@lady_nerd laura@safestack.io https://safestack.io In this talk - - PowerPoint PPT Presentation

▶

Oct 20, 2023 347 likes •767 views

@lady_nerd laura@safestack.io https://safestack.io In this talk Fear and loathing Examining the root of fear and its effects Fear-based architecture and antipatterns Fear leads to anger, anger leads to hatred. Fearless security

SLIDE 1

@lady_nerd laura@safestack.io https://safestack.io

SLIDE 2

In this talk

Fear and loathing

Examining the root of fear and it’s effects

Fear-based architecture and antipatterns

Fear leads to anger, anger leads to hatred….

Fearless security patterns and approaches

Deconstructing the scared and building the secure

SLIDE 3

Fear and loathing

SLIDE 4

SLIDE 5

Words Matter Threat Intelligence Kill Chain Advanced Persistent Threat Cyber War Zero-day Threat actor Firewall Brute-force Weaponized content

SLIDE 6

The more scared we are The more scared we get

SLIDE 7

In a nationally representative sample of Americans (fear increased risk estimates and plans for precautionary measures;

SLIDE 8

SLIDE 9

Fight Flight Freeze

SLIDE 10

Because these cues were associated with previous danger, the brain may see them as a predictor of threat.

SLIDE 11

Fear-based architecture and antipatterns

SLIDE 12

Castles

SLIDE 13

SLIDE 14

Layered defences create an expectation of safety, managed by someone or something else.

SLIDE 15

Defences can be challenged by Deployment Integrations Deconstruction Distribution

SLIDE 16

Gatekeepers

SLIDE 17

SLIDE 18

Gatekeepers place the responsibility

n the user to prove that they are not

malicious

SLIDE 19

Innocent people try hard to be honest and incriminate themselves Malicious people follow the rules, don’t draw attention

SLIDE 20

SLIDE 21

Scar Tissue

SLIDE 22

SLIDE 23

Scar tissue is a defence that forms where we have previously been hurt

SLIDE 24

SLIDE 25

Signs that your defence might be scar tissue Not-measurable Acute Useless Specific Exclusionary Arbitrary

SLIDE 26

Fearless security patterns and approaches

SLIDE 27

Castles

Tiny Houses

SLIDE 28

Small, simple and focused on functionality

SLIDE 29

SLIDE 30

Small Frequently deployed Independent Monitored Consistent Assume failure Evaluated and updated

SLIDE 31

Gatekeepers

Guardians

SLIDE 32

Guardians monitor and respond

SLIDE 33

SLIDE 34

Honey pit:

An intentional vulnerability in an application that traps an attacker

Bermudez

Honey pot:

An intentionally vulnerable host in a network that alerts when attacked

https://canary.tools

SLIDE 35

Scar Tissue

Intelligent Defences

SLIDE 36

Be aware and challenge your own bubble

SLIDE 37

Build defences that Focus on usability and accessibility Allow for monitoring and response Subject to regular evaluation

SLIDE 38

SLIDE 39

TL;DR

Fear and loathing

Examining the root of fear and it’s effects

Fear-based architecture and antipatterns

Fear leads to anger, anger leads to hatred….

Fearless security patterns and approaches

Deconstructing the scared and building the secure

SLIDE 40

@lady_nerd laura@safestack.io https://safestack.io