Shad Malloy CAaNES, LLC.

Slides:



Advertisements
Similar presentations
10,000 Issues Testing In a Tough Economy Jonathan Miller Director, Global Channel Sales & Development Pearson VUE Ryan Ulwelling Manager, Global PVTC Selects.
Advertisements

1© Copyright 2011 EMC Corporation. All rights reserved. Anatomy of an Attack.
Making Your Own Luck – “Planned Happenstance” June Kay Career Development Consultant.
The development of Internet A cow was lost in Jan 14th If you know where it is, please contact with me. My QQ number is QQ is one of the.
StanSource Inc. is Information Technology services and solutions providing organization engaged in providing a full range of solutions and services to.
Managing A Secure Infrastructure – Tales From the Trenches November 6, 2003.
UMBC TRAINING CENTERS © 2010, Paladin Group, LLC Certified Information System Security Professional (CISSP)
IS 380 OME 1 Fall 2010 Class 1. Administrative Roster Syllabus Review Class overview 10 domains overview.
Eastern Illinois University School of Technology Advisory Board Greg DeYoung April 12, 2003.
Information Networking Security and Assurance Lab National Chung Cheng University 1 A Real World Attack: wu-ftp.
E-Safety Quiz Keeping safe online! A guide for parents & children.
Slides copyright 2010 by Paladin Group, LLC used with permission by UMBC Training Centers, LLC.
Network Security. Trust Relationships (Trust Zones) High trust (internal) = f c (once you gain access); g p Low trust ( ) = more controls; fewer privileges.
Certified Information System Security Professional (CISSP)
OWASP Mobile Top 10 Why They Matter and What We Can Do
Oklahoma Chapter Information Systems Security Association Oklahoma Chapter, Tulsa Oklahoma City Chapter, OKC Student Chapter, Okmulgee Oklahoma Chapter,
Information Security– SNO International Zanzibar, Tanzania Joe Beaulac, Sr. Manager – Cyber Defense Center & Risk/Vulnerability Management 23 September.
Brett Miller, Medical School Chief IT Security Officer IRBMED Seminar Series April 28, 2015 Data Security.
Lessons Learned in Smart Grid Cyber Security
How STERIS is using Cloud Technology to Protect Web Access Presented By: Ed Pollock, CISSP-ISSMP, CISM CISO STERIS Corporation “Enabling Business”
1© Copyright 2012 EMC Corporation. All rights reserved. Getting Ahead of Advanced Threats Advanced Security Solutions for Trusted IT Chezki Gil – Territory.
KEVIN RUPERT INSTRUCTOR 1 IT133 Software Applications.
11 Canal Center Plaza, Alexandria, VA T F Enterprise Computing Conference (ECC) Workshop Alma R. Cole,
Prepared by: Dinesh Bajracharya Nepal Security and Control.
Incident Response And a debrief of UNM’s response to the Heartbleed vulnerability 1 Presented by: Michael Burlison, Information Security Analyst – CISSP,
Can your team outwit, outplay and outlast your opponents to be the ultimate CyberSurvivor?
Nata Raju Gurrapu Agenda What is Information and Security. Industry Standards Job Profiles Certifications Tips.
K E M A, I N C. Ten Steps To Secure Control Systems APPA 2005 Conference Session: Securing SCADA Networks from Cyber Attacks Memphis, TN April 18, 2005.
1 CHAPTER 2 LAWS OF SECURITY. 2 What Are the Laws of Security Client side security doesn’t work Client side security doesn’t work You can’t exchange encryption.
CPT 123 Internet Skills Class Notes Internet Security Session A.
Penetration Test
Security+ Brian E. Brzezicki. About Me Instructor Brian E. Brzezicki Bachelor of Science, Computer.
US Perspectives on Internet Policy Opportunities and Challenges in 2010 David P. McClure President & CEO US Internet Industry Association.
Knowing What You Missed Forensic Techniques for Investigating Network Traffic.
Certified Information System Security Professional (CISSP)
HP World September 2002 Scott S. Blake, CISSP Vice President, Information Security BindView Corporation Vulnerability Assessment and Action.
Security for Online Games Austin GDC, September 2009 Tim Ray, CISSP.
MVHS Career Night 2015 Information Security. Agenda What is Information and Security. Industry Standards Job Profiles Certifications Tips.
Information Security In the Corporate World. About Me Graduated from Utica College with a degree in Economic Crime Investigation (ECI) in Spring 2005.
Cyber Services Plc BRIEF SUMMARY  Founded in 2015  Founders and members are security veterans with proven international reputation  Resources.
Engineering Secure Software. Does Security Even Matter?  Find two other people near you Introduce yourself What is your favorite software development.
Certified Ethical Hacker v8 Question Answer Eccouncil v8.
Information Security Principles and Practices by Mark Merkow and Jim Breithaupt Chapter 1: Why Study Information Security?
Digital Security Focus Area & Critical Infrastructure Protection in H2020 SC7 WP Aristotelis Tzafalias Trust and Security Unit DG Communications.
Technology and Business Continuity
312-50v9: Certified Ethical Hacker Exam V9
Ilija Jovičić Sophos Consultant.
CEH vs CISSP Course, Advantage, Career, Salary, Demand!
Security OPS for large and small companies
David Brown, MBA Certified Information Systems Security Professional (CISSP) Security Expert (GSE) Critical [Security] Controls Certification (GCCC) Exploit.
Windows Server 2016 Secure IaaS Microsoft Build /1/2018 4:00 AM
UNIT I INTRODUCTION Growing IT Security Importance and New Career Opportunities – Becoming an Information Security Specialist – Conceptualizing.
BUILDING A PRIVACY AND SECURITY PROGRAM FOR YOUR NON-PROFIT
ECCouncil Exam Real Dumps - ECCouncil Exam 100% Passing Guarantee
Joaquin Fuentes MBA, CEH, CPT, CISSP, CISA, NACA
Cybersecurity Awareness
Risks & Reality Cyber Security Risks & Reality
IT Technician Pathway - Cybersecurity
Information Security ……PLOTTING YOUR PATH
Internet Service Provider Attack Scenario
Cyber Defense Matrix Cyber Defense Matrix
National Cyber Security
David J. Carter, CISO Commonwealth Office of Technology
Securing the Threats of Tomorrow, Today.
Computer Security Fundamentals
Implementing Client Security on Windows 2000 and Windows XP Level 150
Security week 1 Introductions Class website Syllabus review
Cybersecurity Threat Assessment
Strategic threat assessment
Professional Services END TO END NETWORK SECURITY SOLUTION
Presentation transcript:

Shad Malloy CAaNES, LLC

Wow, I’ve passed a lot of tests! SecurityTube iOS Security Expert (SISE) Web Application Security 360, eLearn Security Certified Security Analyst (ECSA) Certified Information System Security Professional (CISSP) Certified Windows Security Analyst (CWSA), IACRB Certified Ethical Hacker (CEH), EC-Council Certified Intrusion Prevention Specialist (CIPS), IACRB Core Impact Certified Professional (CICP), Core Security Security+, CompTIA DON’T TRUST PEOPLES CERTIFICATIONS! EXCEPT MINE!

What are we going to be talking about? Assumptions Threat Modeling Fundamentals FUD Rant Emerging Threats and Trends

Fear Uncertainty Doubt FUD is rampant in the security industry Don’t tolerate it

Assumptions Target of Opportunity or Convenience Captive Attackers Illogical Attackers

Nation States Are Apex Predators

Traditional Defense Structure

Modern Defense Structure

Actors Malicious or ‘Curious’ Students Malicious or Disgruntled Staff Hacktivists Malicious Actors Criminal Organizations

Threat Model Asset Actor Loss

Fundamentals Asset Inventory Patching Network Segmentation OS Peripherals Network Devices Applications Out of Band Management Network Segmentation Vulnerability Analysis Incident Response Disaster Recovery

Current Trends Cryptographic attacks Client Side Application POODLE Heartbleed Client Side Application Sandworm (I promise these TOTALLY won’t have a nasty surprise) Internet Explorer MS14-064 Operating System Shellshock IoT

This is JAMY. JAMY is a terrible idea. MS14-036? Sun Alert 6483560?

New Hotness Dirty secret of every security consultant is … We don’t need the new hotness Unless your doing the fundamentals well I’m going to use something tried and true.

What is on the horizon Encryption Attacks IPv6 and the circle of life Operation Onymous IPv6 and the circle of life Client Attacks

Ask Me Anything Shad.Malloy@CAaNES.COM Questions Ask Me Anything Shad.Malloy@CAaNES.COM

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.