39

Building securable infrastructures

Embed Size (px)

Citation preview

Page 1: Building securable infrastructures
Page 2: Building securable infrastructures

1.

(YOUR MAIN PAY CHECK COMES FROM SECURITY WORK?)

2.

3.

4.

Page 3: Building securable infrastructures
Page 4: Building securable infrastructures

Page 5: Building securable infrastructures
Page 6: Building securable infrastructures
Page 7: Building securable infrastructures
Page 8: Building securable infrastructures

24TH MAY 2013

http://www.theregister.co.uk/2013/05/24/
Page 9: Building securable infrastructures

HTTP://WWW.TED.COM/TALKS/BRUCE_SCHNEIER.HTML

HTTP://WWW.YOUTUBE.COM/WATCH?V=NMV6MEXCKQO

http://www.ted.com/talks/bruce_schneier.html
http://www.youtube.com/watch?v=NMV6MexCKQo
Page 10: Building securable infrastructures

60 BILLION DOLLARS

Page 11: Building securable infrastructures
Page 12: Building securable infrastructures
Page 13: Building securable infrastructures
Page 14: Building securable infrastructures
Page 15: Building securable infrastructures
Page 16: Building securable infrastructures
Page 17: Building securable infrastructures

Cool Jobs Lame Jobs

PEN TESTER PATCH MGMT

RUN IDS/IPS, or HONEY POTS LOG REVIEW

INCIDENT RESPONSE BACKUPS

QSA (kinda cool???) AUDITOR

Page 18: Building securable infrastructures
Page 19: Building securable infrastructures
Page 20: Building securable infrastructures
Page 21: Building securable infrastructures
Page 22: Building securable infrastructures

HTTP://WWW.THEREGISTER.CO.UK/2011/09/28/WINDOW_MALWARE_INFECTION_EXPOSED/

http://www.theregister.co.uk/2011/09/28/window_malware_infection_exposed/
Page 23: Building securable infrastructures

HTTP://SEARCHSECURITY.TECHTARGET.COM/DEFINITION/ATTACK-VECTOR

http://searchsecurity.techtarget.com/definition/attack-vector
Page 24: Building securable infrastructures

DATA

Page 25: Building securable infrastructures

True story

Page 26: Building securable infrastructures

<3

Page 27: Building securable infrastructures
Page 28: Building securable infrastructures

Classification Description

Sensitive Data that is to have the most limited access and requires

a high degree of integrity. Most damage to the

organization should it be disclosed

Confidential Might cause damage if disclosed

Private Might not do the company damage but must be keep

private for other reasons

Proprietary Disclosed outside the company on a limited basis

Public Public data least sensitive

Page 29: Building securable infrastructures
Page 30: Building securable infrastructures

Page 31: Building securable infrastructures
Page 32: Building securable infrastructures

HTTP://CISCOBASICS.BLOGSPOT.COM/2010/04/TIME-BASED-ACCESS-CONTROL-LISTS.HTML

HTTP://TECHNET.MICROSOFT.COM/EN-US/LIBRARY/CC781861(V=WS.10).ASPX

http://ciscobasics.blogspot.com/2010/04/time-based-access-control-lists.html
http://technet.microsoft.com/en-us/library/cc781861(v=ws.10).aspx
Page 33: Building securable infrastructures
Page 34: Building securable infrastructures

CHEAP FREE

HTTP://WWW.TECHOTOPIA.COM/INDEX.PHP/AUDITING_WINDOWS_SERVER_2008_FILE_AND_FOLDER_ACCESS

HTTP://WWW.WINDOWSECURITY.COM/ARTICLES-TUTORIALS/AUTHENTICATION_AND_ENCRYPTION/ATTACHING-TASKS-EVENT-

VIEWER-LOGS-EVENTS.HTML

http://www.techotopia.com/index.php/Auditing_Windows_Server_2008_File_and_Folder_Access
http://www.windowsecurity.com/articles-tutorials/authentication_and_encryption/Attaching-Tasks-Event-Viewer-Logs-Events.html
Page 35: Building securable infrastructures
Page 36: Building securable infrastructures
Page 37: Building securable infrastructures

•HTTP://OVERWORKEDADMIN.COM/

•HTTP://WINSRVTUTS.COM/2011/10/99-PERCENT-MORE-SECURE/

•HTTP://WINSRVTUTS.COM/2011/12/CONFIGURE-WINDOWS-FOR-SYSLOG-USING-SNARE/

•HTTP://WINSRVTUTS.COM/2012/08/CONFIGURE-FAILED-LOGIN-WARNINGS-WITH-WINDOWS-POWERSHELL/

http://overworkedadmin.com/
http://winsrvtuts.com/2011/10/99-percent-more-secure/
http://winsrvtuts.com/2011/12/configure-windows-for-syslog-using-snare/
http://winsrvtuts.com/2012/08/configure-failed-login-warnings-with-windows-powershell/
Page 38: Building securable infrastructures

Page 39: Building securable infrastructures

[email protected]

mailto:[email protected]

Continuous modeling - automating model building on high-performance e-Infrastructures

Continuous modeling - automating model building on high-performance e-Infrastructures

Science
Abstracts: Building infrastructures for archives in a digital world

Abstracts: Building infrastructures for archives in a digital world

Education
Building infrastructures for Peace · 1 Building Infrastructures for Peace The Role of Liaison Offices in Myanmar’s Peace Process A CPCS Learning Paper By Quinn Davis

Building infrastructures for Peace · 1 Building Infrastructures for Peace The Role of Liaison Offices in Myanmar’s Peace Process A CPCS Learning Paper By Quinn Davis

Documents
P. Doorn (DANS Netherlands) - Building Data Infrastructures for Humanities

P. Doorn (DANS Netherlands) - Building Data Infrastructures for Humanities

Education
Building Spatial Data Infrastructures for Spatial Planning in Africa: Lagos experience

Building Spatial Data Infrastructures for Spatial Planning in Africa: Lagos experience

Data & Analytics
Windows Server 2008 Building High Availability Infrastructures

Windows Server 2008 Building High Availability Infrastructures

Documents
You’re Not Done (Yet) Turning Securable Applications into Secure Installations using SCAP

You’re Not Done (Yet) Turning Securable Applications into Secure Installations using SCAP

Documents
International Network of Health Promotion Foundations Capacity Building – sustainable financing and infrastructures for HP

International Network of Health Promotion Foundations Capacity Building – sustainable financing and infrastructures for HP

Documents
The best platform for building cloud infrastructures Ralf von Gunten Sr. Systems Engineer VMware

The best platform for building cloud infrastructures Ralf von Gunten Sr. Systems Engineer VMware

Documents
1 Building Automated Infrastructures Adam Jacob Senior Partner HJK Solutions adam@hjksolutions.com

1 Building Automated Infrastructures Adam Jacob Senior Partner HJK Solutions [email protected]

Documents
1 European Commission - DG INFSO Unit “GÉANT and e-Infrastructures” e-Infrastructures fostering the building of Global Virtual Research Communities e-IRG

1 European Commission - DG INFSO Unit “GÉANT and e-Infrastructures” e-Infrastructures fostering the building of Global Virtual Research Communities e-IRG

Documents
Building robust private cloud services infrastructures

Building robust private cloud services infrastructures

Documents
Building Successful Infrastructures: Lessons Learned in Achieving and Measuring Success

Building Successful Infrastructures: Lessons Learned in Achieving and Measuring Success

Documents
Building Campus HTC Sharing Infrastructures Derek Weitzel University of Nebraska – Lincoln (Open Science Grid Hat)

Building Campus HTC Sharing Infrastructures Derek Weitzel University of Nebraska – Lincoln (Open Science Grid Hat)

Documents
Building National Infrastructures for Peace in Africa ...emmanuelkotia.com/wp-content/uploads/2015/09/Building-National... · Building National Infrastructures for Peace in ... the

Building National Infrastructures for Peace in Africa ...emmanuelkotia.com/wp-content/uploads/2015/09/Building-National... · Building National Infrastructures for Peace in ... the

Documents
CORBEL –Coordinated Research Infrastructures Building Enduring Life ... · CORBEL–Coordinated Research Infrastructures Building Enduring Life-science Services ! Common%infrastructure%services%supporting%biomedical%research%!

CORBEL –Coordinated Research Infrastructures Building Enduring Life ... · CORBEL–Coordinated Research Infrastructures Building Enduring Life-science Services ! Common%infrastructure%services%supporting%biomedical%research%!

Documents
Building and sustaining data infrastructures: putting ... · This report describes the personal view of the author on the topic of building and sustaining data infrastructures. In

Building and sustaining data infrastructures: putting ... · This report describes the personal view of the author on the topic of building and sustaining data infrastructures. In

Documents
Building Large-Scale Stream Infrastructures Across Multiple Data Centers with Apache Kafka

Building Large-Scale Stream Infrastructures Across Multiple Data Centers with Apache Kafka

Technology
SAFETY OF BUILDING CRITICAL INFRASTRUCTURES AND …

SAFETY OF BUILDING CRITICAL INFRASTRUCTURES AND …

Documents
European Research Infrastructures (including e-Infrastructures)

European Research Infrastructures (including e-Infrastructures)

Documents
Building infrastructures for workplace health promotion in enlarging Europe

Building infrastructures for workplace health promotion in enlarging Europe

Documents
Chapter 14 Building E-Commerce Applications and Infrastructures

Chapter 14 Building E-Commerce Applications and Infrastructures

Documents
PcVue Inc. - HMI SCADA Building Management …...HMI SCADA Building Management System INDUSTRIAL FACILITIES, DATA CENTERS, OFFICE BUILDINGS, UNIVERSITIES, TRANSPORTATION INFRASTRUCTURES,

PcVue Inc. - HMI SCADA Building Management …...HMI SCADA Building Management System INDUSTRIAL FACILITIES, DATA CENTERS, OFFICE BUILDINGS, UNIVERSITIES, TRANSPORTATION INFRASTRUCTURES,

Documents
Exane BNP Paribas Building Materials & Infrastructures XX

Exane BNP Paribas Building Materials & Infrastructures XX

Documents
Building data infrastructures for science

Building data infrastructures for science

Technology
Building software by feature with immutable infrastructures on AWS

Building software by feature with immutable infrastructures on AWS

Internet
Antons Kranga Building Agile Infrastructures

Antons Kranga Building Agile Infrastructures

Technology
Building Data Sharing Infrastructures - OPRE · Building Data Sharing Infrastructures at the State Level Context, Stakeholders, Technology Aaron D. Schroeder, Ph.D. Senior Data Scientist,

Building Data Sharing Infrastructures - OPRE · Building Data Sharing Infrastructures at the State Level Context, Stakeholders, Technology Aaron D. Schroeder, Ph.D. Senior Data Scientist,

Documents
Building Environmental Monitoring Infrastructures · Building Environmental Monitoring Infrastructures (EMI) EMI -The Past • From sites such as these. ... •Data presentation •Control

Building Environmental Monitoring Infrastructures · Building Environmental Monitoring Infrastructures (EMI) EMI -The Past • From sites such as these. ... •Data presentation •Control

Documents
Building Security Assurance in Open Infrastructures

Building Security Assurance in Open Infrastructures

Documents