1. The OWASP Foundationhttp://www.owasp.orgCyber Security: An OverviewBrad Carvalhome@bradcarvalho.comTwitter: @bradcarvalho

2. Brad Carvalho Cyber Security Engineer at Aerstone Senior at MSU Denver OWASP Boulder chapter member SnowFROC Conference Committee Blah Blah Blah.Did I establish enough credibility?

3. Cyber Attacks Private Sector3

4. 4Nation States at Cyber War

5. 5Its overwhelming!

6. 6Impacts are very serious

7. 7Even more serious

8. Stuxnet Targeted Irans Uraniumenrichment plants Increased centrifugesoperating speeds whilereporting back normalvalues to the C&C center Self replicated via USB Believed to be created by ajoin venture between theU.S and Israel.8

9. Flame Cyber Espionage Tool Screenshots, keyboardactivity and network traffic Records Skypeconversations Operated by command andcontrol servers Could update itself with newmalware or attack vectors Believed to be created byU.S and Israel9

10. LinkedIn Over 6.5 million passwordhashes recovered Over 4 million of those havealready been cracked. (as 6months ago) Used an outdated hashingalgorithm to storepasswords (MD5) Did not salt their passwordhashes (makes themsusceptible to rainbowattacks) SQL injection!10

11. 11What can be done?

12. Improve Security Architecture Web Application Firewalls Intrusion Detection Systems Log Monitoring Embrace the cloud Automate everything!12

13. 13Application Security

14. 14Personal SecurityKeePass EncryptedPassword store Andriod and IOSversions1Password 1-click open Online shoppingcredentials Not free Android and IOSversionsPasswordSafe Autotype Clear Layout Free!

15. 15Education and OutreachMSU Denver Cyber Security Team

16. 16Opportunities Internships Pentesters Application Security Analysts SOC (Security Operations Center) Analysts DevOps Engineers (security focused) Network Security Engineers Security Architects Sales Engineers (security focuses) Developers!

17. Questions?17