lady nerd laura safestack io https safestack io in this
play

@lady_nerd laura@safestack.io https://safestack.io In this talk - PowerPoint PPT Presentation

Oct 20, 2023 •347 likes •765 views

@lady_nerd laura@safestack.io https://safestack.io In this talk Fear and loathing Examining the root of fear and its effects Fear-based architecture and antipatterns Fear leads to anger, anger leads to hatred. Fearless security

  1. @lady_nerd laura@safestack.io https://safestack.io

  2. In this talk Fear and loathing Examining the root of fear and it’s effects Fear-based architecture and antipatterns Fear leads to anger, anger leads to hatred…. Fearless security patterns and approaches Deconstructing the scared and building the secure

  3. Fear and loathing

  5. Words Matter Threat Intelligence Kill Chain Advanced Persistent Threat Cyber War Zero-day Threat actor Firewall Brute-force Weaponized content

  6. The more scared we are The more scared we get

  7. In a nationally representative sample of Americans (fear increased risk estimates and plans for precautionary measures;

  9. Fight Flight Freeze

  10. Because these cues were associated with previous danger, the brain may see them as a predictor of threat.

  11. Fear-based architecture and antipatterns

  12. Castles

  14. Layered defences create an expectation of safety, managed by someone or something else.

  15. Defences can be challenged by Deployment Integrations Deconstruction Distribution

  16. Gatekeepers

  18. Gatekeepers place the responsibility on the user to prove that they are not malicious

  19. Innocent people try hard to be honest and incriminate themselves Malicious people follow the rules, don’t draw attention

  21. Scar Tissue

  23. Scar tissue is a defence that forms where we have previously been hurt

  25. Signs that your defence might be scar tissue Not-measurable Acute Useless Specific Exclusionary Arbitrary

  26. Fearless security patterns and approaches

  27. Castles Tiny Houses

  28. Small, simple and focused on functionality

  30. Small Frequently deployed Independent Monitored Consistent Assume failure Evaluated and updated

  31. Gatekeepers Guardians

  32. Guardians monitor and respond

  34. Honey pit: An intentional vulnerability in an application that traps an attacker Bermudez Honey pot: An intentionally vulnerable host in a network that alerts when attacked https://canary.tools

  35. Scar Tissue Intelligent Defences

  36. Be aware and challenge your own bubble

  37. Build defences that Focus on usability and accessibility Allow for monitoring and response Subject to regular evaluation

  39. TL;DR Fear and loathing Examining the root of fear and it’s effects Fear-based architecture and antipatterns Fear leads to anger, anger leads to hatred…. Fearless security patterns and approaches Deconstructing the scared and building the secure

  40. @lady_nerd laura@safestack.io https://safestack.io

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

secure software @lady_nerd laura@safestack.io https://safestack.io In this talk Everything is

secure software @lady_nerd laura@safestack.io https://safestack.io In this talk Everything is

Architecting a culture of secure software @lady_nerd laura@safestack.io https://safestack.io In this talk Everything is not awesome The reality of our threat landscape and the need for change Security at speed Shifting mindsets and

699 views • 48 slides
Practical Microservice Security Laura Bell Practical Microservice security Laura Bell Founder

Practical Microservice Security Laura Bell Practical Microservice security Laura Bell Founder

Practical Microservice Security Laura Bell Practical Microservice security Laura Bell Founder and Lead Consultant - SafeStack @lady_nerd laura@safestack.io http:/ /safestack.io caution: fast paced field ahead watch for out of date

1.06k views • 66 slides
https://bit.ly/3pptcRS 3 4 https://bit.ly/2UiBgWq Vase Face Face https://bit.ly/3luge2Q

https://bit.ly/3pptcRS 3 4 https://bit.ly/2UiBgWq Vase Face Face https://bit.ly/3luge2Q

https://bit.ly/3pptcRS 3 4 https://bit.ly/2UiBgWq Vase Face Face https://bit.ly/3luge2Q Young Lady Old Woman https://bit.ly/3krpGmu https://bit.ly/35qQMps Perspective An attitude toward or point of view of something Perception A

791 views • 13 slides
presbyteries against what we need today in Our Lady of the Valleys Our Lady of the Valleys A

presbyteries against what we need today in Our Lady of the Valleys Our Lady of the Valleys A

That we review our churches and presbyteries against what we need today in Our Lady of the Valleys Our Lady of the Valleys A Catholic Parish Archdiocese of Wellington We need the views and thoughts of Parishioners of all ages and from

181 views • 7 slides
What is a Nerd? A historical and journalistic examination of the cultural psychology of outcast

What is a Nerd? A historical and journalistic examination of the cultural psychology of outcast

What is a Nerd? A historical and journalistic examination of the cultural psychology of outcast groups in contemporary North America by literary analysis and comparative case study Definition 1: Nerd http:/

343 views • 17 slides
LADY VICTORIA 120ft / 36.58m Feadship 1991/2016 Sleeps 8 guests in 4 staterooms LADY VICTORIA

LADY VICTORIA 120ft / 36.58m Feadship 1991/2016 Sleeps 8 guests in 4 staterooms LADY VICTORIA

LADY VICTORIA 120ft / 36.58m Feadship 1991/2016 Sleeps 8 guests in 4 staterooms LADY VICTORIA offers a complete escape from the average and ordinary. A true gentlemans yacht , she is a haven of impeccable elegance. LADY VICTORIA has the full

584 views • 16 slides
Mental Health Awareness What do you see? Old lady? Young lady? Learning Agreement We all see

Mental Health Awareness What do you see? Old lady? Young lady? Learning Agreement We all see

Mental Health Awareness What do you see? Old lady? Young lady? Learning Agreement We all see things in different ways - the same will be true for today, so please: Respect other peoples reactions, even if they are different from your own;

450 views • 18 slides
+ Feast of the Presentation of the Lord + 2 February AD 2020 + The Cathedral of Our Lady of

+ Feast of the Presentation of the Lord + 2 February AD 2020 + The Cathedral of Our Lady of

The Cathedral of Our Lady of Walsingham The Ordinariate of the Chair of Saint Peter Under Protection of Our Lady of Walsingham Bisho hop p Steve ven J. Lopes Lopes Fathe her r Charle rles A. . Houg ugh h Rect ctor r & &

330 views • 10 slides
Lady Viking Soccer Parent Club Informational Meeting Welcome to the Lady Viking Soccer Program!

Lady Viking Soccer Parent Club Informational Meeting Welcome to the Lady Viking Soccer Program!

Lady Viking Soccer Parent Club Informational Meeting Welcome to the Lady Viking Soccer Program! Parent Dues Parents are asked to pay $40.00 per player to help support Lady Viking Soccer Parent Club Expenses: End of Season Banquet

154 views • 13 slides
Mapping FOSDEM for accessibility The team Laura https://codingcatgirl.de/ Created

Mapping FOSDEM for accessibility The team Laura https://codingcatgirl.de/ Created

Mapping FOSDEM for accessibility The team Laura https://codingcatgirl.de/ Created C3NAV Shin Ice Linux Sysadmin (Germany) Fosdem volunteer for different years Johan Van de Wauw Developing sensor solutions at

434 views • 17 slides
18 Universal Feasts Mary, Mother of God The Presentation of Our Lord Our Lady of Lourdes The

18 Universal Feasts Mary, Mother of God The Presentation of Our Lord Our Lady of Lourdes The

18 Universal Feasts Mary, Mother of God The Presentation of Our Lord Our Lady of Lourdes The Annunciation Our Lady of Fatima Mary, Help of Christians The Visitation The Immaculate Heart of Mary Our Lady of Mount Carmel Mary, Mother of the

362 views • 11 slides
MEET YOUR LIBRARIAN & LIBRARY GVHS LIBRARIAN Noun A PROBLEM - SOLVING , BOOK LOVING ,

MEET YOUR LIBRARIAN & LIBRARY GVHS LIBRARIAN Noun A PROBLEM - SOLVING , BOOK LOVING ,

MEET YOUR LIBRARIAN & LIBRARY GVHS LIBRARIAN Noun A PROBLEM - SOLVING , BOOK LOVING , INFORMATION HUNTING , AND SOURCE - CITING RESEARCH NERD NINJA , WITH A DASH OF CAT LADY ON THE SIDE . SCHOOL LIBRARY MONTH # AASLSLM 1 0 Are libraries

451 views • 13 slides
Our Lady of Perpetual Help sign that is spoken against 35 (and a sword will pierce through your

Our Lady of Perpetual Help sign that is spoken against 35 (and a sword will pierce through your

Our Lady of Perpetual Help Reflecting On Sundays Readings THE PRESENTATION OF THE LORD SUNDAY February 2, 2020 First Reading Malachi 3:1-4 1 and deliver all those who through fear of death Behold, I send my messenger to prepare the

196 views • 3 slides
UGA LADY AWARD The UGA is pleased to recognize a Utah Women golfer based solely upon what she

UGA LADY AWARD The UGA is pleased to recognize a Utah Women golfer based solely upon what she

UGA LADY AWARD The UGA is pleased to recognize a Utah Women golfer based solely upon what she gives back to the game locally. We are proud to recognize one recipient each year as the UGA Lady. A title that additionally pays tribute to the 86

462 views • 9 slides
Advanced Web Services with JSON API HOWDY! I am Mateu I am here because I am a decoupling nerd

Advanced Web Services with JSON API HOWDY! I am Mateu I am here because I am a decoupling nerd

Advanced Web Services with JSON API HOWDY! I am Mateu I am here because I am a decoupling nerd You can find me at @e0ipso You will learn about JSON API Drupal module Outstanding problems What is it? Whats the status? Still

982 views • 53 slides
Analytics & Tech Trends How to sound techy without actually being a nerd Jai Govindani

Analytics & Tech Trends How to sound techy without actually being a nerd Jai Govindani

Analytics & Tech Trends How to sound techy without actually being a nerd Jai Govindani Chief Technology Officer Red Planet Hotels HSMAI August 2016 The Digital Journey Digital its not just about tools, its a way of life

396 views • 15 slides
Towards malware inspired management frameworks J er ome Fran cois, Radu State and

Towards malware inspired management frameworks J er ome Fran cois, Radu State and

April, 8 2008 http://madynes.loria.fr/ Towards malware inspired management frameworks J er ome Fran cois, Radu State and Olivier Festor Introduction Malware for management Models Results Conclusion Outline 1 Introduction 2

513 views • 34 slides
NCSC One: IoT Honeypot Pieter Jansen & Jurriaan Bremer On the agenda: 1. Introduction 2.

NCSC One: IoT Honeypot Pieter Jansen & Jurriaan Bremer On the agenda: 1. Introduction 2.

NCSC One: IoT Honeypot Pieter Jansen & Jurriaan Bremer On the agenda: 1. Introduction 2. SBIR 3. Cuckoo Sandbox 4. Project 5. Architecture 6. Offline demo 7. Roadmap Introduction Pieter Jansen - CEO @ Cybersprint -

859 views • 42 slides
Industrial Control Systems Honeypot May1601 Aashwatth Agarwal Dan Borgerding Jon Hope Nik

Industrial Control Systems Honeypot May1601 Aashwatth Agarwal Dan Borgerding Jon Hope Nik

Industrial Control Systems Honeypot May1601 Aashwatth Agarwal Dan Borgerding Jon Hope Nik Kinkel Jon Osborne Korbin Stich http://may1601.sd.ece.iastate.edu Client : Alliant Energy Advisor : Dr. Doug Jacobson April 28, 2016 May1601 ICS

384 views • 15 slides
Virtual machine introspection in a hybrid honeypot architecture Tamas K Lengyel & Justin

Virtual machine introspection in a hybrid honeypot architecture Tamas K Lengyel & Justin

Virtual machine introspection in a hybrid honeypot architecture Tamas K Lengyel & Justin Neumann University of Connecticut The role of the honeypot The limitations Low-interaction honeypots: "Artificial" attack surface

846 views • 13 slides
UKinbound and working with the Travel Trade Andrew Macnair Business Development Manager,

UKinbound and working with the Travel Trade Andrew Macnair Business Development Manager,

UKinbound and working with the Travel Trade Andrew Macnair Business Development Manager, Scotland What we will cover today Who UKinbound is and what we do What do we mean by Travel Trade and why is it important ? Scotland from the

381 views • 19 slides
Timeless Testing Skills for Modern Testers Presented by: Gerie

Timeless Testing Skills for Modern Testers Presented by: Gerie

W8 Personal Development 2019-05-01 13:30 Timeless Testing Skills for Modern Testers Presented by: Gerie Owen , Technology Strategy Research Peter Varhol, Exoprise

712 views • 24 slides
Northern Farming Conference 13 th November 2013 Rob Sanderson: Head of Central Store Development

Northern Farming Conference 13 th November 2013 Rob Sanderson: Head of Central Store Development

Northern Farming Conference 13 th November 2013 Rob Sanderson: Head of Central Store Development About Us Openfield markets 4.5m tonnes of grain per annum. This is 20% of UK grain market. This activity generates over 70% of our income.

589 views • 22 slides
Strategic Plan for Tourism 2016-2021 Stage 1 - Situation Analysis June 2016 Prepared for

Strategic Plan for Tourism 2016-2021 Stage 1 - Situation Analysis June 2016 Prepared for

Prince Edward Island Strategic Plan for Tourism 2016-2021 Stage 1 - Situation Analysis June 2016 Prepared for Contents Objectives Methodology Market Research Emerging Trends in North American Tourism Market External Trade

619 views • 39 slides

More recommend