SlideShare a Scribd company logo

Information Security for startups

Stijn Vande Casteele
Stijn Vande Casteele

Information Security for startups was presented on 11 September 2010 at the Barcamp meeting in Antwerp, Belgium. It presents issues, tips and interesting information security pointers for startup businesses in the world of e-commerce.

Technology
1 of 8
Download to read offline
Information Security for startups Stijn Vande Casteele @securityworld trusted@gmail.com
Overview ➲Introduction ➲Your world ➲My world ➲Tips ➲Pointers
Introduction ➲ Information Security Architect ● MSc in InfoSec, CISSP, GCFA ● Ubizen(VzB), Telindus/Belgacom > Deloitte. ➲ Startup experience ● Scanit, ArcSight, Indio
Your world ➲ Online ➲ Social media ➲ IT, Technology ➲ Time is money ➲ Grow (pains) ➲ Partners (offshore) (cheap/uptime/perf) ➲ The cloud
My world ➲ Risk analysis & management ➲ People, Process, Technology ➲ Confidentiality ➲ Integrity ➲ Availability
Tips ➲ Can you trust your partners? SLA? Reports? ➲ Are secure coding techniques used? ➲ Who has access to your backend? Cloud? ➲ Protect your most critical information ➲ Work out a backup/restore method (DRP) ➲ Know what to do in case of a security incident ➲ Logs?! ➲ Look for expert ➲ Keep an eye on the darkside
Pointers ➲ http://isc.sans.edu ➲ http://www.h-online.com/ ➲ http://www.owasp.org ➲ https://www.ecops.be ➲ https://www.cert.be ➲ http://www.rootsecure.net/
Questions?

Recommended

How Silicon Valley startups are approaching security differently
How Silicon Valley startups are approaching security differentlyHow Silicon Valley startups are approaching security differently
How Silicon Valley startups are approaching security differentlyScott Cressman
 
Cisco Connect 2018 Malaysia - Changing the equation-cybersecurity in digital ...
Cisco Connect 2018 Malaysia - Changing the equation-cybersecurity in digital ...Cisco Connect 2018 Malaysia - Changing the equation-cybersecurity in digital ...
Cisco Connect 2018 Malaysia - Changing the equation-cybersecurity in digital ...NetworkCollaborators
 
Intelligent Cybersecurity for the Real World
Intelligent Cybersecurity for the Real WorldIntelligent Cybersecurity for the Real World
Intelligent Cybersecurity for the Real WorldNetCraftsmen
 
Angel at my Table 2014: Riscoveri
Angel at my Table 2014: RiscoveriAngel at my Table 2014: Riscoveri
Angel at my Table 2014: Riscoverinzsoftware
 
3 Things to Know When Securing Mixed, Multi-Cloud Environments
3 Things to Know When Securing Mixed, Multi-Cloud Environments3 Things to Know When Securing Mixed, Multi-Cloud Environments
3 Things to Know When Securing Mixed, Multi-Cloud EnvironmentsProtectWise
 
CSA - Nsc42 - London chapter keynote - cloud transformation security challenges
CSA - Nsc42 - London chapter keynote - cloud transformation security challenges CSA - Nsc42 - London chapter keynote - cloud transformation security challenges
CSA - Nsc42 - London chapter keynote - cloud transformation security challengesNSC42 Ltd
 
Forcepoint - Analýza chování uživatelů
Forcepoint - Analýza chování uživatelůForcepoint - Analýza chování uživatelů
Forcepoint - Analýza chování uživatelůMarketingArrowECS_CZ
 
Cyber Defense in 2016
Cyber Defense in 2016Cyber Defense in 2016
Cyber Defense in 2016Nixu Corporation
 

Recommended

How Silicon Valley startups are approaching security differently
How Silicon Valley startups are approaching security differentlyHow Silicon Valley startups are approaching security differently
How Silicon Valley startups are approaching security differentlyScott Cressman
 
Cisco Connect 2018 Malaysia - Changing the equation-cybersecurity in digital ...
Cisco Connect 2018 Malaysia - Changing the equation-cybersecurity in digital ...Cisco Connect 2018 Malaysia - Changing the equation-cybersecurity in digital ...
Cisco Connect 2018 Malaysia - Changing the equation-cybersecurity in digital ...NetworkCollaborators
 
Intelligent Cybersecurity for the Real World
Intelligent Cybersecurity for the Real WorldIntelligent Cybersecurity for the Real World
Intelligent Cybersecurity for the Real WorldNetCraftsmen
 
Angel at my Table 2014: Riscoveri
Angel at my Table 2014: RiscoveriAngel at my Table 2014: Riscoveri
Angel at my Table 2014: Riscoverinzsoftware
 
3 Things to Know When Securing Mixed, Multi-Cloud Environments
3 Things to Know When Securing Mixed, Multi-Cloud Environments3 Things to Know When Securing Mixed, Multi-Cloud Environments
3 Things to Know When Securing Mixed, Multi-Cloud EnvironmentsProtectWise
 
CSA - Nsc42 - London chapter keynote - cloud transformation security challenges
CSA - Nsc42 - London chapter keynote - cloud transformation security challenges CSA - Nsc42 - London chapter keynote - cloud transformation security challenges
CSA - Nsc42 - London chapter keynote - cloud transformation security challengesNSC42 Ltd
 
Forcepoint - Analýza chování uživatelů
Forcepoint - Analýza chování uživatelůForcepoint - Analýza chování uživatelů
Forcepoint - Analýza chování uživatelůMarketingArrowECS_CZ
 
Cyber Defense in 2016
Cyber Defense in 2016Cyber Defense in 2016
Cyber Defense in 2016Nixu Corporation
 
The CISO's Dilemma 44CON 2019
The CISO's Dilemma 44CON 2019The CISO's Dilemma 44CON 2019
The CISO's Dilemma 44CON 2019Saumil Shah
 
Diploma management 2007 (2)
Diploma management 2007 (2)Diploma management 2007 (2)
Diploma management 2007 (2)Nir David
 
Secure Infrastructure for the Mobile Legion
Secure Infrastructure for the Mobile LegionSecure Infrastructure for the Mobile Legion
Secure Infrastructure for the Mobile LegionRaphael Reitzig
 
Design highly available and secure system
Design highly available and secure systemDesign highly available and secure system
Design highly available and secure systemAndi Pangeran
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveEric Vanderburg
 
Security Kung Fu: SIEM Solutions
Security Kung Fu: SIEM SolutionsSecurity Kung Fu: SIEM Solutions
Security Kung Fu: SIEM SolutionsSolarWinds
 
Security Kung Fu: Firewall Logs
Security Kung Fu: Firewall LogsSecurity Kung Fu: Firewall Logs
Security Kung Fu: Firewall LogsJoshua Berman
 
Microservices docker-security
Microservices docker-securityMicroservices docker-security
Microservices docker-securitySergio Loureiro
 
Security Kung Fu: Active Directory Changes
Security Kung Fu: Active Directory ChangesSecurity Kung Fu: Active Directory Changes
Security Kung Fu: Active Directory ChangesJoshua Berman
 
The New Economics of Cloud Security
The New Economics of Cloud SecurityThe New Economics of Cloud Security
The New Economics of Cloud SecurityAlert Logic
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityDhani Ahmad
 
Major global information security trends - a summary
Major global information security trends - a summaryMajor global information security trends - a summary
Major global information security trends - a summarySensePost
 
Introduction to Information Security
Introduction to Information Security Introduction to Information Security
Introduction to Information Security Shreedevi Tharanidharan
 
Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...Michael Kaishar, MSIA | CISSP
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityKumawat Dharmpal
 
Information Security Background
Information Security BackgroundInformation Security Background
Information Security BackgroundNicholas Davis
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information SecurityGareth Davies
 
Information System Security introduction
Information System Security introductionInformation System Security introduction
Information System Security introductionShu Shin
 
CCNA Security 02- fundamentals of network security
CCNA Security 02- fundamentals of network securityCCNA Security 02- fundamentals of network security
CCNA Security 02- fundamentals of network securityAhmed Habib
 
Information security
Information securityInformation security
Information securityLJ PROJECTS
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information SecurityDr. Loganathan R
 
Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Securitybelsis
 

More Related Content

What's hot

The CISO's Dilemma 44CON 2019
The CISO's Dilemma 44CON 2019The CISO's Dilemma 44CON 2019
The CISO's Dilemma 44CON 2019Saumil Shah
 
Diploma management 2007 (2)
Diploma management 2007 (2)Diploma management 2007 (2)
Diploma management 2007 (2)Nir David
 
Secure Infrastructure for the Mobile Legion
Secure Infrastructure for the Mobile LegionSecure Infrastructure for the Mobile Legion
Secure Infrastructure for the Mobile LegionRaphael Reitzig
 
Design highly available and secure system
Design highly available and secure systemDesign highly available and secure system
Design highly available and secure systemAndi Pangeran
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveEric Vanderburg
 
Security Kung Fu: SIEM Solutions
Security Kung Fu: SIEM SolutionsSecurity Kung Fu: SIEM Solutions
Security Kung Fu: SIEM SolutionsSolarWinds
 
Security Kung Fu: Firewall Logs
Security Kung Fu: Firewall LogsSecurity Kung Fu: Firewall Logs
Security Kung Fu: Firewall LogsJoshua Berman
 
Microservices docker-security
Microservices docker-securityMicroservices docker-security
Microservices docker-securitySergio Loureiro
 
Security Kung Fu: Active Directory Changes
Security Kung Fu: Active Directory ChangesSecurity Kung Fu: Active Directory Changes
Security Kung Fu: Active Directory ChangesJoshua Berman
 
The New Economics of Cloud Security
The New Economics of Cloud SecurityThe New Economics of Cloud Security
The New Economics of Cloud SecurityAlert Logic
 

What's hot (10)

The CISO's Dilemma 44CON 2019
The CISO's Dilemma 44CON 2019The CISO's Dilemma 44CON 2019
The CISO's Dilemma 44CON 2019
 
Diploma management 2007 (2)
Diploma management 2007 (2)Diploma management 2007 (2)
Diploma management 2007 (2)
 
Secure Infrastructure for the Mobile Legion
Secure Infrastructure for the Mobile LegionSecure Infrastructure for the Mobile Legion
Secure Infrastructure for the Mobile Legion
 
Design highly available and secure system
Design highly available and secure systemDesign highly available and secure system
Design highly available and secure system
 
Modern Security the way Equifax Should Have
Modern Security the way Equifax Should HaveModern Security the way Equifax Should Have
Modern Security the way Equifax Should Have
 
Security Kung Fu: SIEM Solutions
Security Kung Fu: SIEM SolutionsSecurity Kung Fu: SIEM Solutions
Security Kung Fu: SIEM Solutions
 
Security Kung Fu: Firewall Logs
Security Kung Fu: Firewall LogsSecurity Kung Fu: Firewall Logs
Security Kung Fu: Firewall Logs
 
Microservices docker-security
Microservices docker-securityMicroservices docker-security
Microservices docker-security
 
Security Kung Fu: Active Directory Changes
Security Kung Fu: Active Directory ChangesSecurity Kung Fu: Active Directory Changes
Security Kung Fu: Active Directory Changes
 
The New Economics of Cloud Security
The New Economics of Cloud SecurityThe New Economics of Cloud Security
The New Economics of Cloud Security
 

Viewers also liked

Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityDhani Ahmad
 
Major global information security trends - a summary
Major global information security trends - a summaryMajor global information security trends - a summary
Major global information security trends - a summarySensePost
 
Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...Michael Kaishar, MSIA | CISSP
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityKumawat Dharmpal
 
Information Security Background
Information Security BackgroundInformation Security Background
Information Security BackgroundNicholas Davis
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information SecurityGareth Davies
 
Information System Security introduction
Information System Security introductionInformation System Security introduction
Information System Security introductionShu Shin
 
CCNA Security 02- fundamentals of network security
CCNA Security 02- fundamentals of network securityCCNA Security 02- fundamentals of network security
CCNA Security 02- fundamentals of network securityAhmed Habib
 
Information security
Information securityInformation security
Information securityLJ PROJECTS
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information SecurityDr. Loganathan R
 
Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Securitybelsis
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITYAhmed Moussa
 

Viewers also liked (13)

Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
 
Major global information security trends - a summary
Major global information security trends - a summaryMajor global information security trends - a summary
Major global information security trends - a summary
 
Introduction to Information Security
Introduction to Information Security Introduction to Information Security
Introduction to Information Security
 
Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...Information Security Awareness And Training Business Case For Web Based Solut...
Information Security Awareness And Training Business Case For Web Based Solut...
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
 
Information Security Background
Information Security BackgroundInformation Security Background
Information Security Background
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information Security
 
Information System Security introduction
Information System Security introductionInformation System Security introduction
Information System Security introduction
 
CCNA Security 02- fundamentals of network security
CCNA Security 02- fundamentals of network securityCCNA Security 02- fundamentals of network security
CCNA Security 02- fundamentals of network security
 
Information security
Information securityInformation security
Information security
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information Security
 
Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Security
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITY
 

Similar to Information Security for startups

S360 2015 dev_secops_program
S360 2015 dev_secops_programS360 2015 dev_secops_program
S360 2015 dev_secops_programShannon Lietz
 
Threat Hunting, Detection, and Incident Response in the Cloud
Threat Hunting, Detection, and Incident Response in the CloudThreat Hunting, Detection, and Incident Response in the Cloud
Threat Hunting, Detection, and Incident Response in the CloudBen Johnson
 
Practical security in a DevOps World
Practical security in a DevOps WorldPractical security in a DevOps World
Practical security in a DevOps WorldHinse ter Schuur
 
How to choose cybersecurity academy in Kerala
How to choose cybersecurity academy in KeralaHow to choose cybersecurity academy in Kerala
How to choose cybersecurity academy in Keralapranavvs2024
 
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0Amazon Web Services
 
User management - the next-gen of authentication meetup 27012022
User management - the next-gen of authentication meetup 27012022User management - the next-gen of authentication meetup 27012022
User management - the next-gen of authentication meetup 27012022lior mazor
 
IT security for all. Bootcamp slides
IT security for all. Bootcamp slidesIT security for all. Bootcamp slides
IT security for all. Bootcamp slidesWallarm
 
Google Cloud Study Jam Cohort 2 Session 1
Google Cloud Study Jam Cohort 2 Session 1Google Cloud Study Jam Cohort 2 Session 1
Google Cloud Study Jam Cohort 2 Session 1ProbalKar2
 
Low Code Neuro-Symbolic Agents.pdf
Low Code Neuro-Symbolic Agents.pdfLow Code Neuro-Symbolic Agents.pdf
Low Code Neuro-Symbolic Agents.pdfDenis Gagné
 
SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC Anton Chuvakin
 
Eskwela Openstandard V1.1
Eskwela Openstandard V1.1Eskwela Openstandard V1.1
Eskwela Openstandard V1.1opendesk
 
IDC Security 2014, Endpoint Security in Depth
IDC Security 2014, Endpoint Security in DepthIDC Security 2014, Endpoint Security in Depth
IDC Security 2014, Endpoint Security in DepthKen Tulegenov
 
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...Cloud Security Alliance Lviv Chapter
 
A journey through an INFOSEC labyrinth
A journey through an INFOSEC labyrinthA journey through an INFOSEC labyrinth
A journey through an INFOSEC labyrinthAvădănei Andrei
 
SOC Meets Cloud: What Breaks, What Changes, What to Do?
SOC Meets Cloud: What Breaks, What Changes, What to Do?SOC Meets Cloud: What Breaks, What Changes, What to Do?
SOC Meets Cloud: What Breaks, What Changes, What to Do?Anton Chuvakin
 
Privacy for tech startups
Privacy for tech startups Privacy for tech startups
Privacy for tech startups Marc Gallardo
 
Shift Left Security
Shift Left SecurityShift Left Security
Shift Left Securitygjdevos
 
Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015Claus Cramon Houmann
 

Similar to Information Security for startups (20)

S360 2015 dev_secops_program
S360 2015 dev_secops_programS360 2015 dev_secops_program
S360 2015 dev_secops_program
 
Threat Hunting, Detection, and Incident Response in the Cloud
Threat Hunting, Detection, and Incident Response in the CloudThreat Hunting, Detection, and Incident Response in the Cloud
Threat Hunting, Detection, and Incident Response in the Cloud
 
Practical security in a DevOps World
Practical security in a DevOps WorldPractical security in a DevOps World
Practical security in a DevOps World
 
How to choose cybersecurity academy in Kerala
How to choose cybersecurity academy in KeralaHow to choose cybersecurity academy in Kerala
How to choose cybersecurity academy in Kerala
 
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
 
User management - the next-gen of authentication meetup 27012022
User management - the next-gen of authentication meetup 27012022User management - the next-gen of authentication meetup 27012022
User management - the next-gen of authentication meetup 27012022
 
IT security for all. Bootcamp slides
IT security for all. Bootcamp slidesIT security for all. Bootcamp slides
IT security for all. Bootcamp slides
 
Google Cloud Study Jam Cohort 2 Session 1
Google Cloud Study Jam Cohort 2 Session 1Google Cloud Study Jam Cohort 2 Session 1
Google Cloud Study Jam Cohort 2 Session 1
 
Low Code Neuro-Symbolic Agents.pdf
Low Code Neuro-Symbolic Agents.pdfLow Code Neuro-Symbolic Agents.pdf
Low Code Neuro-Symbolic Agents.pdf
 
SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC SOCstock 2021 The Cloud-native SOC
SOCstock 2021 The Cloud-native SOC
 
Eskwela Openstandard V1.1
Eskwela Openstandard V1.1Eskwela Openstandard V1.1
Eskwela Openstandard V1.1
 
IDC Security 2014, Endpoint Security in Depth
IDC Security 2014, Endpoint Security in DepthIDC Security 2014, Endpoint Security in Depth
IDC Security 2014, Endpoint Security in Depth
 
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
Iurii Garasym - Cloud Security Alliance Now in Ukraine. Mission, Opportunitie...
 
A journey through an INFOSEC labyrinth
A journey through an INFOSEC labyrinthA journey through an INFOSEC labyrinth
A journey through an INFOSEC labyrinth
 
SOC Meets Cloud: What Breaks, What Changes, What to Do?
SOC Meets Cloud: What Breaks, What Changes, What to Do?SOC Meets Cloud: What Breaks, What Changes, What to Do?
SOC Meets Cloud: What Breaks, What Changes, What to Do?
 
Privacy for tech startups
Privacy for tech startups Privacy for tech startups
Privacy for tech startups
 
The Future of DevSecOps
The Future of DevSecOpsThe Future of DevSecOps
The Future of DevSecOps
 
App Security and Securing App
App Security and Securing AppApp Security and Securing App
App Security and Securing App
 
Shift Left Security
Shift Left SecurityShift Left Security
Shift Left Security
 
Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015Keynote at the Cyber Security Summit Prague 2015
Keynote at the Cyber Security Summit Prague 2015
 

Recently uploaded

What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 

Recently uploaded (20)

What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 

Information Security for startups

  • 1. Information Security for startups Stijn Vande Casteele @securityworld trusted@gmail.com
  • 3. Introduction ➲ Information Security Architect ● MSc in InfoSec, CISSP, GCFA ● Ubizen(VzB), Telindus/Belgacom > Deloitte. ➲ Startup experience ● Scanit, ArcSight, Indio
  • 4. Your world ➲ Online ➲ Social media ➲ IT, Technology ➲ Time is money ➲ Grow (pains) ➲ Partners (offshore) (cheap/uptime/perf) ➲ The cloud
  • 5. My world ➲ Risk analysis & management ➲ People, Process, Technology ➲ Confidentiality ➲ Integrity ➲ Availability
  • 6. Tips ➲ Can you trust your partners? SLA? Reports? ➲ Are secure coding techniques used? ➲ Who has access to your backend? Cloud? ➲ Protect your most critical information ➲ Work out a backup/restore method (DRP) ➲ Know what to do in case of a security incident ➲ Logs?! ➲ Look for expert ➲ Keep an eye on the darkside
  • 7. Pointers ➲ http://isc.sans.edu ➲ http://www.h-online.com/ ➲ http://www.owasp.org ➲ https://www.ecops.be ➲ https://www.cert.be ➲ http://www.rootsecure.net/