changing global scenario of information security and its effects on security testing by anshul...

Report

Tags:

Post on 12-Jan-2016

222 Views

Category:

Documents

0 Downloads

Preview:

Click to see full reader

TRANSCRIPT

Changing global Changing global scenario of scenario of

Information Security Information Security and its effects on and its effects on Security testingSecurity testing

By Anshul AbhangFounder Director, FLUXONIX

CEH, CHFI, ECSA, LPT, DNV cVa, ECSP, EDRP, ECVP, ISO 27001 LA, SSCP, CISSP, DCL, PGDCL and some

more

Evolution of cyber Evolution of cyber crimecrime

• First crime registered was in 1820.

• Then came computers, then came smart computers, then came security.

• Today we have specialized departments handling cyber security.

• Software and security

Why nowWhy now• Are we at the brink of cyber war?

• Increased use of technology

• Upcoming standards

• Increased use of tools. (The google story)

• The Bubble

Security threatsSecurity threats• Financial crimes

o Classic case of finsider attack

• Online gambling• Web defacement• Email bombing• Denial of service• Trojans and key loggers• TEMPEST

Threats to upcoming Threats to upcoming technologytechnology

• Cloud Computing

• Mobile Security

• The Blackberry threat

• The application security????

Impact on our daily Impact on our daily lifelife

• Financial loss and the accepted threat

• Loss of goodwill in the market

• CHAOS (The integrated networks)

SDLCSDLC

Typical Iterative Typical Iterative development life cycledevelopment life cycle

9

Typical Iterative Typical Iterative development life cycledevelopment life cycle

StandardsStandards

• ISO 27001

• PCI – DSS

• Software Assurance standards

Security TestingSecurity Testing

ToolsTools• Network Security testing tools

nmap, nessus, foundstone tools, metasploit framework, Backtrack, Tsight, Core Impact, GFI LanGuard, your coding skills.

• Application Security testing toolsAccunetix, webgoat, OWASP top 10, FBI top 20, SANS, IBM Rational Appscan, HP web Inspect

Patch Management or remidiation

Magic wands of Magic wands of securitysecurity

• Encryption (Tunneling)

• SSL for Appsec

• Automated patch management

The “SECURE” worldThe “SECURE” world

• How much security is enough

• The FGF

THANK YOUTHANK YOU

top related

anshul thesis
Documents
anshul ppt
Documents
saint eknath abhang
Documents
sepm anshul
Documents
chfi: computer hacking forensic investigator
Documents
geeta geetai and abhang dnyaneshwari
Documents
anshul narula-2
Documents
anshul presentation
Documents
final anshul 19515
Documents
anshul enterprises delhi india
Documents
anshul saxena
Documents
project report anshul
Documents
ebook anshul goyal
Documents
anshul bisleri
Documents
abhang dhara 1 -10
Documents
anshul trans rejection
Health & Medicine
anshul witricity seminar
Documents
47 processes anshul
Documents
anshul bhel
Documents
chfi candidate handbook v5 - cert.eccouncil.org
Documents