Changing global scenario of Information Security and its effects on Security testing By Anshul Abhang Founder Director, FLUXONIX CEH, CHFI, ECSA, LPT,

Slides:



Advertisements
Similar presentations
PENETRATION TESTING Presenters:Chakrit Sanbuapoh Sr. Information Security MFEC.
Advertisements

Cloud computing security related works in ITU-T SG17
Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
1 Telstra in Confidence Managing Security for our Mobile Technology.
Security Controls – What Works
Planning and Managing Information Security Randall Sutton, President Elytra Enterprises Inc. April 4, 2006.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.
“Today over 70% of attacks against a company’s network come at the ‘Application Layer’ not the Network or System layer.” - Gartner Is Your Web Application.
Information Security Risk Management
Maintaining & Reviewing a Web Application’s Security By: Karen Baldacchino Date: 15 September 2012.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.
Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
PBA. Observations  Growth, projects, busy-ness –Doing an incredible amount of work  Great Quality of work  Concern about being perfect  Attitudes.
Securing Information Systems
SEC835 Database and Web application security Information Security Architecture.
Evolving IT Framework Standards (Compliance and IT)
Security and Privacy Services Cloud computing point of view October 2012.
Measuring Security Best Practices with OpenSAMM Alan Jex SnowFROC 2013.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Information Systems Analysis and Design
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Systems and Software Consortium | 2214 Rock Hill Road, Herndon, VA Phone: (703) | FAX: (703) Best.
Nata Raju Gurrapu Agenda What is Information and Security. Industry Standards Job Profiles Certifications Tips.
Mahesh S. Sonavane SunGard VP – Information Security & BCM
Cyber Security & Fraud – The impact on small businesses.
Week 3 E-GOVERNMENT. Security PRIVACY Learning outcome At the end of this slide, student can: 1) Explain the network security 2) Understand the contribution.
Project co-funded by the European Commission within the 7th Framework Program (Grant Agreement No ) Business Convergence WS#2 Smart Grid Technologies.
Data Security Assessment and Prevention AD660 – Databases, Security, and Web Technologies Marcus Goncalves Spring 2013.
Office of Campus Information Security Driving a Security Architecture by Assessing Risk Stefan Wahe Sr. Information Security Analyst.
Service Is So Last Decade hot topics for IT management in the twenty-teens.
Prepared by Natalie Rose1 Managing Information Resources, Control and Security Lecture 9.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation.
Hurdles in implementation of cyber security in India.
MVHS Career Night 2015 Information Security. Agenda What is Information and Security. Industry Standards Job Profiles Certifications Tips.
Raya for Information Technology. About US  Raya IT, established in 1998, operates in the field of systems integration and IT business solutions.  A.
Cyber Security : Indian perspective. 22 Internet Infrastructure in INDIA.
ARAMA TECH D A T A P R O T E C T I O N P R O F E S S I O N A L S VISION & STRATEGY.
MIS323 – Business Telecommunications Chapter 10 Security.
INFORMATION SECURITY AND CONTROL. SECURITY: l Deter l Detect l Minimize l Investigate l Recover.
1 Integrated Site Security Project Denise Heagerty CERN 22 May 2007.
Cyber Security – The Changing Landscape Erick Weber Department of Public Works Khaled Tawfik Cyber Security.
Securing Information Systems
Information Security Program
Chapter 17 Risks, Security and Disaster Recovery
Securing the Law Firm Myth vs. Reality vs. Practicality:
BUILDING A PRIVACY AND SECURITY PROGRAM FOR YOUR NON-PROFIT
Securing Information Systems
Infrastructure, Data Center & Managed Services
I have many checklists: how do I get started with cyber security?
PBA.
Validating Your Information Security Program (ISP 3 of 3)
Moving from “Bolt-on” to “Build-in” Security Controls
Contact Center Security Strategies
Cyber Risk & Cyber Insurance - Overview
The Most In-Demand Skills for Cloud Computing.
Security week 1 Introductions Class website Syllabus review
Information Services Security Management
National Information Assurance (NIA) Policy
Unit # 1: Overview of the Course Dr. Bhavani Thuraisingham
The state of digital supplier risk management: In partners we trust
Presentation transcript:

Changing global scenario of Information Security and its effects on Security testing By Anshul Abhang Founder Director, FLUXONIX CEH, CHFI, ECSA, LPT, DNV cVa, ECSP, EDRP, ECVP, ISO LA, SSCP, CISSP, DCL, PGDCL and some more

Evolution of cyber crime First crime registered was in Then came computers, then came smart computers, then came security. Today we have specialized departments handling cyber security. Software and security

Why now Are we at the brink of cyber war? Increased use of technology Upcoming standards Increased use of tools. (The google story) The Bubble

Security threats Financial crimes o Classic case of finsider attack Online gambling Web defacement bombing Denial of service Trojans and key loggers TEMPEST

Threats to upcoming technology Cloud Computing Mobile Security The Blackberry threat The application security????

Impact on our daily life Financial loss and the accepted threat Loss of goodwill in the market CHAOS (The integrated networks)

SDLC

Typical Iterative development life cycle

9

Standards ISO PCI – DSS Software Assurance standards

Security Testing Application Security Review Application Security Assessment Application Security Secure Network Architecture & System Integration Network Security Managed Operations Network & System Security Security Management Reviews & Risk Assessment Security Policy & Process Development & Implementation ISO27001 Consulting Security Governance & Compliance BCM & ITDR Consulting BCM Compliance Services Business Continuity / Disaster Recovery Consulting & System Integration Support & Maintenance Identity & Access Management Professional Services Remote Security Operation Centre Managed Security Services

Tools Network Security testing tools nmap, nessus, foundstone tools, metasploit framework, Backtrack, Tsight, Core Impact, GFI LanGuard, your coding skills. Application Security testing tools Accunetix, webgoat, OWASP top 10, FBI top 20, SANS, IBM Rational Appscan, HP web Inspect Patch Management or remidiation

Magic wands of security Encryption (Tunneling) SSL for Appsec Automated patch management

The “SECURE” world How much security is enough The FGF

THANK YOU

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.