SlideShare a Scribd company logo

Security theatre (Scotland php)

X
xsist10

Slides for my talk on Security Theatre for ScotlandPHP17

1 of 158
Download to read offline
@thomas_shone
Image by Matt McGee released under CC BY-ND 2.0
Security Theatre
Booking.com
Welcome to Therapy
Image by THX0477 released under CC BY 2.0
Denial
Illusion
I know about OWASP!

Recommended

Security Theatre (PHP Leuven)
Security Theatre (PHP Leuven)Security Theatre (PHP Leuven)
Security Theatre (PHP Leuven)xsist10
 
Security Theatre - PHP UK Conference
Security Theatre - PHP UK ConferenceSecurity Theatre - PHP UK Conference
Security Theatre - PHP UK Conferencexsist10
 
Security Theatre - Benelux
Security Theatre - BeneluxSecurity Theatre - Benelux
Security Theatre - Beneluxxsist10
 
Security Theatre - AmsterdamPHP
Security Theatre - AmsterdamPHPSecurity Theatre - AmsterdamPHP
Security Theatre - AmsterdamPHPxsist10
 
Securing Your BBC Identity
Securing Your BBC IdentitySecuring Your BBC Identity
Securing Your BBC IdentityMarc Littlemore
 
Investigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft WindowsInvestigation of CryptoLocker Ransomware Trojans - Microsoft Windows
Investigation of CryptoLocker Ransomware Trojans - Microsoft WindowsAaron ND Sawmadal
 
Ce hv8 module 12 hacking webservers
Ce hv8 module 12 hacking webserversCe hv8 module 12 hacking webservers
Ce hv8 module 12 hacking webserversMehrdad Jingoism
 

More Related Content

What's hot

210 250 exam-understanding cisco cybersecurity fundamentals
210 250 exam-understanding cisco cybersecurity fundamentals210 250 exam-understanding cisco cybersecurity fundamentals
210 250 exam-understanding cisco cybersecurity fundamentalsIsabella789
 
NetworkWorld-SafeBreach
NetworkWorld-SafeBreachNetworkWorld-SafeBreach
NetworkWorld-SafeBreachDan Kunkel
 
Five Mistakes of Incident Response
Five Mistakes of Incident ResponseFive Mistakes of Incident Response
Five Mistakes of Incident ResponseAnton Chuvakin
 
Ceh certified ethical hacker
Ceh   certified ethical hackerCeh   certified ethical hacker
Ceh certified ethical hackerbestip
 
Infosec 4 The Home
Infosec 4 The HomeInfosec 4 The Home
Infosec 4 The Homejaysonstreet
 
Ce hv8 module 11 session hijacking
Ce hv8 module 11 session hijackingCe hv8 module 11 session hijacking
Ce hv8 module 11 session hijackingMehrdad Jingoism
 
ExpertsLiveEurope The New Era Of Endpoint Security
ExpertsLiveEurope The New Era Of Endpoint SecurityExpertsLiveEurope The New Era Of Endpoint Security
ExpertsLiveEurope The New Era Of Endpoint SecurityAlexander Benoit
 
IE Exploit Protection
IE Exploit ProtectionIE Exploit Protection
IE Exploit ProtectionKim Jensen
 
3 a investigating_conti_ransomware_using_vision_one_16359328114513641
3 a investigating_conti_ransomware_using_vision_one_163593281145136413 a investigating_conti_ransomware_using_vision_one_16359328114513641
3 a investigating_conti_ransomware_using_vision_one_16359328114513641JairdanBabac
 

What's hot (11)

Network security
Network security Network security
Network security
 
210 250 exam-understanding cisco cybersecurity fundamentals
210 250 exam-understanding cisco cybersecurity fundamentals210 250 exam-understanding cisco cybersecurity fundamentals
210 250 exam-understanding cisco cybersecurity fundamentals
 
NetworkWorld-SafeBreach
NetworkWorld-SafeBreachNetworkWorld-SafeBreach
NetworkWorld-SafeBreach
 
Five Mistakes of Incident Response
Five Mistakes of Incident ResponseFive Mistakes of Incident Response
Five Mistakes of Incident Response
 
Ceh certified ethical hacker
Ceh   certified ethical hackerCeh   certified ethical hacker
Ceh certified ethical hacker
 
Infosec 4 The Home
Infosec 4 The HomeInfosec 4 The Home
Infosec 4 The Home
 
Ce hv8 module 11 session hijacking
Ce hv8 module 11 session hijackingCe hv8 module 11 session hijacking
Ce hv8 module 11 session hijacking
 
ExpertsLiveEurope The New Era Of Endpoint Security
ExpertsLiveEurope The New Era Of Endpoint SecurityExpertsLiveEurope The New Era Of Endpoint Security
ExpertsLiveEurope The New Era Of Endpoint Security
 
IE Exploit Protection
IE Exploit ProtectionIE Exploit Protection
IE Exploit Protection
 
Synchronized security
Synchronized securitySynchronized security
Synchronized security
 
3 a investigating_conti_ransomware_using_vision_one_16359328114513641
3 a investigating_conti_ransomware_using_vision_one_163593281145136413 a investigating_conti_ransomware_using_vision_one_16359328114513641
3 a investigating_conti_ransomware_using_vision_one_16359328114513641
 

Similar to Security theatre (Scotland php)

Security Theatre - Confoo
Security Theatre - ConfooSecurity Theatre - Confoo
Security Theatre - Confooxsist10
 
Believe It Or Not SSL Attacks
Believe It Or Not SSL AttacksBelieve It Or Not SSL Attacks
Believe It Or Not SSL AttacksAkash Mahajan
 
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...JPCERT Coordination Center
 
Essay About IS4560 Hacking
Essay About IS4560 HackingEssay About IS4560 Hacking
Essay About IS4560 HackingJessica Deakin
 
Safety & Security Risks in the Hyper-Connected World - IoT - Tamaghna Basu
Safety & Security Risks in the Hyper-Connected World - IoT - Tamaghna BasuSafety & Security Risks in the Hyper-Connected World - IoT - Tamaghna Basu
Safety & Security Risks in the Hyper-Connected World - IoT - Tamaghna BasuLounge47
 
Kent King - PKI: Do You Know Your Exposure?
Kent King - PKI: Do You Know Your Exposure?Kent King - PKI: Do You Know Your Exposure?
Kent King - PKI: Do You Know Your Exposure?centralohioissa
 
More Issues on Digital Identity (24Feb2023)
More Issues on Digital Identity (24Feb2023)More Issues on Digital Identity (24Feb2023)
More Issues on Digital Identity (24Feb2023)Hitoshi Kokumai
 
[Cluj] Turn SSL ON
[Cluj] Turn SSL ON[Cluj] Turn SSL ON
[Cluj] Turn SSL ONOWASP EEE
 
Avoiding damage, shame and regrets data protection for mobile client-server a...
Avoiding damage, shame and regrets data protection for mobile client-server a...Avoiding damage, shame and regrets data protection for mobile client-server a...
Avoiding damage, shame and regrets data protection for mobile client-server a...Stanfy
 
Blue team reboot - HackFest
Blue team reboot - HackFest Blue team reboot - HackFest
Blue team reboot - HackFest Haydn Johnson
 
Gavin Hill - Lessons From the Human Immune System
Gavin Hill - Lessons From the Human Immune SystemGavin Hill - Lessons From the Human Immune System
Gavin Hill - Lessons From the Human Immune Systemcentralohioissa
 
The CDO Agenda - Data Security and Encryption
The CDO Agenda - Data Security and EncryptionThe CDO Agenda - Data Security and Encryption
The CDO Agenda - Data Security and EncryptionDATAVERSITY
 
The 5 elements of IoT security
The 5 elements of IoT securityThe 5 elements of IoT security
The 5 elements of IoT securityJulien Vermillard
 
Anastasiia Vixentael: 10 things you need to know before implementing cryptogr...
Anastasiia Vixentael: 10 things you need to know before implementing cryptogr...Anastasiia Vixentael: 10 things you need to know before implementing cryptogr...
Anastasiia Vixentael: 10 things you need to know before implementing cryptogr...mdevtalk
 
Network Security R U Secure???
Network Security R U Secure???Network Security R U Secure???
Network Security R U Secure???trendy updates
 
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...Edureka!
 
[Attacks Part] BetterCrypto Workshop @ Hack.lu 2014
[Attacks Part] BetterCrypto Workshop @ Hack.lu 2014 [Attacks Part] BetterCrypto Workshop @ Hack.lu 2014
[Attacks Part] BetterCrypto Workshop @ Hack.lu 2014 Aaron Zauner
 
Security human
Security humanSecurity human
Security humanJisc
 

Similar to Security theatre (Scotland php) (20)

Security Theatre - Confoo
Security Theatre - ConfooSecurity Theatre - Confoo
Security Theatre - Confoo
 
Believe It Or Not SSL Attacks
Believe It Or Not SSL AttacksBelieve It Or Not SSL Attacks
Believe It Or Not SSL Attacks
 
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
 
Essay About IS4560 Hacking
Essay About IS4560 HackingEssay About IS4560 Hacking
Essay About IS4560 Hacking
 
Safety & Security Risks in the Hyper-Connected World - IoT - Tamaghna Basu
Safety & Security Risks in the Hyper-Connected World - IoT - Tamaghna BasuSafety & Security Risks in the Hyper-Connected World - IoT - Tamaghna Basu
Safety & Security Risks in the Hyper-Connected World - IoT - Tamaghna Basu
 
Kent King - PKI: Do You Know Your Exposure?
Kent King - PKI: Do You Know Your Exposure?Kent King - PKI: Do You Know Your Exposure?
Kent King - PKI: Do You Know Your Exposure?
 
More Issues on Digital Identity (24Feb2023)
More Issues on Digital Identity (24Feb2023)More Issues on Digital Identity (24Feb2023)
More Issues on Digital Identity (24Feb2023)
 
[Cluj] Turn SSL ON
[Cluj] Turn SSL ON[Cluj] Turn SSL ON
[Cluj] Turn SSL ON
 
Avoiding damage, shame and regrets data protection for mobile client-server a...
Avoiding damage, shame and regrets data protection for mobile client-server a...Avoiding damage, shame and regrets data protection for mobile client-server a...
Avoiding damage, shame and regrets data protection for mobile client-server a...
 
Blue team reboot - HackFest
Blue team reboot - HackFest Blue team reboot - HackFest
Blue team reboot - HackFest
 
Security
SecuritySecurity
Security
 
News bytes Oct-2011
News bytes  Oct-2011News bytes  Oct-2011
News bytes Oct-2011
 
Gavin Hill - Lessons From the Human Immune System
Gavin Hill - Lessons From the Human Immune SystemGavin Hill - Lessons From the Human Immune System
Gavin Hill - Lessons From the Human Immune System
 
The CDO Agenda - Data Security and Encryption
The CDO Agenda - Data Security and EncryptionThe CDO Agenda - Data Security and Encryption
The CDO Agenda - Data Security and Encryption
 
The 5 elements of IoT security
The 5 elements of IoT securityThe 5 elements of IoT security
The 5 elements of IoT security
 
Anastasiia Vixentael: 10 things you need to know before implementing cryptogr...
Anastasiia Vixentael: 10 things you need to know before implementing cryptogr...Anastasiia Vixentael: 10 things you need to know before implementing cryptogr...
Anastasiia Vixentael: 10 things you need to know before implementing cryptogr...
 
Network Security R U Secure???
Network Security R U Secure???Network Security R U Secure???
Network Security R U Secure???
 
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
 
[Attacks Part] BetterCrypto Workshop @ Hack.lu 2014
[Attacks Part] BetterCrypto Workshop @ Hack.lu 2014 [Attacks Part] BetterCrypto Workshop @ Hack.lu 2014
[Attacks Part] BetterCrypto Workshop @ Hack.lu 2014
 
Security human
Security humanSecurity human
Security human
 

More from xsist10

I put on my mink and wizard behat - Confoo Canada
I put on my mink and wizard behat - Confoo CanadaI put on my mink and wizard behat - Confoo Canada
I put on my mink and wizard behat - Confoo Canadaxsist10
 
I put on my mink and wizard behat (talk)
I put on my mink and wizard behat (talk)I put on my mink and wizard behat (talk)
I put on my mink and wizard behat (talk)xsist10
 
I put on my mink and wizard behat (tutorial)
I put on my mink and wizard behat (tutorial)I put on my mink and wizard behat (tutorial)
I put on my mink and wizard behat (tutorial)xsist10
 
I put on my mink and wizard behat
I put on my mink and wizard behatI put on my mink and wizard behat
I put on my mink and wizard behatxsist10
 
PHP SA 2014 - Releasing Your Open Source Project
PHP SA 2014 - Releasing Your Open Source ProjectPHP SA 2014 - Releasing Your Open Source Project
PHP SA 2014 - Releasing Your Open Source Projectxsist10
 
PHP SA 2013 - The weak points in our PHP projects
PHP SA 2013 - The weak points in our PHP projectsPHP SA 2013 - The weak points in our PHP projects
PHP SA 2013 - The weak points in our PHP projectsxsist10
 

More from xsist10 (6)

I put on my mink and wizard behat - Confoo Canada
I put on my mink and wizard behat - Confoo CanadaI put on my mink and wizard behat - Confoo Canada
I put on my mink and wizard behat - Confoo Canada
 
I put on my mink and wizard behat (talk)
I put on my mink and wizard behat (talk)I put on my mink and wizard behat (talk)
I put on my mink and wizard behat (talk)
 
I put on my mink and wizard behat (tutorial)
I put on my mink and wizard behat (tutorial)I put on my mink and wizard behat (tutorial)
I put on my mink and wizard behat (tutorial)
 
I put on my mink and wizard behat
I put on my mink and wizard behatI put on my mink and wizard behat
I put on my mink and wizard behat
 
PHP SA 2014 - Releasing Your Open Source Project
PHP SA 2014 - Releasing Your Open Source ProjectPHP SA 2014 - Releasing Your Open Source Project
PHP SA 2014 - Releasing Your Open Source Project
 
PHP SA 2013 - The weak points in our PHP projects
PHP SA 2013 - The weak points in our PHP projectsPHP SA 2013 - The weak points in our PHP projects
PHP SA 2013 - The weak points in our PHP projects
 

Recently uploaded

Seagate HDD Firmware Repair Tool Datasheet 2024
Seagate HDD Firmware Repair Tool Datasheet 2024Seagate HDD Firmware Repair Tool Datasheet 2024
Seagate HDD Firmware Repair Tool Datasheet 2024Dolphin Data Lab
 
WAN-IFRA: World Press Trends Outlook 2023-2024
WAN-IFRA: World Press Trends Outlook 2023-2024WAN-IFRA: World Press Trends Outlook 2023-2024
WAN-IFRA: World Press Trends Outlook 2023-2024Damian Radcliffe
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonAPNIC
 
ConFoo 2024 - Sylius 2.0, top-notch eCommerce for customizable solution
ConFoo 2024 - Sylius 2.0, top-notch eCommerce for customizable solutionConFoo 2024 - Sylius 2.0, top-notch eCommerce for customizable solution
ConFoo 2024 - Sylius 2.0, top-notch eCommerce for customizable solutionŁukasz Chruściel
 
Elevate Your Business: Unleashing Collaboration and Efficiency through Expert...
Elevate Your Business: Unleashing Collaboration and Efficiency through Expert...Elevate Your Business: Unleashing Collaboration and Efficiency through Expert...
Elevate Your Business: Unleashing Collaboration and Efficiency through Expert...Prometix Pty Ltd
 
Information Technology Project to Create a Business
Information Technology Project to Create a BusinessInformation Technology Project to Create a Business
Information Technology Project to Create a Businessmbowl010
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonAPNIC
 
ConFoo 2024 - Need for Speed: Removing speed bumps in API Projects
ConFoo 2024  - Need for Speed: Removing speed bumps in API ProjectsConFoo 2024  - Need for Speed: Removing speed bumps in API Projects
ConFoo 2024 - Need for Speed: Removing speed bumps in API ProjectsŁukasz Chruściel
 
Reactive programming with Spring Webflux.pptx
Reactive programming with Spring Webflux.pptxReactive programming with Spring Webflux.pptx
Reactive programming with Spring Webflux.pptxJoão Esperancinha
 
Biometrics Technology Intresting PPT
Biometrics Technology Intresting PPTBiometrics Technology Intresting PPT
Biometrics Technology Intresting PPTPraveenKumarThota7
 

Recently uploaded (10)

Seagate HDD Firmware Repair Tool Datasheet 2024
Seagate HDD Firmware Repair Tool Datasheet 2024Seagate HDD Firmware Repair Tool Datasheet 2024
Seagate HDD Firmware Repair Tool Datasheet 2024
 
WAN-IFRA: World Press Trends Outlook 2023-2024
WAN-IFRA: World Press Trends Outlook 2023-2024WAN-IFRA: World Press Trends Outlook 2023-2024
WAN-IFRA: World Press Trends Outlook 2023-2024
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff Huston
 
ConFoo 2024 - Sylius 2.0, top-notch eCommerce for customizable solution
ConFoo 2024 - Sylius 2.0, top-notch eCommerce for customizable solutionConFoo 2024 - Sylius 2.0, top-notch eCommerce for customizable solution
ConFoo 2024 - Sylius 2.0, top-notch eCommerce for customizable solution
 
Elevate Your Business: Unleashing Collaboration and Efficiency through Expert...
Elevate Your Business: Unleashing Collaboration and Efficiency through Expert...Elevate Your Business: Unleashing Collaboration and Efficiency through Expert...
Elevate Your Business: Unleashing Collaboration and Efficiency through Expert...
 
Information Technology Project to Create a Business
Information Technology Project to Create a BusinessInformation Technology Project to Create a Business
Information Technology Project to Create a Business
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
 
ConFoo 2024 - Need for Speed: Removing speed bumps in API Projects
ConFoo 2024  - Need for Speed: Removing speed bumps in API ProjectsConFoo 2024  - Need for Speed: Removing speed bumps in API Projects
ConFoo 2024 - Need for Speed: Removing speed bumps in API Projects
 
Reactive programming with Spring Webflux.pptx
Reactive programming with Spring Webflux.pptxReactive programming with Spring Webflux.pptx
Reactive programming with Spring Webflux.pptx
 
Biometrics Technology Intresting PPT
Biometrics Technology Intresting PPTBiometrics Technology Intresting PPT
Biometrics Technology Intresting PPT
 

Security theatre (Scotland php)