Presentation is loading. Please wait.

Presentation is loading. Please wait.

Changing global scenario of Information Security and its effects on Security testing By Anshul Abhang Founder Director, FLUXONIX CEH, CHFI, ECSA, LPT,

Published byJonas Elliott Modified over 9 years ago

Similar presentations

Presentation on theme: "Changing global scenario of Information Security and its effects on Security testing By Anshul Abhang Founder Director, FLUXONIX CEH, CHFI, ECSA, LPT,"— Presentation transcript:

1 Changing global scenario of Information Security and its effects on Security testing By Anshul Abhang Founder Director, FLUXONIX CEH, CHFI, ECSA, LPT, DNV cVa, ECSP, EDRP, ECVP, ISO 27001 LA, SSCP, CISSP, DCL, PGDCL and some more

2 Evolution of cyber crime First crime registered was in 1820. Then came computers, then came smart computers, then came security. Today we have specialized departments handling cyber security. Software and security

3 Why now Are we at the brink of cyber war? Increased use of technology Upcoming standards Increased use of tools. (The google story) The Bubble

4 Security threats Financial crimes o Classic case of finsider attack Online gambling Web defacement Email bombing Denial of service Trojans and key loggers TEMPEST

5 Threats to upcoming technology Cloud Computing Mobile Security The Blackberry threat The application security????

6 Impact on our daily life Financial loss and the accepted threat Loss of goodwill in the market CHAOS (The integrated networks)

7 SDLC

8 Typical Iterative development life cycle

9 9

10 Standards ISO 27001 PCI – DSS Software Assurance standards

11 Security Testing Application Security Review Application Security Assessment Application Security Secure Network Architecture & System Integration Network Security Managed Operations Network & System Security Security Management Reviews & Risk Assessment Security Policy & Process Development & Implementation ISO27001 Consulting Security Governance & Compliance BCM & ITDR Consulting BCM Compliance Services Business Continuity / Disaster Recovery Consulting & System Integration Support & Maintenance Identity & Access Management Professional Services Remote Security Operation Centre Managed Security Services

12 Tools Network Security testing tools nmap, nessus, foundstone tools, metasploit framework, Backtrack, Tsight, Core Impact, GFI LanGuard, your coding skills. Application Security testing tools Accunetix, webgoat, OWASP top 10, FBI top 20, SANS, IBM Rational Appscan, HP web Inspect Patch Management or remidiation

13 Magic wands of security Encryption (Tunneling) SSL for Appsec Automated patch management

14 The “SECURE” world How much security is enough The FGF

15 THANK YOU

Download ppt "Changing global scenario of Information Security and its effects on Security testing By Anshul Abhang Founder Director, FLUXONIX CEH, CHFI, ECSA, LPT,"

Similar presentations

PENETRATION TESTING Presenters:Chakrit Sanbuapoh Sr. Information Security MFEC.

PENETRATION TESTING Presenters:Chakrit Sanbuapoh Sr. Information Security MFEC.
Cloud computing security related works in ITU-T SG17

Cloud computing security related works in ITU-T SG17
Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.

Security, Privacy and the Cloud Connecticut Community Providers’ Association June 20, 2014 Steven R Bulmer, VP of Professional Services.
Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch
1 Telstra in Confidence Managing Security for our Mobile Technology.

1 Telstra in Confidence Managing Security for our Mobile Technology.
Security Controls – What Works

Security Controls – What Works
Planning and Managing Information Security Randall Sutton, President Elytra Enterprises Inc. April 4, 2006.

Planning and Managing Information Security Randall Sutton, President Elytra Enterprises Inc. April 4, 2006.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.

Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.
“Today over 70% of attacks against a company’s network come at the ‘Application Layer’ not the Network or System layer.” - Gartner Is Your Web Application.

“Today over 70% of attacks against a company’s network come at the ‘Application Layer’ not the Network or System layer.” - Gartner Is Your Web Application.
Information Security Risk Management

Information Security Risk Management
Maintaining & Reviewing a Web Application’s Security By: Karen Baldacchino Date: 15 September 2012.

Maintaining & Reviewing a Web Application’s Security By: Karen Baldacchino Date: 15 September 2012.
Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.

Alter – Information Systems 4th ed. © 2002 Prentice Hall 1 E-Business Security.
The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions 631-692-5175 Steve Katz, CISSP Security.

The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.
Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.

Cybercrime Outlook on African banks Adwo Heintjes Global Head IT Audit & Ops Rabobank.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
PBA. Observations  Growth, projects, busy-ness –Doing an incredible amount of work  Great Quality of work  Concern about being perfect  Attitudes.

PBA. Observations  Growth, projects, busy-ness –Doing an incredible amount of work  Great Quality of work  Concern about being perfect  Attitudes.
Securing Information Systems

Securing Information Systems
SEC835 Database and Web application security Information Security Architecture.

SEC835 Database and Web application security Information Security Architecture.

Similar presentations

Ads by Google