building security from scratch
play

Building security from scratch Anthi Gilligan Application Security - PowerPoint PPT Presentation

Oct 25, 2022 •345 likes •522 views

From ZERO to HERO Building security from scratch Anthi Gilligan Application Security Engineer - Logitech @AnGreagach Who I am and what I do The state of Infosec The experts Pitfall #1 Pitfall #2 Pitfall #3 Pitfall #4 ENCRYPT

  1. “From ZERO to HERO” Building security from scratch Anthi Gilligan Application Security Engineer - Logitech @AnGreagach

  2. Who I am and what I do

  3. The state of Infosec

  4. The “experts”

  5. Pitfall #1

  6. Pitfall #2

  7. Pitfall #3

  8. Pitfall #4 ENCRYPT OR DIE!!!!!

  9. Policies, standards and tech specs

  10. Security Architecture

  11. Security Architecture Agree principles and objectives scope first…

  12. Security Architecture Business Requirements Ask the business Enterprise Architecture • Goals • Rules • Requirements Ask the business Security Architecture • Laws and regulations + • Standards • ISMS Ask the World!

  13. Some principles of Security Architecture Security and privacy by design Security controls appropriate to risk Secure SDLC Identify the weakest link Design using security standards Ensure accountability Least Privilege Audit significant activities Defence in depth By invitation only

  14. Some (more) principles of Security Architecture Simplify and standardise Mutual authentication Inbound interactive connections Secure recovery E2E technology lifecycle Inbound interactive high-risk users Protect the data Remote log file collection Fidelity of environments Don’t trust… prove!

  15. YOU!

  16. Question Time! Coffee = 1 question Beer = 2 questions Gin = L et’s talk at the bar ☺ @AnGreagach

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Scratch Brainstorming WATER SYSTEMS CODING LESSON GRADE 8 Meet Scratch Scratch is a coding

Scratch Brainstorming WATER SYSTEMS CODING LESSON GRADE 8 Meet Scratch Scratch is a coding

Scratch Brainstorming WATER SYSTEMS CODING LESSON GRADE 8 Meet Scratch Scratch is a coding platform for all ages and subjects. Students can use Scratch to learn 21 st century skills while coding their own interactive stories, animations,

395 views • 11 slides
Scratch Brainstorming CLIMATE CHANGE CODING LESSON GRADE 10 Meet Scratch Scratch is a coding

Scratch Brainstorming CLIMATE CHANGE CODING LESSON GRADE 10 Meet Scratch Scratch is a coding

Scratch Brainstorming CLIMATE CHANGE CODING LESSON GRADE 10 Meet Scratch Scratch is a coding platform for all ages and subjects. Students can use Scratch to learn 21 st century skills while coding their own interactive stories,

557 views • 11 slides
Coding a graph application from scratch with GRANDstack Christian Miles - NODES 2019 GRANDstack

Coding a graph application from scratch with GRANDstack Christian Miles - NODES 2019 GRANDstack

Coding a graph application from scratch with GRANDstack Christian Miles - NODES 2019 GRANDstack from scratch What is it? Why use it? Building an app from scratch What is it? What is it? Basic app architecture Building from

289 views • 7 slides
Building an N-Body Simulator from scratch 29/03/2016 Philippos Papaphilippou FYS 012

Building an N-Body Simulator from scratch 29/03/2016 Philippos Papaphilippou FYS 012

Philippos Papaphilippou Building an N-Body Simulator from scratch 29/03/2016 Philippos Papaphilippou FYS 012 Physics and Applications The N-Body Problem The understanding of the motion of stars, planets and other space objects has

586 views • 21 slides
Building a Drone from scratch Igor Stoppa Embedded Linux Conference October 2016 V 0.1.0

Building a Drone from scratch Igor Stoppa Embedded Linux Conference October 2016 V 0.1.0

Building a Drone from scratch Igor Stoppa Embedded Linux Conference October 2016 V 0.1.0 Disclaimers Opinions expressed in these foils represent exclusively to the authors view. All Logos and Trademarks represented belong to their

579 views • 38 slides
COOPERATIVE CATALOGING IN A CHANGING ENVIRONMENT OR YOU SCRATCH MY BACK, ILL SCRATCH YOURS

COOPERATIVE CATALOGING IN A CHANGING ENVIRONMENT OR YOU SCRATCH MY BACK, ILL SCRATCH YOURS

COOPERATIVE CATALOGING IN A CHANGING ENVIRONMENT OR YOU SCRATCH MY BACK, ILL SCRATCH YOURS Bonnie Parks OLA 2011 University of Portland Cooperation Identify a sample of major cooperative cataloging efforts resulting in policy changes

632 views • 15 slides
Introduction to Scratch Programming Tiffany Snell Palm Beach County Library System What is

Introduction to Scratch Programming Tiffany Snell Palm Beach County Library System What is

Introduction to Scratch Programming Tiffany Snell Palm Beach County Library System What is Scratch? Website: scratch.mit.edu Why Scratch and Not Python, JavaScript, or C? Scratch - Python - print("Hello World!")

457 views • 23 slides
Building a Pass Rusher from Scratch Since 2002 Big Skill Pass Rush System V.G.H.H Vision

Building a Pass Rusher from Scratch Since 2002 Big Skill Pass Rush System V.G.H.H Vision

Consulting, Teaching, Developing Pass Rushers Since 2002 Since 2002 Building a Pass Rusher from Scratch Since 2002 Big Skill Pass Rush System V.G.H.H Vision +GetOff+Hands+Hips V.G.H.H This system was created for DefensiveLineman,

258 views • 9 slides
Building a Data Science Capability from Scratch Victor Hu Head of Data Science QCon - March2017

Building a Data Science Capability from Scratch Victor Hu Head of Data Science QCon - March2017

Building a Data Science Capability from Scratch Victor Hu Head of Data Science QCon - March2017 Contents Background QBE Context The five challenges: 1. Buy-in -- creating a corporate ambition for data science 2. Team

363 views • 24 slides
Tizen IVI from scratch Customizing, building and testing Stphane Desneux Senior Software

Tizen IVI from scratch Customizing, building and testing Stphane Desneux Senior Software

Tizen IVI from scratch Customizing, building and testing Stphane Desneux Senior Software Engineer Eurogiciel <stephane.desneux@open.eurogiciel.org> Eurogiciel Open source development and integration: Maintainers in

487 views • 36 slides
BUILDING CAPACITY FOR SECURITY RESILIENCE Building CapaCity FOR SeCuRity ReSilienCe INTRODUCTION

BUILDING CAPACITY FOR SECURITY RESILIENCE Building CapaCity FOR SeCuRity ReSilienCe INTRODUCTION

BUILDING CAPACITY FOR SECURITY RESILIENCE Building CapaCity FOR SeCuRity ReSilienCe INTRODUCTION Mr. S pea k e r , wish to dedicate this sectoral presentation to the hardworking, devoted and uncompromising I members of Jamaicas security

478 views • 21 slides
The Story of Singapore Building a Nation from Scratch Disclaimer Disclaimer Im not

The Story of Singapore Building a Nation from Scratch Disclaimer Disclaimer Im not

The Story of Singapore Building a Nation from Scratch Disclaimer Disclaimer Im not Singaporean. Im also not saying this is the ideal way to run a nation. The Story Begins..

673 views • 33 slides
Building a Smart Question Answering System from Scratch Minjoon Seo PhD Student University of

Building a Smart Question Answering System from Scratch Minjoon Seo PhD Student University of

Building a Smart Question Answering System from Scratch Minjoon Seo PhD Student University of Washington UWNLP What is Question Answering System? Q: Which airports are in New York City? There are four airports in NYC: JFK, LeGuardia,

465 views • 34 slides
Final Project Using Scratch, design an app that teaches a concept to a K 12 student. Examples:

Final Project Using Scratch, design an app that teaches a concept to a K 12 student. Examples:

Final Project Using Scratch, design an app that teaches a concept to a K 12 student. Examples: Solar System simulator: http://scratch.mit.edu/projects/585103/ Dice probabilities: http://scratch.mit.edu/projects/25332454/ Change counter:

623 views • 5 slides
Introduction to Programming Scratch Lesson 1 Goals Sequence of commands Scratch

Introduction to Programming Scratch Lesson 1 Goals Sequence of commands Scratch

Introduction to Programming Scratch Lesson 1 Goals Sequence of commands Scratch Interface Variables Conditional Statements Turtle Graphics Repetition 2 Sequence of statements A step by step process (Algorithm)

529 views • 16 slides
Scratching the Itch How to attack slow applications, with particular reference to Scratch on a

Scratching the Itch How to attack slow applications, with particular reference to Scratch on a

Scratching the Itch How to attack slow applications, with particular reference to Scratch on a Raspberry Pi tim Rowledge tim@rowledge.org for the Raspberry Pi Foundation ESUG 14 Cambridge UK Scratch lives at scratch.mit.edu - though be

448 views • 19 slides
Security as a Architectural Concern Reid Holmes [TAILOR ET AL.] NFP: Security Security:

Security as a Architectural Concern Reid Holmes [TAILOR ET AL.] NFP: Security Security:

Material and some slide content from: - Software Architecture: Foundations, Theory, and Practice - Krzysztof Czarnecki Security as a Architectural Concern Reid Holmes [TAILOR ET AL.] NFP: Security Security: The protection a ff orded a

160 views • 4 slides
SECURE BY DESIGN Security Design Principles for the Rest of Us GOTO London 2016 Eoin Woods -

SECURE BY DESIGN Security Design Principles for the Rest of Us GOTO London 2016 Eoin Woods -

SECURE BY DESIGN Security Design Principles for the Rest of Us GOTO London 2016 Eoin Woods - Endava @eoinwoodz 1 BACKGROUND Eoin Woods CTO at Endava (technology services, 3300 people) 10 years in product development - Bull,

453 views • 31 slides
GANT: A Defense in Depth Approach TF-MSP Wayne Routly Trondheim.no Security Manager

GANT: A Defense in Depth Approach TF-MSP Wayne Routly Trondheim.no Security Manager

GANT: A Defense in Depth Approach TF-MSP Wayne Routly Trondheim.no Security Manager September 2013 DANTE connect communicate collaborate Before . connect communicate collaborate Agenda Defence in Depth - A Layered

323 views • 9 slides
Multi-Factor Authentication (MFA) for the NCEdCloud IAM Service - Part 2 - (MFA for additional

Multi-Factor Authentication (MFA) for the NCEdCloud IAM Service - Part 2 - (MFA for additional

Multi-Factor Authentication (MFA) for the NCEdCloud IAM Service - Part 2 - (MFA for additional NCEdCloud Privileged Accounts) - Mark Scheible, MCNC MFA for All NCEdCloud Privileged Users As a part of continuing efforts to enhance the security

479 views • 14 slides
Introduction to OWASP Mobile Application Security Verification Standard (MASVS) OWASP Geneva

Introduction to OWASP Mobile Application Security Verification Standard (MASVS) OWASP Geneva

Introduction to OWASP Mobile Application Security Verification Standard (MASVS) OWASP Geneva 12/12/2016 Jrmy MATOS whois securingapps Developer background Spent last 10 years working between Geneva and Lausanne on security products

867 views • 22 slides
Injecting Security Controls into Software Applications Katy Anton Principal Application Security

Injecting Security Controls into Software Applications Katy Anton Principal Application Security

Injecting Security Controls into Software Applications Katy Anton Principal Application Security Consultant About me Katy Anton Software development background Project co-leader for OWASP Top 10 Proactive Controls (@OWASPControls)

599 views • 37 slides
Nuclear Safety Standards Committee 41 st Meeting, 21 23 June, 2016 Joint IAEA-ICTP Essential

Nuclear Safety Standards Committee 41 st Meeting, 21 23 June, 2016 Joint IAEA-ICTP Essential

Nuclear Safety Standards Committee 41 st Meeting, 21 23 June, 2016 Joint IAEA-ICTP Essential Knowledge Workshop on Nuclear Power Plant Design Safety Agenda item Title ICTP/Trieste, 9 20 October 2017 Assessment of Defence in Depth Name,

580 views • 38 slides
Design Principles CS461 / ECE422 Spring 2012 1 Overview Simplicity - Less to go wrong -

Design Principles CS461 / ECE422 Spring 2012 1 Overview Simplicity - Less to go wrong -

Design Principles CS461 / ECE422 Spring 2012 1 Overview Simplicity - Less to go wrong - Fewer possible inconsistencies - Easy to understand Restriction - Minimize access - Inhibit communication Saltzer and Schroeder 75 2 Economy of

330 views • 20 slides

More recommend