Enviar pesquisa
Carregar
Sophos Day Belux 2014
•
0 gostou
•
595 visualizações
Malik Mesellem
Seguir
How can Sophos help you to protect your infrastructure?
Leia menos
Leia mais
Apresentações e oratória
Denunciar
Compartilhar
Denunciar
Compartilhar
1 de 30
Baixar agora
Baixar para ler offline
Recomendados
Mobile application security and threat modeling
Mobile application security and threat modeling
Shantanu Mitra
A Brief Introduction to Penetration Testing
A Brief Introduction to Penetration Testing
EC-Council
Application Threat Modeling
Application Threat Modeling
Rochester Security Summit
Secure Coding and Threat Modeling
Secure Coding and Threat Modeling
Miriam Celi, CISSP, GISP, MSCS, MBA
Upgrade your attack model: finding and stopping fileless attacks with MITRE A...
Upgrade your attack model: finding and stopping fileless attacks with MITRE A...
FaithWestdorp
Red Team vs. Blue Team
Red Team vs. Blue Team
EC-Council
Cyber security webinar part 1 - Threat Landscape
Cyber security webinar part 1 - Threat Landscape
F-Secure Corporation
Defending Workstations - Cyber security webinar part 2
Defending Workstations - Cyber security webinar part 2
F-Secure Corporation
Recomendados
Mobile application security and threat modeling
Mobile application security and threat modeling
Shantanu Mitra
A Brief Introduction to Penetration Testing
A Brief Introduction to Penetration Testing
EC-Council
Application Threat Modeling
Application Threat Modeling
Rochester Security Summit
Secure Coding and Threat Modeling
Secure Coding and Threat Modeling
Miriam Celi, CISSP, GISP, MSCS, MBA
Upgrade your attack model: finding and stopping fileless attacks with MITRE A...
Upgrade your attack model: finding and stopping fileless attacks with MITRE A...
FaithWestdorp
Red Team vs. Blue Team
Red Team vs. Blue Team
EC-Council
Cyber security webinar part 1 - Threat Landscape
Cyber security webinar part 1 - Threat Landscape
F-Secure Corporation
Defending Workstations - Cyber security webinar part 2
Defending Workstations - Cyber security webinar part 2
F-Secure Corporation
6 Most Popular Threat Modeling Methodologies
6 Most Popular Threat Modeling Methodologies
EC-Council
Threat Modelling
Threat Modelling
n|u - The Open Security Community
Defending Servers - Cyber security webinar part 3
Defending Servers - Cyber security webinar part 3
F-Secure Corporation
Cyber security webinar 6 - How to build systems that resist attacks?
Cyber security webinar 6 - How to build systems that resist attacks?
F-Secure Corporation
Threat Modeling And Analysis
Threat Modeling And Analysis
Lalit Kale
Threat Modeling 101
Threat Modeling 101
Vlad Styran
Threat Modeling Web Applications
Threat Modeling Web Applications
Nadia BENCHIKHA
Complete Cyber Security Course
Complete Cyber Security Course
mitchell burner
Silence Group
Silence Group
Piyanat Thanasombat
CYBER_1_statement
CYBER_1_statement
Giang La
Viruses & security threats
Viruses & security threats
wardjo
STRIDE And DREAD
STRIDE And DREAD
chuckbt
Nick - Computer Virus
Nick - Computer Virus
beacondaytech
Skills that make network security training easy
Skills that make network security training easy
EC-Council
Threats, Threat Modeling and Analysis
Threats, Threat Modeling and Analysis
Ian G
An Example of use the Threat Modeling Tool (FFRI Monthly Research Nov 2016)
An Example of use the Threat Modeling Tool (FFRI Monthly Research Nov 2016)
FFRI, Inc.
Hanssens Telecom Roadshow 2015 - Hacking 101
Hanssens Telecom Roadshow 2015 - Hacking 101
Malik Mesellem
Ochrana pred modernými malware útokmi
Ochrana pred modernými malware útokmi
MarketingArrowECS_CZ
Mitigating Malware Presentation Jkd 11 10 08 Aitp
Mitigating Malware Presentation Jkd 11 10 08 Aitp
Joann Davis
Securing your web infrastructure
Securing your web infrastructure
WP Engine
Security_Bootcamp_Intro
Security_Bootcamp_Intro
sudip pudasaini
Seceon’s Comprehensive Cybersecurity Platform - Seceon.pptx
Seceon’s Comprehensive Cybersecurity Platform - Seceon.pptx
CompanySeceon
Mais conteúdo relacionado
Mais procurados
6 Most Popular Threat Modeling Methodologies
6 Most Popular Threat Modeling Methodologies
EC-Council
Threat Modelling
Threat Modelling
n|u - The Open Security Community
Defending Servers - Cyber security webinar part 3
Defending Servers - Cyber security webinar part 3
F-Secure Corporation
Cyber security webinar 6 - How to build systems that resist attacks?
Cyber security webinar 6 - How to build systems that resist attacks?
F-Secure Corporation
Threat Modeling And Analysis
Threat Modeling And Analysis
Lalit Kale
Threat Modeling 101
Threat Modeling 101
Vlad Styran
Threat Modeling Web Applications
Threat Modeling Web Applications
Nadia BENCHIKHA
Complete Cyber Security Course
Complete Cyber Security Course
mitchell burner
Silence Group
Silence Group
Piyanat Thanasombat
CYBER_1_statement
CYBER_1_statement
Giang La
Viruses & security threats
Viruses & security threats
wardjo
STRIDE And DREAD
STRIDE And DREAD
chuckbt
Nick - Computer Virus
Nick - Computer Virus
beacondaytech
Skills that make network security training easy
Skills that make network security training easy
EC-Council
Threats, Threat Modeling and Analysis
Threats, Threat Modeling and Analysis
Ian G
An Example of use the Threat Modeling Tool (FFRI Monthly Research Nov 2016)
An Example of use the Threat Modeling Tool (FFRI Monthly Research Nov 2016)
FFRI, Inc.
Mais procurados
(16)
6 Most Popular Threat Modeling Methodologies
6 Most Popular Threat Modeling Methodologies
Threat Modelling
Threat Modelling
Defending Servers - Cyber security webinar part 3
Defending Servers - Cyber security webinar part 3
Cyber security webinar 6 - How to build systems that resist attacks?
Cyber security webinar 6 - How to build systems that resist attacks?
Threat Modeling And Analysis
Threat Modeling And Analysis
Threat Modeling 101
Threat Modeling 101
Threat Modeling Web Applications
Threat Modeling Web Applications
Complete Cyber Security Course
Complete Cyber Security Course
Silence Group
Silence Group
CYBER_1_statement
CYBER_1_statement
Viruses & security threats
Viruses & security threats
STRIDE And DREAD
STRIDE And DREAD
Nick - Computer Virus
Nick - Computer Virus
Skills that make network security training easy
Skills that make network security training easy
Threats, Threat Modeling and Analysis
Threats, Threat Modeling and Analysis
An Example of use the Threat Modeling Tool (FFRI Monthly Research Nov 2016)
An Example of use the Threat Modeling Tool (FFRI Monthly Research Nov 2016)
Semelhante a Sophos Day Belux 2014
Hanssens Telecom Roadshow 2015 - Hacking 101
Hanssens Telecom Roadshow 2015 - Hacking 101
Malik Mesellem
Ochrana pred modernými malware útokmi
Ochrana pred modernými malware útokmi
MarketingArrowECS_CZ
Mitigating Malware Presentation Jkd 11 10 08 Aitp
Mitigating Malware Presentation Jkd 11 10 08 Aitp
Joann Davis
Securing your web infrastructure
Securing your web infrastructure
WP Engine
Security_Bootcamp_Intro
Security_Bootcamp_Intro
sudip pudasaini
Seceon’s Comprehensive Cybersecurity Platform - Seceon.pptx
Seceon’s Comprehensive Cybersecurity Platform - Seceon.pptx
CompanySeceon
Advanced Threat Protection – ultimátní bezpečnostní řešení
Advanced Threat Protection – ultimátní bezpečnostní řešení
MarketingArrowECS_CZ
Crack the Code
Crack the Code
InnoTech
Factors Affecting The Threat Agent Involved
Factors Affecting The Threat Agent Involved
Jennifer Campbell
Nuts & Bolts of the Dynamic Attack Chain
Nuts & Bolts of the Dynamic Attack Chain
IBM Security
The Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day Reality
Lumension
9 Security Threats Everyone Should Be Aware Of
9 Security Threats Everyone Should Be Aware Of
Aditya Prakhar Singh
The Cyber Kill Chain. 7 Stages of Cyber Kill Chain Supplementary Reading
The Cyber Kill Chain. 7 Stages of Cyber Kill Chain Supplementary Reading
Muhammad FAHAD
The Dynamite of Next Generation (Y) Attack
The Dynamite of Next Generation (Y) Attack
Prathan Phongthiproek
Cisco Web and Email Security Overview
Cisco Web and Email Security Overview
Cisco Security
Cyber security company
Cyber security company
CompanySeceon
Cyber security
Cyber security
TejasRao8
Web Application Security
Web Application Security
sudip pudasaini
Ransomware webinar may 2016 final version external
Ransomware webinar may 2016 final version external
Zscaler
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
newbie2019
Semelhante a Sophos Day Belux 2014
(20)
Hanssens Telecom Roadshow 2015 - Hacking 101
Hanssens Telecom Roadshow 2015 - Hacking 101
Ochrana pred modernými malware útokmi
Ochrana pred modernými malware útokmi
Mitigating Malware Presentation Jkd 11 10 08 Aitp
Mitigating Malware Presentation Jkd 11 10 08 Aitp
Securing your web infrastructure
Securing your web infrastructure
Security_Bootcamp_Intro
Security_Bootcamp_Intro
Seceon’s Comprehensive Cybersecurity Platform - Seceon.pptx
Seceon’s Comprehensive Cybersecurity Platform - Seceon.pptx
Advanced Threat Protection – ultimátní bezpečnostní řešení
Advanced Threat Protection – ultimátní bezpečnostní řešení
Crack the Code
Crack the Code
Factors Affecting The Threat Agent Involved
Factors Affecting The Threat Agent Involved
Nuts & Bolts of the Dynamic Attack Chain
Nuts & Bolts of the Dynamic Attack Chain
The Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day Reality
9 Security Threats Everyone Should Be Aware Of
9 Security Threats Everyone Should Be Aware Of
The Cyber Kill Chain. 7 Stages of Cyber Kill Chain Supplementary Reading
The Cyber Kill Chain. 7 Stages of Cyber Kill Chain Supplementary Reading
The Dynamite of Next Generation (Y) Attack
The Dynamite of Next Generation (Y) Attack
Cisco Web and Email Security Overview
Cisco Web and Email Security Overview
Cyber security company
Cyber security company
Cyber security
Cyber security
Web Application Security
Web Application Security
Ransomware webinar may 2016 final version external
Ransomware webinar may 2016 final version external
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
Último
AWS Data Engineer Associate (DEA-C01) Exam Dumps 2024.pdf
AWS Data Engineer Associate (DEA-C01) Exam Dumps 2024.pdf
SkillCertProExams
Uncommon Grace The Autobiography of Isaac Folorunso
Uncommon Grace The Autobiography of Isaac Folorunso
Kayode Fayemi
ICT role in 21st century education and it's challenges.pdf
ICT role in 21st century education and it's challenges.pdf
Islamia university of Rahim Yar khan campus
lONG QUESTION ANSWER PAKISTAN STUDIES10.
lONG QUESTION ANSWER PAKISTAN STUDIES10.
lodhisaajjda
Digital collaboration with Microsoft 365 as extension of Drupal
Digital collaboration with Microsoft 365 as extension of Drupal
Fabian de Rijk
The workplace ecosystem of the future 24.4.2024 Fabritius_share ii.pdf
The workplace ecosystem of the future 24.4.2024 Fabritius_share ii.pdf
Senaatti-kiinteistöt
Bring back lost lover in USA, Canada ,Uk ,Australia ,London Lost Love Spell C...
Bring back lost lover in USA, Canada ,Uk ,Australia ,London Lost Love Spell C...
amilabibi1
Proofreading- Basics to Artificial Intelligence Integration - Presentation:Sl...
Proofreading- Basics to Artificial Intelligence Integration - Presentation:Sl...
David Celestin
Chiulli_Aurora_Oman_Raffaele_Beowulf.pptx
Chiulli_Aurora_Oman_Raffaele_Beowulf.pptx
raffaeleoman
Dreaming Music Video Treatment _ Project & Portfolio III
Dreaming Music Video Treatment _ Project & Portfolio III
NhPhngng3
Dreaming Marissa Sánchez Music Video Treatment
Dreaming Marissa Sánchez Music Video Treatment
nswingard
If this Giant Must Walk: A Manifesto for a New Nigeria
If this Giant Must Walk: A Manifesto for a New Nigeria
Kayode Fayemi
Report Writing Webinar Training
Report Writing Webinar Training
KylaCullinane
My Presentation "In Your Hands" by Halle Bailey
My Presentation "In Your Hands" by Halle Bailey
hlharris
SOLID WASTE MANAGEMENT SYSTEM OF FENI PAURASHAVA, BANGLADESH.pdf
SOLID WASTE MANAGEMENT SYSTEM OF FENI PAURASHAVA, BANGLADESH.pdf
Mahamudul Hasan
Último
(15)
AWS Data Engineer Associate (DEA-C01) Exam Dumps 2024.pdf
AWS Data Engineer Associate (DEA-C01) Exam Dumps 2024.pdf
Uncommon Grace The Autobiography of Isaac Folorunso
Uncommon Grace The Autobiography of Isaac Folorunso
ICT role in 21st century education and it's challenges.pdf
ICT role in 21st century education and it's challenges.pdf
lONG QUESTION ANSWER PAKISTAN STUDIES10.
lONG QUESTION ANSWER PAKISTAN STUDIES10.
Digital collaboration with Microsoft 365 as extension of Drupal
Digital collaboration with Microsoft 365 as extension of Drupal
The workplace ecosystem of the future 24.4.2024 Fabritius_share ii.pdf
The workplace ecosystem of the future 24.4.2024 Fabritius_share ii.pdf
Bring back lost lover in USA, Canada ,Uk ,Australia ,London Lost Love Spell C...
Bring back lost lover in USA, Canada ,Uk ,Australia ,London Lost Love Spell C...
Proofreading- Basics to Artificial Intelligence Integration - Presentation:Sl...
Proofreading- Basics to Artificial Intelligence Integration - Presentation:Sl...
Chiulli_Aurora_Oman_Raffaele_Beowulf.pptx
Chiulli_Aurora_Oman_Raffaele_Beowulf.pptx
Dreaming Music Video Treatment _ Project & Portfolio III
Dreaming Music Video Treatment _ Project & Portfolio III
Dreaming Marissa Sánchez Music Video Treatment
Dreaming Marissa Sánchez Music Video Treatment
If this Giant Must Walk: A Manifesto for a New Nigeria
If this Giant Must Walk: A Manifesto for a New Nigeria
Report Writing Webinar Training
Report Writing Webinar Training
My Presentation "In Your Hands" by Halle Bailey
My Presentation "In Your Hands" by Halle Bailey
SOLID WASTE MANAGEMENT SYSTEM OF FENI PAURASHAVA, BANGLADESH.pdf
SOLID WASTE MANAGEMENT SYSTEM OF FENI PAURASHAVA, BANGLADESH.pdf
Sophos Day Belux 2014
1.
Is your network
h@Cking pr00f? Malik Mesellem
2.
Malik Mesellem Ethical
Hacker MME BVBA ° 2010 Security Audits & Training Objective approach Focus is to advise No-nonsense mentality
3.
What are we
afraid of? Buffer Overflows DoS Trojans Port Scans Spoofing
4.
I don’t think
so… Old skool attacks✝ We all have firewalls ;) (since 1990)
5.
So WTH(ack) is
the problem? And who is the enemy?
6.
A new wave
of client-side threats…
7.
+ Complex application-level
attacks
8.
+ Complex application-level
attacks
9.
Your secure (?)
infrastructure Web server Client DC App server Firewall
10.
Hacker’s attack plan?
ATTACK the border = web apps
11.
Application-level attack SQL
injection SELECT * FROM … WHERE … ‘ OR 1=1--
12.
13.
Web server DOWN
;(
14.
Hacker’s attack plan?
ATTACK the weakest = humans
15.
Client-side attack Spear
phishing email campaign CVE-2014-0515 0-day client-side exploits
16.
17.
Client computer DOWN
;(
18.
You’ve just lost
2 assets! They are inside the network… Pivot, seek, and pwn!
19.
Network-level attack Issues
in OS or application Buffer overflow
20.
Application server DOWN
;(
21.
You’ve just lost
3 assets! Keys to your castle…
22.
Now they go
for the GOLD! Pass-the-Hash Token impersonation
23.
GAME OVER You’ve
lost everything $$$
24.
GAME OVER You’ve
lost everything $$$
25.
OMG… we definitely
need heroes!
26.
Secure email gateway
Vulnerability & patch UTM firewall Endpoint AV Mobile control management
27.
Two-factor authentication Web
application firewall Server security IDS/IPS Security audits Training
28.
Two-factor authentication Web
application firewall Server security IDS/IPS
29.
What if…
30.
Q&A? Is your
network h@Cking pr00f? Malik Mesellem Thank you!
Baixar agora