-all • Designed to be flexible NIST Cybersecurity Framework
  • 16. NIST Cybersecurity Framework Core What needs protection? What safeguards are available? What techniques can identify incidents? Processes to contain impacts of incidents? Processes to restore capabilities?
  • 17. Framework Core Elements Functions organize basic cybersecurity activities at the highest level
  • 18. Framework Core Elements Categories break down Functions into groups of cybersecurity outcomes
  • 19. Framework Core Elements Subcategories get more specific – describing specific outcomes of technical and/or management activities
  • 20. Framework Core Elements Informative References are common standards, guidelines, and practices used to achieve these outcomes
  • 21. Identify IDENTIFY Asset Management • Website – files and database • Plugins/extensions • Third party integrations • Cloud storage, payment processor, accounting • Users – and what roles? • Who has access to your data?
  • 22. Identify IDENTIFY Asset Management • Website is not just a collection of files and database • Do you have a written inventory of: • Domain registrar • Web host • SSL certificate • What about ways people access the site? • Computer, mobile device? What about WiFi?
  • 23. Identify IDENTIFY Asset Management Risk Assessment • You need to know what you have, and know what the threats/vulnerabilities are • How do you get your “cyber threat intelligence”? • US-CERT • Vendor-specific • WordPress specific
  • 24. Protect PROTECT Access Control • Manage users / roles (does everyone REALLY need admin access?) • And no one is named “admin” • Enforce strong passwords (website AND devices) • Two-factor authentication
  • 25. Protect PROTECT Access Control Information Protection Procedures • Update – everything (plugins, core, access devices) • Backups – regularly made and tested • Appropriate actions for known vulnerabilities • VPN, SFTP • Develop and exercise incident response and recovery plans
  • 26. Protect PROTECT Access Control Information Protection Procedures Protective Technology • Firewalls – cloud-based, endpoint • Antivirus / malware scanner on access devices • Block brute force login attempts • Blacklist IPs – or whitelist • Web server – updated software versions? Secure file permissions?
  • 27. Detect • Server • Application • Access • Change – did something get modified? • Malware scanning DETECT Security Continuous Monitoring
  • 28. Detect • Who is getting and assessing alerts? • Who is taking action? • Check for blacklisting • Mxtoolbox • Google Search Console DETECT Security Continuous Monitoring Detection Processes
  • 29. How Are We Looking? IDENTIFY Asset Management Risk Assessment PROTECT Access Control Information Protection Procedures Protective Technology DETECT Security Continuous Monitoring Detection Processes TechnologyProcessPeople
  • 30. How Are We Looking? IDENTIFY Asset Management Risk Assessment PROTECT Access Control Information Protection Procedures Protective Technology DETECT Security Continuous Monitoring Detection Processes TechnologyProcessPeople
  • 31. Respond RESPOND Execute Response Plan • Don’t Panic! • Major / Minor? • Quarantine site - preserve log files • Notifications • Failover
  • 32. Respond RESPOND Execute Response Plan Analysis & Mitigation • What happened? • Investigate notifications – assess impact • What immediate actions do you need to take? (put out the fire)
  • 33. Recover • Restore site from the backup you created and tested (you did do that, right?) RECOVER Execute Recovery Plan
  • 34. Recover • Recovery is not just returning to the pre- incident state • Hotwash • Lessons Learned? RECOVER Execute Recovery Plan Improvements
  • 36. Takeaways • Security is more than a plugin • Not (just) IT! • Always have backup • Lessons learned – not burned KNOWLEDGE IS OF NO VALUE UNLESS PUT INTO PRACTICE
  • 37. THANK YOU! QUESTIONS? Stacy M. Clements https://www.linkedin.com/in/stacyclements https://twitter.com/stacyclements https://milepost42.com

Editor's Notes

  1. based on existing standards, guidelines, and practices for organizations to better manage and reduce cybersecurity risk. Does not tell an organization how much cyber risk is tolerable, nor provide “the one and only” formula for cybersecurity. Living document - focuses on questions an organization needs to ask itself to manage its risk. While practices, technology, and standards will change over time—principles will not.
  2. high-level, strategic view of the lifecycle of an organization’s management of cybersecurity risk. Set of desired cybersecurity activities and outcomes
  3. The activities in the Identify Function are foundational for effective use of the Framework
  4. The activities in the Identify Function are foundational for effective use of the Framework
  5. What is your host doing? Is your server secure? PHP version / MySQL Avoid “soup kitchen” servers File permissions Prevent php execution in wp-content/uploads Deny access to wp-config.php
  6. How do I know when something happens?
  7. How do I know when something happens?
  8. Maybe it’s not a big hairy incident “incident” could be a newly announced vulnerability in plugin – just update it
  9. What happened – and how do we keep it from happening again? May want to communicate what you’ve done to your customers