Upload File

from zero to hero: building security from scratch...2018/08/30  · “from zero to hero” building...

  • Home
  • Documents
  • From Zero to Hero: Building security from scratch...2018/08/30  · “From ZERO to HERO” Building security from scratch Application Security Engineer - Logitech @AnGreagach Who
16
Anthi Gilligan “From ZERO to HERO” Building security from scratch Application Security Engineer - Logitech @AnGreagach

Upload: others

Post on 14-Jul-2020

1 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: From Zero to Hero: Building security from scratch...2018/08/30  · “From ZERO to HERO” Building security from scratch Application Security Engineer - Logitech @AnGreagach Who

Anthi Gilligan

“From ZERO to HERO” Building security from scratch

Application Security Engineer - Logitech

@AnGreagach

Page 2: From Zero to Hero: Building security from scratch...2018/08/30  · “From ZERO to HERO” Building security from scratch Application Security Engineer - Logitech @AnGreagach Who

Who I am and what I do

Page 3: From Zero to Hero: Building security from scratch...2018/08/30  · “From ZERO to HERO” Building security from scratch Application Security Engineer - Logitech @AnGreagach Who

The state of Infosec

Page 4: From Zero to Hero: Building security from scratch...2018/08/30  · “From ZERO to HERO” Building security from scratch Application Security Engineer - Logitech @AnGreagach Who

The “experts”

Page 5: From Zero to Hero: Building security from scratch...2018/08/30  · “From ZERO to HERO” Building security from scratch Application Security Engineer - Logitech @AnGreagach Who

Pitfall #1

Page 6: From Zero to Hero: Building security from scratch...2018/08/30  · “From ZERO to HERO” Building security from scratch Application Security Engineer - Logitech @AnGreagach Who

Pitfall #2

Page 7: From Zero to Hero: Building security from scratch...2018/08/30  · “From ZERO to HERO” Building security from scratch Application Security Engineer - Logitech @AnGreagach Who

Pitfall #3

Page 8: From Zero to Hero: Building security from scratch...2018/08/30  · “From ZERO to HERO” Building security from scratch Application Security Engineer - Logitech @AnGreagach Who

ENCRYPT OR

DIE!!!!!

Pitfall #4

Page 9: From Zero to Hero: Building security from scratch...2018/08/30  · “From ZERO to HERO” Building security from scratch Application Security Engineer - Logitech @AnGreagach Who

Policies, standards and tech specs

Page 10: From Zero to Hero: Building security from scratch...2018/08/30  · “From ZERO to HERO” Building security from scratch Application Security Engineer - Logitech @AnGreagach Who

Security Architecture

Page 11: From Zero to Hero: Building security from scratch...2018/08/30  · “From ZERO to HERO” Building security from scratch Application Security Engineer - Logitech @AnGreagach Who

Agree principles and objectives scope first…Security Architecture

Page 12: From Zero to Hero: Building security from scratch...2018/08/30  · “From ZERO to HERO” Building security from scratch Application Security Engineer - Logitech @AnGreagach Who

Security Architecture

Business RequirementsEnterprise Architecture• Goals• Rules• Requirements

Security Architecture• Laws and regulations• Standards• ISMS

Ask the business+Ask the World!

Ask the business

Page 13: From Zero to Hero: Building security from scratch...2018/08/30  · “From ZERO to HERO” Building security from scratch Application Security Engineer - Logitech @AnGreagach Who

Some principles of Security Architecture

Security and privacy by design Security controls appropriate to risk

Defence in depth

Audit significant activities

Ensure accountability

Identify the weakest link

By invitation only

Design using security standards

Least Privilege

Secure SDLC

Page 14: From Zero to Hero: Building security from scratch...2018/08/30  · “From ZERO to HERO” Building security from scratch Application Security Engineer - Logitech @AnGreagach Who

Simplify and standardise Mutual authentication

Fidelity of environments

Remote log file collection

E2E technology lifecycle

Inbound interactive connections

Don’t trust… prove!

Inbound interactive high-risk users

Protect the data

Secure recovery

Some (more) principles of Security Architecture

Page 15: From Zero to Hero: Building security from scratch...2018/08/30  · “From ZERO to HERO” Building security from scratch Application Security Engineer - Logitech @AnGreagach Who

YOU!

Page 16: From Zero to Hero: Building security from scratch...2018/08/30  · “From ZERO to HERO” Building security from scratch Application Security Engineer - Logitech @AnGreagach Who

Question Time!

Coffee = 1 question

Beer = 2 questions

Gin = Let’s talk at the bar ☺

@AnGreagach


Scratch-proofing - European Coatings Journal · Scratch-proofing Towards a standard scratch resistance test for parquet coatings. Rico Emmler, Rolf Nothhelfer-Richter. Scratch resistance

SEC304 Building Security from Scratch - AWS re: Invent 2012

Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLock

Walker Evans: Starting from Scratch - Introduction...2 walker evans: starting from scratch photographers who worked at the time (1930s) for the Farm Security Administration (FSA) (1977):

SECRET HERO SOCIETYSECRET HERO SOCIETYT · SECRET HERO SOCIETYSECRET HERO SOCIETYT SCHOLASTIC INC. ... 9780545876841_interior_epdf.pdf Author: daniekli

LEADERSHIP The Mask of Command PEOPLE - military.ie€¦ · An Unsung Hero "An Unsung Hero ... This book investigates domestic security and national defence in Ireland and describes

MIT Media Lab 25 Years of Inventions · Guitar Hero Electronic Ink Minority Report Scratch LEGO Mindstorms NEXI RoboScooter Powered Ankle Foot Prosthesis. forever imagine program

Unit 3 – Scratch Scratch – Simple Programming Creating Shapes

V Forge Contents - Amazon Web Services...Scratch - stop Scratch - switchthaclock1 Scratch - take1 Scratch - take2 Scratch - thesebeats1 Scratch - thesebeats2 Scratch - thesebeats3

Module 5 - Scratch 5... · Module 5 Revision with Scratch Cards Lesson 1 Scratch Cards – Easy Students revise some basic Scratch ideas using 5 Scratch Cards, including movement,

Email Security is a high performance email security ... › hubfs › 2017 › Recursos...Anubis is a high performance email security service designed from scratch to address the specific

Author: Scratch! Scratch! Scratch!...Manu tries and tries not to SCRATCH! SCRATCH! She plays snakesand ladders. She dreams up many stories. She forgets to SCRATCH! SCRATCH! 11/13 Slowly,

What is Scratch? Why use Scratch in the Classroom? Getting Started with Scratch? Scratch Examples Create

Scratch off inks - Flint Group · Scratch off inks •Water based flexo silver & black •Standard pliable scratch off •System: Hidden message –release barrier –scratch off

WHAT IS A HERO?. What is a hero? BRAINSTORM HERO ATTRIBUTES

From zero to hero - building company awareness from scratch

Data Protection Manager – Rescue data like a hero! INF313 Level 300 Data Protection Manager – Rescue data like a hero! Amit Gatenyo Infrastructure & Security

1 Copyright 2011 Hero Security & Surveillance, Inc. Mesquite Solar Energy Plant Security & Surveillance Plan By Brian Levy

Scripture Hero Bingo… · Scripture Hero BingoScripture Hero Bingopture Hero Bingo Abish Captain Moroni Lehi Ammon David Joshua Scripture Hero Bingo Scripture Hero Bingo Abinadi

INTRODUCTION TO SCRATCH. About Me Resources Scratch Website Learn Scratch Washington-Lee Computer

From scratch... with Scratch

Scratch для детей. Самоучитель по программированию ... · Scratch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

Programming Scratch for Primary Schools - PenguinTutor · Scratch for Primary School Teachers Programming Scratch for Primary Schools

What is Scratch? Scratch as Logo

Meet Today’s ENG HERO! · 22 hours ago · Twinkle Twinkle Little Scratch Grade SK-2 Meet Today’s ENG HERO! Abdelkader Ouda - Associate Professor with Western Engineering Dr

Scratch Training Part Ileonghw/Outreach/2010-05-Scratch/Scratch-CXA-2010-P1.pdfOutline • About CXA Junior Category • Introduction to Scratch & Quick Demo • Scratch Training (Part

Functionality, security and performance monitoring of web assets (e.g. Joomla, Wordpress,built from scratch)

Hero, Anti-Hero and Vilanians

Building Cloud Security from Scratch

TeamUnify...MELISSA GRISWOLD, HOLLIE Girls Pree Senior 24.Ø2 JERRY 187 .34 .38 .39 42 47 .51 69 95 31. 13 31. 31 .95 32. Scratch Scratch Scratch Scratch Scratch Scratch Scratch Scratch

RMH Security Guide - Retail Management Hero (RMH)Retail Management Hero Security – Role Based Access Overview Role-based access control in Retail Management Hero (RMH) regulates

Scratch Programming Lesson 7 Create a Scratch Cartoon Part Ixshallwelearn.com/blog/stories/Scratch Programming Lesson 7 Creat… · SCRATCH PROGRAMMING Lesson 7: Create a Cartoon

HERO Org Chart Jun2013 - HERO Products Group - Colorant ... to HERO/HERO/HERO Org Chart Jun 2013.pdf · HEAD OFFICE: HERO Products Group I.C.T.C. Holdings Corporation 720 Eaton Way,

N:ER'O lÄho MY HERO Ja.: LAS MY HERO • .MY HERO Project … · 2012-06-21 · N:ER'O lÄho MY HERO Ja.: LAS MY HERO • .MY HERO Project The MY HERO Project 1278 Glenneyre #286

Amaral Guitar Hero DJ Hero