SlideShare uma empresa Scribd logo

Wim Remes SOURCE Boston 2011

Source Conference
Source Conference

Wim Remes SOURCE Boston 2011 Prezo Among the blind, the squinter rules. Security visualization in the field. @wimremes on twitter wremes-at-gmail-dot-com

Tecnologia
1 de 54
Among the blind, the squinter rules. Security visualization in the field
About me Wim Remes .Ernst and Young Belgium (ITRA FSO) .Incident Response/Analysis .Security Monitoring (SIEM) .Security Management .Eurotrash podcast .InfosecMentors .Brucon @wimremes on twitter wremes-at-gmail-dot-com
Disclaimer The opinions and ideas expressed in this talk are my own and are not endorsed by any corporate entity or church.
Agenda 1. please your audience 2. tools can [save|kill] your day 3. visualization hall of fail 4. tips & tricks 5. Let’s get to work
-1- please your audience
Changing the tune keeps people engaged picture by tochis :http://www.flickr.com/photos/tochis/
who’s that for ? Management Technical Historical Comparative (Near) Real Time Supporting Decisions More complex & Business Objectives Facilitating the job Clear & Concise Actionable! Actionable ! 42
you’re the designer
Zen master of data visualization Edward Tufte data can be beautiful! data should be beautiful!
Dashboard design guru Stephen Few “The sad thing about dancing bearware is that most people are quite satisfied with the lumbering beast.” Alan Cooper, 1999, the inmates are running the asylum.
-2- Tools can [save|kill] your day
What tools can I use ? cool kids use this (not!)
What tools can I use ? - Desktop - Server
Security tools will help ... PS : export to CSV works well ... try it for a 5000+ host network ;)
credit where credit is due ...
this is going in the right direction...
Open source it is then ... grep sed awk perl ... http://www.secviz.org kudos to @zrlram
-3- visualization hall of fail
PIE, it’s what’s in your face
whoa, I take the biggest piece !
sometimes however, they rock ...
to explain simple stuff ;-)
“if bullet points are the obvious killers, pie charts are shurikens”
Even the best can fail...
3D ?
failing in style ...
playing hide and seek ?
we have to raise the bar or maybe not ...
Sometimes it’s easy ... a 21st century bar(r) chart
-4- tips & tricks
sparklines (aka datawords)
Infographs 5 6 7 8 9 10 11 12 13 courtesy of ZoneAlarm (by Checkpoint)
choose your chart wisely http://www.flickr.com/photos/amit-agarwal/3196386402/
Get data from external sources - osvdb.org - datalossdb.org - various industry reports - Verizon DBIR - EY GISS - Trustwave, McAfee, Symantec, ... - virustotal.com - cvedetails.com context creates clarity
让我们作的更好 (let’s make things better) Vulnerabilities by Severity Level 5 3D? 4 3 2 1 0 25 50 75 100 compared to ? last year? last month?
Messy Dashboards (1/5)
Messy Dashboards (2/5) network status
Messy Dashboards (3/5) 1500 Events/Second 1125 750 375 0 12:00 12:10 12:20 12:30 12:40 12:50 13:00
Messy Dashboards (4/5) Top attackers 10.10.10.10 192.168.10.234 172.30.12.15 8.8.8.8 Top targets 172.16.12.30 172.16.12.15 172.16.12.230 172.16.12.120
Messy Dashboards (5/5) Local Network - Inbound bytes 4000 3000 2000 1000 0 9:00 10:00 11:00 12:00 13:00
server health network status Windows Unix Network 1500 Events/Second Major Events 1125 worms 750 portscans 375 failed logins 0 FTP 12:00 12:10 12:20 12:30 12:40 12:50 13:00 0 15 30 45 60 Top attackers Top targets 10.10.10.10 172.16.12.30 192.168.10.234 172.16.12.15 172.30.12.15 172.16.12.230 8.8.8.8 172.16.12.120 Local Network - Inbound bytes 4000 3000 2000 1000 0 9:00 10:00 11:00 12:00 13:00
3,1415926535897932384626433832
Blink...Understand DE CN US NL US US BE Great Lakes KEYWEB TimeNet VolumeDrive EuroAccess RoadRunner ISPSYSTEM-AS Comnet AS
Ok, we can still say it with pie NL CN BE DE US
-5- let’s get to work
Davix | gltail ruby | real time | logs http://www.fudgie.org/ http://dataviz.com.au/blog/Visualizing_VOIP_attacks.html
Davix | afterglow credit: David Bernal Michelena http://www.honeynet.org/challenges/2010_5_log_mysteries
Burpdot http://un-excogitate.org/
Google Charts API http://code.google.com/apis/chart/ http://search.cpan.org/dist/URI-GoogleChart/
Google Visualization API
Google Visualization API Nevada;7526;6/11/10;Theft;Network Server Texas;600;5/29/10;Theft;Network Server California;1000;5/25/10 and 5/26/2010;Other;Paper Arizona;5893;5/15/10;Theft;Laptop Kansas;1105;5/12/10;Theft;Laptop South Carolina;653;5/09/10;Theft;Laptop Texas;4083;5/04/10;Improper Disposal;Paper Records Maryland;937;5/03/10;Other;E-mail Michigan;2300;5/02/10;Theft;Laptop New York;1020;4/30/10;Theft, Unauthorized Access;Laptop, Desktop Computer, ... http://code.google.com/apis/ajax/playground/? type=visualization#tree_map
jquery libraries (almost) CC BY-NC 3.0 (To the cloud !)
Conclusions - We need data standardization badly - Understand your data - We need to think outside the box - There’s more to visualization than pie charts - There’s tools out there: use them wisely
Thank you wremes@gmail.com - @wimremes

Recomendados

Security Visualization - State of 2010 and 2011 Predictions
Security Visualization - State of 2010 and 2011 PredictionsSecurity Visualization - State of 2010 and 2011 Predictions
Security Visualization - State of 2010 and 2011 PredictionsRaffael Marty
 
Security Research2.0 - FIT 2008
Security Research2.0 - FIT 2008Security Research2.0 - FIT 2008
Security Research2.0 - FIT 2008Raffael Marty
 
Cyber Security – How Visual Analytics Unlock Insight
Cyber Security – How Visual Analytics Unlock InsightCyber Security – How Visual Analytics Unlock Insight
Cyber Security – How Visual Analytics Unlock InsightRaffael Marty
 
The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?Raffael Marty
 
Visualizing Threats: Network Visualization for Cyber Security
Visualizing Threats: Network Visualization for Cyber SecurityVisualizing Threats: Network Visualization for Cyber Security
Visualizing Threats: Network Visualization for Cyber SecurityCambridge Intelligence
 
AfterGlow
AfterGlowAfterGlow
AfterGlowRaffael Marty
 
Visualization for Security
Visualization for SecurityVisualization for Security
Visualization for SecurityRaffael Marty
 
Security Visualization - Let's Take A Step Back
Security Visualization - Let's Take A Step BackSecurity Visualization - Let's Take A Step Back
Security Visualization - Let's Take A Step BackRaffael Marty
 

Recomendados

Security Visualization - State of 2010 and 2011 Predictions
Security Visualization - State of 2010 and 2011 PredictionsSecurity Visualization - State of 2010 and 2011 Predictions
Security Visualization - State of 2010 and 2011 PredictionsRaffael Marty
 
Security Research2.0 - FIT 2008
Security Research2.0 - FIT 2008Security Research2.0 - FIT 2008
Security Research2.0 - FIT 2008Raffael Marty
 
Cyber Security – How Visual Analytics Unlock Insight
Cyber Security – How Visual Analytics Unlock InsightCyber Security – How Visual Analytics Unlock Insight
Cyber Security – How Visual Analytics Unlock InsightRaffael Marty
 
The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?The Heatmap
 - Why is Security Visualization so Hard?
The Heatmap
 - Why is Security Visualization so Hard?Raffael Marty
 
Visualizing Threats: Network Visualization for Cyber Security
Visualizing Threats: Network Visualization for Cyber SecurityVisualizing Threats: Network Visualization for Cyber Security
Visualizing Threats: Network Visualization for Cyber SecurityCambridge Intelligence
 
AfterGlow
AfterGlowAfterGlow
AfterGlowRaffael Marty
 
Visualization for Security
Visualization for SecurityVisualization for Security
Visualization for SecurityRaffael Marty
 
Security Visualization - Let's Take A Step Back
Security Visualization - Let's Take A Step BackSecurity Visualization - Let's Take A Step Back
Security Visualization - Let's Take A Step BackRaffael Marty
 
SecurityPI - Hardening your IoT endpoints in Home.
SecurityPI - Hardening your IoT endpoints in Home. SecurityPI - Hardening your IoT endpoints in Home.
SecurityPI - Hardening your IoT endpoints in Home. LinuxCon ContainerCon CloudOpen China
 
Ride the Light
Ride the LightRide the Light
Ride the LightMichelle Davies (Hryvnak)
 
IBM Enterprise 2014 - System z Technical University - Preliminary Agenda
IBM Enterprise 2014 - System z Technical University - Preliminary Agenda IBM Enterprise 2014 - System z Technical University - Preliminary Agenda
IBM Enterprise 2014 - System z Technical University - Preliminary Agenda Casey Lucas
 
IoThings you don't even need to hack
IoThings you don't even need to hackIoThings you don't even need to hack
IoThings you don't even need to hackSlawomir Jasek
 
Belfast JUG, SIMD (Vectorial) Operations
Belfast JUG, SIMD (Vectorial) OperationsBelfast JUG, SIMD (Vectorial) Operations
Belfast JUG, SIMD (Vectorial) OperationsHudson Mendes
 
Layer one 2011-gh0stwood-d-dos-attacks
Layer one 2011-gh0stwood-d-dos-attacksLayer one 2011-gh0stwood-d-dos-attacks
Layer one 2011-gh0stwood-d-dos-attacksfangjiafu
 
2012: The End of the World?
2012: The End of the World?2012: The End of the World?
2012: The End of the World?Saumil Shah
 
DEF CON 27 - D4KRM4TTER MIKE SPICER - I know what you did last summer
DEF CON 27 - D4KRM4TTER MIKE SPICER - I know what you did last summerDEF CON 27 - D4KRM4TTER MIKE SPICER - I know what you did last summer
DEF CON 27 - D4KRM4TTER MIKE SPICER - I know what you did last summerFelipe Prado
 
Country domination - Causing chaos and wrecking havoc
Country domination - Causing chaos and wrecking havocCountry domination - Causing chaos and wrecking havoc
Country domination - Causing chaos and wrecking havocTiago Henriques
 
Debunking Information Security myths
Debunking Information Security mythsDebunking Information Security myths
Debunking Information Security mythsDan Houser
 
Lightning talks - Cyber Security Congres 2016
Lightning talks - Cyber Security Congres 2016Lightning talks - Cyber Security Congres 2016
Lightning talks - Cyber Security Congres 2016SURFnet
 
A Stuxnet for Mainframes
A Stuxnet for MainframesA Stuxnet for Mainframes
A Stuxnet for MainframesCheryl Biswas
 
Malware vs Big Data
Malware vs Big DataMalware vs Big Data
Malware vs Big DataFrank Denis
 
The Wondrous Curse of Interoperability
The Wondrous Curse of InteroperabilityThe Wondrous Curse of Interoperability
The Wondrous Curse of InteroperabilitySteve Loughran
 
A Technical Dive into Defensive Trickery
A Technical Dive into Defensive TrickeryA Technical Dive into Defensive Trickery
A Technical Dive into Defensive TrickeryDan Kaminsky
 
Beyond PHP - it's not (just) about the code
Beyond PHP - it's not (just) about the codeBeyond PHP - it's not (just) about the code
Beyond PHP - it's not (just) about the codeWim Godden
 
12251135 presentation
12251135 presentation12251135 presentation
12251135 presentationa5274015
 
presentation
presentationpresentation
presentationa5274015
 
Rapid Assessment of Web Resources (RAWR) - DerbyCon 3.0
Rapid Assessment of Web Resources (RAWR) - DerbyCon 3.0Rapid Assessment of Web Resources (RAWR) - DerbyCon 3.0
Rapid Assessment of Web Resources (RAWR) - DerbyCon 3.0Tom Moore
 
Attacker Ghost Stories - ShmooCon 2014
Attacker Ghost Stories - ShmooCon 2014Attacker Ghost Stories - ShmooCon 2014
Attacker Ghost Stories - ShmooCon 2014Rob Fuller
 
Million Browser Botnet
Million Browser BotnetMillion Browser Botnet
Million Browser BotnetSource Conference
 
iBanking - a botnet on Android
iBanking - a botnet on AndroidiBanking - a botnet on Android
iBanking - a botnet on AndroidSource Conference
 

Mais conteúdo relacionado

Semelhante a Wim Remes SOURCE Boston 2011

IBM Enterprise 2014 - System z Technical University - Preliminary Agenda
IBM Enterprise 2014 - System z Technical University - Preliminary Agenda IBM Enterprise 2014 - System z Technical University - Preliminary Agenda
IBM Enterprise 2014 - System z Technical University - Preliminary Agenda Casey Lucas
 
IoThings you don't even need to hack
IoThings you don't even need to hackIoThings you don't even need to hack
IoThings you don't even need to hackSlawomir Jasek
 
Belfast JUG, SIMD (Vectorial) Operations
Belfast JUG, SIMD (Vectorial) OperationsBelfast JUG, SIMD (Vectorial) Operations
Belfast JUG, SIMD (Vectorial) OperationsHudson Mendes
 
Layer one 2011-gh0stwood-d-dos-attacks
Layer one 2011-gh0stwood-d-dos-attacksLayer one 2011-gh0stwood-d-dos-attacks
Layer one 2011-gh0stwood-d-dos-attacksfangjiafu
 
2012: The End of the World?
2012: The End of the World?2012: The End of the World?
2012: The End of the World?Saumil Shah
 
DEF CON 27 - D4KRM4TTER MIKE SPICER - I know what you did last summer
DEF CON 27 - D4KRM4TTER MIKE SPICER - I know what you did last summerDEF CON 27 - D4KRM4TTER MIKE SPICER - I know what you did last summer
DEF CON 27 - D4KRM4TTER MIKE SPICER - I know what you did last summerFelipe Prado
 
Country domination - Causing chaos and wrecking havoc
Country domination - Causing chaos and wrecking havocCountry domination - Causing chaos and wrecking havoc
Country domination - Causing chaos and wrecking havocTiago Henriques
 
Debunking Information Security myths
Debunking Information Security mythsDebunking Information Security myths
Debunking Information Security mythsDan Houser
 
Lightning talks - Cyber Security Congres 2016
Lightning talks - Cyber Security Congres 2016Lightning talks - Cyber Security Congres 2016
Lightning talks - Cyber Security Congres 2016SURFnet
 
A Stuxnet for Mainframes
A Stuxnet for MainframesA Stuxnet for Mainframes
A Stuxnet for MainframesCheryl Biswas
 
Malware vs Big Data
Malware vs Big DataMalware vs Big Data
Malware vs Big DataFrank Denis
 
The Wondrous Curse of Interoperability
The Wondrous Curse of InteroperabilityThe Wondrous Curse of Interoperability
The Wondrous Curse of InteroperabilitySteve Loughran
 
A Technical Dive into Defensive Trickery
A Technical Dive into Defensive TrickeryA Technical Dive into Defensive Trickery
A Technical Dive into Defensive TrickeryDan Kaminsky
 
Beyond PHP - it's not (just) about the code
Beyond PHP - it's not (just) about the codeBeyond PHP - it's not (just) about the code
Beyond PHP - it's not (just) about the codeWim Godden
 
12251135 presentation
12251135 presentation12251135 presentation
12251135 presentationa5274015
 
presentation
presentationpresentation
presentationa5274015
 
Rapid Assessment of Web Resources (RAWR) - DerbyCon 3.0
Rapid Assessment of Web Resources (RAWR) - DerbyCon 3.0Rapid Assessment of Web Resources (RAWR) - DerbyCon 3.0
Rapid Assessment of Web Resources (RAWR) - DerbyCon 3.0Tom Moore
 
Attacker Ghost Stories - ShmooCon 2014
Attacker Ghost Stories - ShmooCon 2014Attacker Ghost Stories - ShmooCon 2014
Attacker Ghost Stories - ShmooCon 2014Rob Fuller
 

Semelhante a Wim Remes SOURCE Boston 2011 (20)

SecurityPI - Hardening your IoT endpoints in Home.
SecurityPI - Hardening your IoT endpoints in Home. SecurityPI - Hardening your IoT endpoints in Home.
SecurityPI - Hardening your IoT endpoints in Home.
 
Ride the Light
Ride the LightRide the Light
Ride the Light
 
IBM Enterprise 2014 - System z Technical University - Preliminary Agenda
IBM Enterprise 2014 - System z Technical University - Preliminary Agenda IBM Enterprise 2014 - System z Technical University - Preliminary Agenda
IBM Enterprise 2014 - System z Technical University - Preliminary Agenda
 
IoThings you don't even need to hack
IoThings you don't even need to hackIoThings you don't even need to hack
IoThings you don't even need to hack
 
Belfast JUG, SIMD (Vectorial) Operations
Belfast JUG, SIMD (Vectorial) OperationsBelfast JUG, SIMD (Vectorial) Operations
Belfast JUG, SIMD (Vectorial) Operations
 
Layer one 2011-gh0stwood-d-dos-attacks
Layer one 2011-gh0stwood-d-dos-attacksLayer one 2011-gh0stwood-d-dos-attacks
Layer one 2011-gh0stwood-d-dos-attacks
 
2012: The End of the World?
2012: The End of the World?2012: The End of the World?
2012: The End of the World?
 
DEF CON 27 - D4KRM4TTER MIKE SPICER - I know what you did last summer
DEF CON 27 - D4KRM4TTER MIKE SPICER - I know what you did last summerDEF CON 27 - D4KRM4TTER MIKE SPICER - I know what you did last summer
DEF CON 27 - D4KRM4TTER MIKE SPICER - I know what you did last summer
 
Country domination - Causing chaos and wrecking havoc
Country domination - Causing chaos and wrecking havocCountry domination - Causing chaos and wrecking havoc
Country domination - Causing chaos and wrecking havoc
 
Debunking Information Security myths
Debunking Information Security mythsDebunking Information Security myths
Debunking Information Security myths
 
Lightning talks - Cyber Security Congres 2016
Lightning talks - Cyber Security Congres 2016Lightning talks - Cyber Security Congres 2016
Lightning talks - Cyber Security Congres 2016
 
A Stuxnet for Mainframes
A Stuxnet for MainframesA Stuxnet for Mainframes
A Stuxnet for Mainframes
 
Malware vs Big Data
Malware vs Big DataMalware vs Big Data
Malware vs Big Data
 
The Wondrous Curse of Interoperability
The Wondrous Curse of InteroperabilityThe Wondrous Curse of Interoperability
The Wondrous Curse of Interoperability
 
A Technical Dive into Defensive Trickery
A Technical Dive into Defensive TrickeryA Technical Dive into Defensive Trickery
A Technical Dive into Defensive Trickery
 
Beyond PHP - it's not (just) about the code
Beyond PHP - it's not (just) about the codeBeyond PHP - it's not (just) about the code
Beyond PHP - it's not (just) about the code
 
12251135 presentation
12251135 presentation12251135 presentation
12251135 presentation
 
presentation
presentationpresentation
presentation
 
Rapid Assessment of Web Resources (RAWR) - DerbyCon 3.0
Rapid Assessment of Web Resources (RAWR) - DerbyCon 3.0Rapid Assessment of Web Resources (RAWR) - DerbyCon 3.0
Rapid Assessment of Web Resources (RAWR) - DerbyCon 3.0
 
Attacker Ghost Stories - ShmooCon 2014
Attacker Ghost Stories - ShmooCon 2014Attacker Ghost Stories - ShmooCon 2014
Attacker Ghost Stories - ShmooCon 2014
 

Mais de Source Conference

iBanking - a botnet on Android
iBanking - a botnet on AndroidiBanking - a botnet on Android
iBanking - a botnet on AndroidSource Conference
 
I want the next generation web here SPDY QUIC
I want the next generation web here SPDY QUICI want the next generation web here SPDY QUIC
I want the next generation web here SPDY QUICSource Conference
 
From DNA Sequence Variation to .NET Bits and Bobs
From DNA Sequence Variation to .NET Bits and BobsFrom DNA Sequence Variation to .NET Bits and Bobs
From DNA Sequence Variation to .NET Bits and BobsSource Conference
 
Extracting Forensic Information From Zeus Derivatives
Extracting Forensic Information From Zeus DerivativesExtracting Forensic Information From Zeus Derivatives
Extracting Forensic Information From Zeus DerivativesSource Conference
 
How to Like Social Media Network Security
How to Like Social Media Network SecurityHow to Like Social Media Network Security
How to Like Social Media Network SecuritySource Conference
 
Wfuzz para Penetration Testers
Wfuzz para Penetration TestersWfuzz para Penetration Testers
Wfuzz para Penetration TestersSource Conference
 
Security Goodness with Ruby on Rails
Security Goodness with Ruby on RailsSecurity Goodness with Ruby on Rails
Security Goodness with Ruby on RailsSource Conference
 
Securty Testing For RESTful Applications
Securty Testing For RESTful ApplicationsSecurty Testing For RESTful Applications
Securty Testing For RESTful ApplicationsSource Conference
 
Men in the Server Meet the Man in the Browser
Men in the Server Meet the Man in the BrowserMen in the Server Meet the Man in the Browser
Men in the Server Meet the Man in the BrowserSource Conference
 
Advanced Data Exfiltration The Way Q Would Have Done It
Advanced Data Exfiltration The Way Q Would Have Done ItAdvanced Data Exfiltration The Way Q Would Have Done It
Advanced Data Exfiltration The Way Q Would Have Done ItSource Conference
 
Adapting To The Age Of Anonymous
Adapting To The Age Of AnonymousAdapting To The Age Of Anonymous
Adapting To The Age Of AnonymousSource Conference
 
Are Agile And Secure Development Mutually Exclusive?
Are Agile And Secure Development Mutually Exclusive?Are Agile And Secure Development Mutually Exclusive?
Are Agile And Secure Development Mutually Exclusive?Source Conference
 
Advanced (persistent) binary planting
Advanced (persistent) binary plantingAdvanced (persistent) binary planting
Advanced (persistent) binary plantingSource Conference
 
Legal/technical strategies addressing data risks as perimeter shifts to Cloud
Legal/technical strategies addressing data risks as perimeter shifts to CloudLegal/technical strategies addressing data risks as perimeter shifts to Cloud
Legal/technical strategies addressing data risks as perimeter shifts to CloudSource Conference
 
Who should the security team hire next?
Who should the security team hire next?Who should the security team hire next?
Who should the security team hire next?Source Conference
 
The Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime LawThe Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime LawSource Conference
 
How To: Find The Right Amount Of Security Spend
How To: Find The Right Amount Of Security SpendHow To: Find The Right Amount Of Security Spend
How To: Find The Right Amount Of Security SpendSource Conference
 

Mais de Source Conference (20)

Million Browser Botnet
Million Browser BotnetMillion Browser Botnet
Million Browser Botnet
 
iBanking - a botnet on Android
iBanking - a botnet on AndroidiBanking - a botnet on Android
iBanking - a botnet on Android
 
I want the next generation web here SPDY QUIC
I want the next generation web here SPDY QUICI want the next generation web here SPDY QUIC
I want the next generation web here SPDY QUIC
 
From DNA Sequence Variation to .NET Bits and Bobs
From DNA Sequence Variation to .NET Bits and BobsFrom DNA Sequence Variation to .NET Bits and Bobs
From DNA Sequence Variation to .NET Bits and Bobs
 
Extracting Forensic Information From Zeus Derivatives
Extracting Forensic Information From Zeus DerivativesExtracting Forensic Information From Zeus Derivatives
Extracting Forensic Information From Zeus Derivatives
 
How to Like Social Media Network Security
How to Like Social Media Network SecurityHow to Like Social Media Network Security
How to Like Social Media Network Security
 
Wfuzz para Penetration Testers
Wfuzz para Penetration TestersWfuzz para Penetration Testers
Wfuzz para Penetration Testers
 
Security Goodness with Ruby on Rails
Security Goodness with Ruby on RailsSecurity Goodness with Ruby on Rails
Security Goodness with Ruby on Rails
 
Securty Testing For RESTful Applications
Securty Testing For RESTful ApplicationsSecurty Testing For RESTful Applications
Securty Testing For RESTful Applications
 
Esteganografia
EsteganografiaEsteganografia
Esteganografia
 
Men in the Server Meet the Man in the Browser
Men in the Server Meet the Man in the BrowserMen in the Server Meet the Man in the Browser
Men in the Server Meet the Man in the Browser
 
Advanced Data Exfiltration The Way Q Would Have Done It
Advanced Data Exfiltration The Way Q Would Have Done ItAdvanced Data Exfiltration The Way Q Would Have Done It
Advanced Data Exfiltration The Way Q Would Have Done It
 
Adapting To The Age Of Anonymous
Adapting To The Age Of AnonymousAdapting To The Age Of Anonymous
Adapting To The Age Of Anonymous
 
Are Agile And Secure Development Mutually Exclusive?
Are Agile And Secure Development Mutually Exclusive?Are Agile And Secure Development Mutually Exclusive?
Are Agile And Secure Development Mutually Exclusive?
 
Advanced (persistent) binary planting
Advanced (persistent) binary plantingAdvanced (persistent) binary planting
Advanced (persistent) binary planting
 
Legal/technical strategies addressing data risks as perimeter shifts to Cloud
Legal/technical strategies addressing data risks as perimeter shifts to CloudLegal/technical strategies addressing data risks as perimeter shifts to Cloud
Legal/technical strategies addressing data risks as perimeter shifts to Cloud
 
Who should the security team hire next?
Who should the security team hire next?Who should the security team hire next?
Who should the security team hire next?
 
The Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime LawThe Latest Developments in Computer Crime Law
The Latest Developments in Computer Crime Law
 
JSF Security
JSF SecurityJSF Security
JSF Security
 
How To: Find The Right Amount Of Security Spend
How To: Find The Right Amount Of Security SpendHow To: Find The Right Amount Of Security Spend
How To: Find The Right Amount Of Security Spend
 

Último

Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 

Último (20)

Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 

Wim Remes SOURCE Boston 2011