SlideShare ist ein Scribd-Unternehmen logo

Securing your presence at the perimeter

Ben Rothke
Ben Rothke

Presentation: Securing your presence at the perimeter. Given by: Ben Rothke

Technologie
1 von 21
Downloaden Sie, um offline zu lesen
Securing your presence at the perimeter Ben Rothke, CISSP CISA BT Global Services Senior Security Consultant
About me…. • Ben Rothke (too many certifications) • Senior Security Consultant – British Telecom • Frequent writer and speaker • Author - Computer Security: 20 Things Every Employee Should Know BT Americas Inc. 2
The perimeter is not necessarily dead • Firewalls and border routers are still the cornerstone for perimeter security • Always will be a place for VPNs • Attacks occur at the application layer – So ensure app security BT Professional Services 3
But the perimeter it is getting blurred… • VPNs • complicated network connections with multiple partners – contractors, consultants – 3rd party collaboration – vendors • wireless networks • laptops • malicious insiders – worms (compromised computers can be seen as malicious insiders) BT Professional Services 4
Ok, the perimeter is dead, the cloud proves it BT Professional Services 5
Perimeter challenges • Determining proper firewall design • access to resources for remote users • effective monitoring and reporting • need for enhanced packet inspection • security standards compliance • long-term maintenance • ensuring attackers don’t find that single vulnerability • data leakage BT Professional Services 6
Was your perimeter designed in 30 minutes? BT Professional Services 7
Key points • Perimeter security is popular – cheap, convenient, somewhat effective – firewalls and IDS most common tools for network security • Firewalls and IDS fighting an uphill battle – both attackers and legitimate users struggle to avoid/evade them • Security management is a key challenge BT Professional Services 8
Securing network perimeters • Goal is to provide adequate access without jeopardizing confidential or mission-critical areas • Elements: – firewalls, IDS, bastion host, Network Address Translation (NAT), proxy servers – combined with authentication mechanisms • Bastion host – provides Web, FTP, e-mail, or other services running on a specially secured server BT Professional Services 9
But the firewall is not a panacea • Malicious traffic that is passed on open ports and not inspected by the firewall • any traffic that passes through an encrypted tunnel or session • attacks after a network has been penetrated • traffic that appears legitimate • users and administrators who intentionally or accidentally install viruses • administrators who use weak passwords BT Professional Services 10
Policy is required to secure a perimeter • Firewall policies typically lists of allow or deny rules • what should the default rule be? • Default allow: – convenient since doesn’t interfere with legitimate activity • Default deny: – more secure, since every allowed use undergoes security review – if policy too restrictive, people complain and it gets fixed – if policy too permissive, only learn about it too late after an attack BT Professional Services 11
Other policy issues • Scale – Large organizations have thousands of rules – How do you process them efficiently? – How do you know they are correct? • Ingress vs. egress filtering – Ingress: filter packets from the Internet – Egress: filter traffic to the Internet (why?) BT Professional Services 12
Operational weaknessess • Technology – firewall rules not adequately maintained – system configurations and access not being monitored – passwords • Standards – unpatched software/firmware – no criteria for hiring outside auditors and IT pros – no consistent security assessments – production data being used for dev/QA apps BT Professional Services 13
Start thinking about DLP • Small data leaks lead to major damage – a minor water leak… – becomes major structural damage BT Professional Services 14
There is a lot DLP can do • Detect sensitive content in any combination of network traffic, data at rest or endpoint operations • Detect sensitive content using – sophisticated content-aware detection techniques, including partial/exact document matching, structured data fingerprinting, statistical analysis, extended regular expression matching, conceptual and lexicon analysis, and more • Support detection of sensitive data content in structured and unstructured data, using registered or described data definitions • Block email communication policy violations BT Professional Services 15
Do you have authority over your data? • DLP enables you to finally control your data: – Identify: know where your data resides – Monitor: what is happening, who did it, when – Warning: user alerted when moving sensitive data – Prevention: unauthorized actions are thwarted – Control: only approved devices can be used – Reporting: compliance reports (SoX, PCI, HIPAA / HITECH, GLBA, Euro-SoX, and more) BT Professional Services 16
Testing • Publicly-accessible systems – IP-hosts – all web apps – web services • Web interfaces: – routers – firewalls – email • Wireless BT Professional Services 17
Ask lots of questions and fill up whiteboards 1. What are we doing beyond vulnerability scans to find security flaws? 2. Are we looking at all of our critical perimeter systems? 3. When are we going to get to everything else? 4. What are the results of our latest external security assessment? 5. What’s being done to resolve these issues? 6. Even if nothing is turned up, when’s our next round of testing scheduled for? 7. Have we started thinking about the data? 8. Should we consider DLP? BT Professional Services 18
Use tools • There are myriad tools, use them judiciously – QualysGuard – WebInspect – Acunetix WVS – CommView for WiFi – Web browsers – Google – other exploit tools – Make sure your staff reads Security Strategy: From Requirements to Reality – http://amzn.to/fT2yG6 BT Professional Services 19
Creating and maintaining a strong perimeter • Good design • updated design • built and designed by engineers – with management oversight • risk-based • business needs understood • maintained – competent staff – maintained at an adequate level BT Professional Services 20
Contact info… • Ben Rothke, CISSP CISA • Senior Security Consultant • BT Professional Services • www.linkedin.com/in/benrothke • www.twitter.com/benrothke • www.slideshare.net/benrothke BT Professional Services 21

Empfohlen

2012 06-19 --ncc_group_-_iet_seminar_-_mobile_apps_and_secure_by_design
2012 06-19 --ncc_group_-_iet_seminar_-_mobile_apps_and_secure_by_design2012 06-19 --ncc_group_-_iet_seminar_-_mobile_apps_and_secure_by_design
2012 06-19 --ncc_group_-_iet_seminar_-_mobile_apps_and_secure_by_designNCC Group
 
Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...
Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...
Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...Ben Rothke
 
Locking down server and workstation operating systems
Locking down server and workstation operating systemsLocking down server and workstation operating systems
Locking down server and workstation operating systemsBen Rothke
 
FLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your Deal
FLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your DealFLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your Deal
FLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your DealBlack Duck by Synopsys
 
Current & Emerging Cyber Security Threats
Current & Emerging Cyber Security ThreatsCurrent & Emerging Cyber Security Threats
Current & Emerging Cyber Security ThreatsNCC Group
 
Practical SME Security on a Shoestring
Practical SME Security on a ShoestringPractical SME Security on a Shoestring
Practical SME Security on a ShoestringNCC Group
 
2012 12-04 --ncc_group_-_mobile_threat_war_room
2012 12-04 --ncc_group_-_mobile_threat_war_room2012 12-04 --ncc_group_-_mobile_threat_war_room
2012 12-04 --ncc_group_-_mobile_threat_war_roomNCC Group
 
Select idps
Select idpsSelect idps
Select idpsInfo-Tech Research Group
 

Empfohlen

2012 06-19 --ncc_group_-_iet_seminar_-_mobile_apps_and_secure_by_design
2012 06-19 --ncc_group_-_iet_seminar_-_mobile_apps_and_secure_by_design2012 06-19 --ncc_group_-_iet_seminar_-_mobile_apps_and_secure_by_design
2012 06-19 --ncc_group_-_iet_seminar_-_mobile_apps_and_secure_by_designNCC Group
 
Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...
Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...
Rothke Computer Forensics Show 2010 Deployment Strategies For Effective E...Ben Rothke
 
Locking down server and workstation operating systems
Locking down server and workstation operating systemsLocking down server and workstation operating systems
Locking down server and workstation operating systemsBen Rothke
 
FLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your Deal
FLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your DealFLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your Deal
FLIGHT Amsterdam Presentation - Don’t Let Open Source Software Kill Your DealBlack Duck by Synopsys
 
Current & Emerging Cyber Security Threats
Current & Emerging Cyber Security ThreatsCurrent & Emerging Cyber Security Threats
Current & Emerging Cyber Security ThreatsNCC Group
 
Practical SME Security on a Shoestring
Practical SME Security on a ShoestringPractical SME Security on a Shoestring
Practical SME Security on a ShoestringNCC Group
 
2012 12-04 --ncc_group_-_mobile_threat_war_room
2012 12-04 --ncc_group_-_mobile_threat_war_room2012 12-04 --ncc_group_-_mobile_threat_war_room
2012 12-04 --ncc_group_-_mobile_threat_war_roomNCC Group
 
Select idps
Select idpsSelect idps
Select idpsInfo-Tech Research Group
 
2015 Angelbeat_ConvergenceMsg-FINAL
2015 Angelbeat_ConvergenceMsg-FINAL2015 Angelbeat_ConvergenceMsg-FINAL
2015 Angelbeat_ConvergenceMsg-FINALRick Kingsley
 
Security Testing for IoT Systems
Security Testing for IoT SystemsSecurity Testing for IoT Systems
Security Testing for IoT SystemsSecurity Innovation
 
Chapter 5 Presentation
Chapter 5 PresentationChapter 5 Presentation
Chapter 5 PresentationAmy McMullin
 
Lesson 1 - Technical Controls
Lesson 1 - Technical ControlsLesson 1 - Technical Controls
Lesson 1 - Technical ControlsMLG College of Learning, Inc
 
Computer Hacking Forensic Investigator - CHFI
Computer Hacking Forensic Investigator - CHFIComputer Hacking Forensic Investigator - CHFI
Computer Hacking Forensic Investigator - CHFIEC-Council
 
HighBeam-Research-Article-DEC-02-2014
HighBeam-Research-Article-DEC-02-2014HighBeam-Research-Article-DEC-02-2014
HighBeam-Research-Article-DEC-02-2014Siddharth Phadnis
 
Selling to The IT Department
Selling to The IT DepartmentSelling to The IT Department
Selling to The IT Department3VR Inc.
 
IoT/M2M Security
IoT/M2M SecurityIoT/M2M Security
IoT/M2M SecurityYu-Hsin Hung
 
Zero Trust Model Presentation
Zero Trust Model PresentationZero Trust Model Presentation
Zero Trust Model PresentationGowdhaman Jothilingam
 
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Michele Chubirka
 
Designing a Base Building Network – The Integrator's Role
Designing a Base Building Network – The Integrator's RoleDesigning a Base Building Network – The Integrator's Role
Designing a Base Building Network – The Integrator's RoleNJ_OTI
 
Benefits of IT Outsourcing
Benefits of IT OutsourcingBenefits of IT Outsourcing
Benefits of IT OutsourcingMultiTech IT
 
An Introduction to South Seas Corporation
An Introduction to South Seas CorporationAn Introduction to South Seas Corporation
An Introduction to South Seas CorporationEd Mohr
 
Valerie Thomas - All Your Door Belong to Me - Attacking Physical Access Systems
Valerie Thomas - All Your Door Belong to Me - Attacking Physical Access SystemsValerie Thomas - All Your Door Belong to Me - Attacking Physical Access Systems
Valerie Thomas - All Your Door Belong to Me - Attacking Physical Access Systemscentralohioissa
 
Track 5 session 1 - st dev con 2016 - need for security for iot
Track 5 session 1 - st dev con 2016 - need for security for iotTrack 5 session 1 - st dev con 2016 - need for security for iot
Track 5 session 1 - st dev con 2016 - need for security for iotST_World
 
Cyber Security Overview for Small Businesses
Cyber Security Overview for Small BusinessesCyber Security Overview for Small Businesses
Cyber Security Overview for Small BusinessesCharles Cline
 
The how and why of patch management by N-able
The how and why of patch management by N-able The how and why of patch management by N-able
The how and why of patch management by N-able Solarwinds N-able
 
Outsourcing small cell deployment - How process automation tools can enable ...
Outsourcing small cell deployment - How process automation tools can enable ...Outsourcing small cell deployment - How process automation tools can enable ...
Outsourcing small cell deployment - How process automation tools can enable ...David Chambers
 
S_IOT_Intro.pptx
S_IOT_Intro.pptxS_IOT_Intro.pptx
S_IOT_Intro.pptxrutika12345
 
Next-Generation Cybersecurity for the Globally Connected Enterprise with Telos
Next-Generation Cybersecurity for the Globally Connected Enterprise with TelosNext-Generation Cybersecurity for the Globally Connected Enterprise with Telos
Next-Generation Cybersecurity for the Globally Connected Enterprise with TelosAmazon Web Services
 
Rothke computer forensics show 2010
Rothke computer forensics show 2010Rothke computer forensics show 2010
Rothke computer forensics show 2010Ben Rothke
 
Mobile security blunders and what you can do about them
Mobile security blunders and what you can do about themMobile security blunders and what you can do about them
Mobile security blunders and what you can do about themBen Rothke
 

Weitere ähnliche Inhalte

Was ist angesagt?

2015 Angelbeat_ConvergenceMsg-FINAL
2015 Angelbeat_ConvergenceMsg-FINAL2015 Angelbeat_ConvergenceMsg-FINAL
2015 Angelbeat_ConvergenceMsg-FINALRick Kingsley
 
Security Testing for IoT Systems
Security Testing for IoT SystemsSecurity Testing for IoT Systems
Security Testing for IoT SystemsSecurity Innovation
 
Chapter 5 Presentation
Chapter 5 PresentationChapter 5 Presentation
Chapter 5 PresentationAmy McMullin
 
Computer Hacking Forensic Investigator - CHFI
Computer Hacking Forensic Investigator - CHFIComputer Hacking Forensic Investigator - CHFI
Computer Hacking Forensic Investigator - CHFIEC-Council
 
HighBeam-Research-Article-DEC-02-2014
HighBeam-Research-Article-DEC-02-2014HighBeam-Research-Article-DEC-02-2014
HighBeam-Research-Article-DEC-02-2014Siddharth Phadnis
 
Selling to The IT Department
Selling to The IT DepartmentSelling to The IT Department
Selling to The IT Department3VR Inc.
 
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Michele Chubirka
 
Designing a Base Building Network – The Integrator's Role
Designing a Base Building Network – The Integrator's RoleDesigning a Base Building Network – The Integrator's Role
Designing a Base Building Network – The Integrator's RoleNJ_OTI
 
Benefits of IT Outsourcing
Benefits of IT OutsourcingBenefits of IT Outsourcing
Benefits of IT OutsourcingMultiTech IT
 
An Introduction to South Seas Corporation
An Introduction to South Seas CorporationAn Introduction to South Seas Corporation
An Introduction to South Seas CorporationEd Mohr
 
Valerie Thomas - All Your Door Belong to Me - Attacking Physical Access Systems
Valerie Thomas - All Your Door Belong to Me - Attacking Physical Access SystemsValerie Thomas - All Your Door Belong to Me - Attacking Physical Access Systems
Valerie Thomas - All Your Door Belong to Me - Attacking Physical Access Systemscentralohioissa
 
Track 5 session 1 - st dev con 2016 - need for security for iot
Track 5 session 1 - st dev con 2016 - need for security for iotTrack 5 session 1 - st dev con 2016 - need for security for iot
Track 5 session 1 - st dev con 2016 - need for security for iotST_World
 
Cyber Security Overview for Small Businesses
Cyber Security Overview for Small BusinessesCyber Security Overview for Small Businesses
Cyber Security Overview for Small BusinessesCharles Cline
 
The how and why of patch management by N-able
The how and why of patch management by N-able The how and why of patch management by N-able
The how and why of patch management by N-able Solarwinds N-able
 
Outsourcing small cell deployment - How process automation tools can enable ...
Outsourcing small cell deployment - How process automation tools can enable ...Outsourcing small cell deployment - How process automation tools can enable ...
Outsourcing small cell deployment - How process automation tools can enable ...David Chambers
 
S_IOT_Intro.pptx
S_IOT_Intro.pptxS_IOT_Intro.pptx
S_IOT_Intro.pptxrutika12345
 
Next-Generation Cybersecurity for the Globally Connected Enterprise with Telos
Next-Generation Cybersecurity for the Globally Connected Enterprise with TelosNext-Generation Cybersecurity for the Globally Connected Enterprise with Telos
Next-Generation Cybersecurity for the Globally Connected Enterprise with TelosAmazon Web Services
 

Was ist angesagt? (20)

2015 Angelbeat_ConvergenceMsg-FINAL
2015 Angelbeat_ConvergenceMsg-FINAL2015 Angelbeat_ConvergenceMsg-FINAL
2015 Angelbeat_ConvergenceMsg-FINAL
 
Security Testing for IoT Systems
Security Testing for IoT SystemsSecurity Testing for IoT Systems
Security Testing for IoT Systems
 
Chapter 5 Presentation
Chapter 5 PresentationChapter 5 Presentation
Chapter 5 Presentation
 
Lesson 1 - Technical Controls
Lesson 1 - Technical ControlsLesson 1 - Technical Controls
Lesson 1 - Technical Controls
 
Computer Hacking Forensic Investigator - CHFI
Computer Hacking Forensic Investigator - CHFIComputer Hacking Forensic Investigator - CHFI
Computer Hacking Forensic Investigator - CHFI
 
HighBeam-Research-Article-DEC-02-2014
HighBeam-Research-Article-DEC-02-2014HighBeam-Research-Article-DEC-02-2014
HighBeam-Research-Article-DEC-02-2014
 
Selling to The IT Department
Selling to The IT DepartmentSelling to The IT Department
Selling to The IT Department
 
IoT/M2M Security
IoT/M2M SecurityIoT/M2M Security
IoT/M2M Security
 
Zero Trust Model Presentation
Zero Trust Model PresentationZero Trust Model Presentation
Zero Trust Model Presentation
 
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
Beware the Firewall My Son: The Jaws That Bite, The Claws That Catch!
 
Designing a Base Building Network – The Integrator's Role
Designing a Base Building Network – The Integrator's RoleDesigning a Base Building Network – The Integrator's Role
Designing a Base Building Network – The Integrator's Role
 
Benefits of IT Outsourcing
Benefits of IT OutsourcingBenefits of IT Outsourcing
Benefits of IT Outsourcing
 
An Introduction to South Seas Corporation
An Introduction to South Seas CorporationAn Introduction to South Seas Corporation
An Introduction to South Seas Corporation
 
Valerie Thomas - All Your Door Belong to Me - Attacking Physical Access Systems
Valerie Thomas - All Your Door Belong to Me - Attacking Physical Access SystemsValerie Thomas - All Your Door Belong to Me - Attacking Physical Access Systems
Valerie Thomas - All Your Door Belong to Me - Attacking Physical Access Systems
 
Track 5 session 1 - st dev con 2016 - need for security for iot
Track 5 session 1 - st dev con 2016 - need for security for iotTrack 5 session 1 - st dev con 2016 - need for security for iot
Track 5 session 1 - st dev con 2016 - need for security for iot
 
Cyber Security Overview for Small Businesses
Cyber Security Overview for Small BusinessesCyber Security Overview for Small Businesses
Cyber Security Overview for Small Businesses
 
The how and why of patch management by N-able
The how and why of patch management by N-able The how and why of patch management by N-able
The how and why of patch management by N-able
 
Outsourcing small cell deployment - How process automation tools can enable ...
Outsourcing small cell deployment - How process automation tools can enable ...Outsourcing small cell deployment - How process automation tools can enable ...
Outsourcing small cell deployment - How process automation tools can enable ...
 
S_IOT_Intro.pptx
S_IOT_Intro.pptxS_IOT_Intro.pptx
S_IOT_Intro.pptx
 
Next-Generation Cybersecurity for the Globally Connected Enterprise with Telos
Next-Generation Cybersecurity for the Globally Connected Enterprise with TelosNext-Generation Cybersecurity for the Globally Connected Enterprise with Telos
Next-Generation Cybersecurity for the Globally Connected Enterprise with Telos
 

Andere mochten auch

Rothke computer forensics show 2010
Rothke computer forensics show 2010Rothke computer forensics show 2010
Rothke computer forensics show 2010Ben Rothke
 
Mobile security blunders and what you can do about them
Mobile security blunders and what you can do about themMobile security blunders and what you can do about them
Mobile security blunders and what you can do about themBen Rothke
 
La nécessité de la dlp aujourd’hui un livre blanc clearswift
La nécessité de la dlp aujourd’hui un livre blanc clearswiftLa nécessité de la dlp aujourd’hui un livre blanc clearswift
La nécessité de la dlp aujourd’hui un livre blanc clearswiftBen Rothke
 
Securing your presence at the perimeter
Securing your presence at the perimeterSecuring your presence at the perimeter
Securing your presence at the perimeterBen Rothke
 
Rothke rsa 2013 - the five habits of highly secure organizations
Rothke rsa 2013 - the five habits of highly secure organizationsRothke rsa 2013 - the five habits of highly secure organizations
Rothke rsa 2013 - the five habits of highly secure organizationsBen Rothke
 
Rothke rsa 2013 - deployment strategies for effective encryption
Rothke rsa 2013 - deployment strategies for effective encryptionRothke rsa 2013 - deployment strategies for effective encryption
Rothke rsa 2013 - deployment strategies for effective encryptionBen Rothke
 
The Cloud is in the details webinar - Rothke
The Cloud is in the details webinar - RothkeThe Cloud is in the details webinar - Rothke
The Cloud is in the details webinar - RothkeBen Rothke
 
Webinar - Getting a handle on wireless security for PCI DSS Compliance
Webinar - Getting a handle on wireless security for PCI DSS ComplianceWebinar - Getting a handle on wireless security for PCI DSS Compliance
Webinar - Getting a handle on wireless security for PCI DSS ComplianceBen Rothke
 
E5 rothke - deployment strategies for effective encryption
E5 rothke - deployment strategies for effective encryptionE5 rothke - deployment strategies for effective encryption
E5 rothke - deployment strategies for effective encryptionBen Rothke
 
Interop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothkeInterop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothkeBen Rothke
 
Lessons from ligatt from national cyber security nationalcybersecurity com
Lessons from ligatt from national cyber security nationalcybersecurity comLessons from ligatt from national cyber security nationalcybersecurity com
Lessons from ligatt from national cyber security nationalcybersecurity comBen Rothke
 
Rothke rsa 2012 what happens in vegas goes on youtube using social networks...
Rothke rsa 2012 what happens in vegas goes on youtube using social networks...Rothke rsa 2012 what happens in vegas goes on youtube using social networks...
Rothke rsa 2012 what happens in vegas goes on youtube using social networks...Ben Rothke
 
The Need for DLP now - A Clearswift White Paper
The Need for DLP now - A Clearswift White PaperThe Need for DLP now - A Clearswift White Paper
The Need for DLP now - A Clearswift White PaperBen Rothke
 
Infosecurity Needs Its T.J. Hooper
Infosecurity Needs Its T.J. HooperInfosecurity Needs Its T.J. Hooper
Infosecurity Needs Its T.J. HooperBen Rothke
 
Lessons from ligatt
Lessons from ligattLessons from ligatt
Lessons from ligattBen Rothke
 
Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Ben Rothke
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Ben Rothke
 

Andere mochten auch (17)

Rothke computer forensics show 2010
Rothke computer forensics show 2010Rothke computer forensics show 2010
Rothke computer forensics show 2010
 
Mobile security blunders and what you can do about them
Mobile security blunders and what you can do about themMobile security blunders and what you can do about them
Mobile security blunders and what you can do about them
 
La nécessité de la dlp aujourd’hui un livre blanc clearswift
La nécessité de la dlp aujourd’hui un livre blanc clearswiftLa nécessité de la dlp aujourd’hui un livre blanc clearswift
La nécessité de la dlp aujourd’hui un livre blanc clearswift
 
Securing your presence at the perimeter
Securing your presence at the perimeterSecuring your presence at the perimeter
Securing your presence at the perimeter
 
Rothke rsa 2013 - the five habits of highly secure organizations
Rothke rsa 2013 - the five habits of highly secure organizationsRothke rsa 2013 - the five habits of highly secure organizations
Rothke rsa 2013 - the five habits of highly secure organizations
 
Rothke rsa 2013 - deployment strategies for effective encryption
Rothke rsa 2013 - deployment strategies for effective encryptionRothke rsa 2013 - deployment strategies for effective encryption
Rothke rsa 2013 - deployment strategies for effective encryption
 
The Cloud is in the details webinar - Rothke
The Cloud is in the details webinar - RothkeThe Cloud is in the details webinar - Rothke
The Cloud is in the details webinar - Rothke
 
Webinar - Getting a handle on wireless security for PCI DSS Compliance
Webinar - Getting a handle on wireless security for PCI DSS ComplianceWebinar - Getting a handle on wireless security for PCI DSS Compliance
Webinar - Getting a handle on wireless security for PCI DSS Compliance
 
E5 rothke - deployment strategies for effective encryption
E5 rothke - deployment strategies for effective encryptionE5 rothke - deployment strategies for effective encryption
E5 rothke - deployment strategies for effective encryption
 
Interop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothkeInterop 2011 las vegas - session se31 - rothke
Interop 2011 las vegas - session se31 - rothke
 
Lessons from ligatt from national cyber security nationalcybersecurity com
Lessons from ligatt from national cyber security nationalcybersecurity comLessons from ligatt from national cyber security nationalcybersecurity com
Lessons from ligatt from national cyber security nationalcybersecurity com
 
Rothke rsa 2012 what happens in vegas goes on youtube using social networks...
Rothke rsa 2012 what happens in vegas goes on youtube using social networks...Rothke rsa 2012 what happens in vegas goes on youtube using social networks...
Rothke rsa 2012 what happens in vegas goes on youtube using social networks...
 
The Need for DLP now - A Clearswift White Paper
The Need for DLP now - A Clearswift White PaperThe Need for DLP now - A Clearswift White Paper
The Need for DLP now - A Clearswift White Paper
 
Infosecurity Needs Its T.J. Hooper
Infosecurity Needs Its T.J. HooperInfosecurity Needs Its T.J. Hooper
Infosecurity Needs Its T.J. Hooper
 
Lessons from ligatt
Lessons from ligattLessons from ligatt
Lessons from ligatt
 
Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)Rothke rsa 2012 building a security operations center (soc)
Rothke rsa 2012 building a security operations center (soc)
 
Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)Rothke secure360 building a security operations center (soc)
Rothke secure360 building a security operations center (soc)
 

Ähnlich wie Securing your presence at the perimeter

BOSNOG NAC stack 2018
BOSNOG NAC stack 2018BOSNOG NAC stack 2018
BOSNOG NAC stack 2018GENIANS, INC.
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...CableLabs
 
IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed Great Bay Software
 
Chamber Technology Committee Presentation
Chamber Technology Committee PresentationChamber Technology Committee Presentation
Chamber Technology Committee PresentationTony DeGonia (LION)
 
Technology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT SecurityTechnology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT SecurityCableLabs
 
AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014KBIZEAU
 
Intrusion detection 2001
Intrusion detection 2001Intrusion detection 2001
Intrusion detection 2001eaiti
 
Protecting Your Business from Unauthorized IBM i Access
Protecting Your Business from Unauthorized IBM i AccessProtecting Your Business from Unauthorized IBM i Access
Protecting Your Business from Unauthorized IBM i AccessPrecisely
 
Firewall, Router and Switch Configuration Review
Firewall, Router and Switch Configuration ReviewFirewall, Router and Switch Configuration Review
Firewall, Router and Switch Configuration ReviewChristine MacDonald
 
Lock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iLock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iPrecisely
 
Why defensive research is sexy too.. … and a real sign of skill
Why defensive research is sexy too.. … and a real sign of skillWhy defensive research is sexy too.. … and a real sign of skill
Why defensive research is sexy too.. … and a real sign of skillOllie Whitehouse
 
Understanding Zero Trust Security for IBM i
Understanding Zero Trust Security for IBM iUnderstanding Zero Trust Security for IBM i
Understanding Zero Trust Security for IBM iPrecisely
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksAngeloluca Barba
 
Career Domain 2022-23.pptx
Career Domain 2022-23.pptxCareer Domain 2022-23.pptx
Career Domain 2022-23.pptxJanani S
 
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)Precisely
 
IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythSecurity Innovation
 
3433 IBM messaging security why securing your environment is important-feb2...
3433 IBM messaging security why securing your environment is important-feb2...3433 IBM messaging security why securing your environment is important-feb2...
3433 IBM messaging security why securing your environment is important-feb2...Robert Parker
 
IBM Messaging Security - Why securing your environment is important : IBM Int...
IBM Messaging Security - Why securing your environment is important : IBM Int...IBM Messaging Security - Why securing your environment is important : IBM Int...
IBM Messaging Security - Why securing your environment is important : IBM Int...Leif Davidsen
 

Ähnlich wie Securing your presence at the perimeter (20)

BOSNOG NAC stack 2018
BOSNOG NAC stack 2018BOSNOG NAC stack 2018
BOSNOG NAC stack 2018
 
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
Internet of Things (IoT) Security and Privacy Recommendations by Jason Living...
 
IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed
 
Chamber Technology Committee Presentation
Chamber Technology Committee PresentationChamber Technology Committee Presentation
Chamber Technology Committee Presentation
 
Technology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT SecurityTechnology & Policy Interaction Panel at Inform[ED] IoT Security
Technology & Policy Interaction Panel at Inform[ED] IoT Security
 
AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014AFAC session 2 - September 8, 2014
AFAC session 2 - September 8, 2014
 
Intrusion detection 2001
Intrusion detection 2001Intrusion detection 2001
Intrusion detection 2001
 
Protecting Your Business from Unauthorized IBM i Access
Protecting Your Business from Unauthorized IBM i AccessProtecting Your Business from Unauthorized IBM i Access
Protecting Your Business from Unauthorized IBM i Access
 
Firewall, Router and Switch Configuration Review
Firewall, Router and Switch Configuration ReviewFirewall, Router and Switch Configuration Review
Firewall, Router and Switch Configuration Review
 
Lock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM iLock it Down: Access Control for IBM i
Lock it Down: Access Control for IBM i
 
Why defensive research is sexy too.. … and a real sign of skill
Why defensive research is sexy too.. … and a real sign of skillWhy defensive research is sexy too.. … and a real sign of skill
Why defensive research is sexy too.. … and a real sign of skill
 
Understanding Zero Trust Security for IBM i
Understanding Zero Trust Security for IBM iUnderstanding Zero Trust Security for IBM i
Understanding Zero Trust Security for IBM i
 
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS NetworksLessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
Lessons Learned Fighting Modern Cyberthreats in Critical ICS Networks
 
Career Domain 2022-23.pptx
Career Domain 2022-23.pptxCareer Domain 2022-23.pptx
Career Domain 2022-23.pptx
 
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
Protect Sensitive Data on Your IBM i (Social Distance Your IBM i/AS400)
 
IoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" MythIoT Security: Debunking the "We Aren't THAT Connected" Myth
IoT Security: Debunking the "We Aren't THAT Connected" Myth
 
3433 IBM messaging security why securing your environment is important-feb2...
3433 IBM messaging security why securing your environment is important-feb2...3433 IBM messaging security why securing your environment is important-feb2...
3433 IBM messaging security why securing your environment is important-feb2...
 
IBM Messaging Security - Why securing your environment is important : IBM Int...
IBM Messaging Security - Why securing your environment is important : IBM Int...IBM Messaging Security - Why securing your environment is important : IBM Int...
IBM Messaging Security - Why securing your environment is important : IBM Int...
 
Legal issues in the cloud renzo marchini & gene landy
Legal issues in the cloud renzo marchini & gene landyLegal issues in the cloud renzo marchini & gene landy
Legal issues in the cloud renzo marchini & gene landy
 
MMPL corporate overview mail
MMPL corporate overview mailMMPL corporate overview mail
MMPL corporate overview mail
 

Mehr von Ben Rothke

Rothke effective data destruction practices
Rothke effective data destruction practicesRothke effective data destruction practices
Rothke effective data destruction practicesBen Rothke
 
Infotec 2010 Ben Rothke - social networks and information security
Infotec 2010 Ben Rothke - social networks and information security Infotec 2010 Ben Rothke - social networks and information security
Infotec 2010 Ben Rothke - social networks and information security Ben Rothke
 
Rothke stimulating your career as an information security professional
Rothke stimulating your career as an information security professionalRothke stimulating your career as an information security professional
Rothke stimulating your career as an information security professionalBen Rothke
 
Ben Rothke - Effective Data Destruction Practices
Ben Rothke - Effective Data Destruction PracticesBen Rothke - Effective Data Destruction Practices
Ben Rothke - Effective Data Destruction PracticesBen Rothke
 
Ben Rothke Getting A Handle On Wireless Security For Pci Dss Compliance
Ben Rothke Getting A Handle On Wireless Security For Pci Dss ComplianceBen Rothke Getting A Handle On Wireless Security For Pci Dss Compliance
Ben Rothke Getting A Handle On Wireless Security For Pci Dss ComplianceBen Rothke
 
Virtualization, Cloud Computing And The Pci Dss
Virtualization, Cloud Computing And The Pci DssVirtualization, Cloud Computing And The Pci Dss
Virtualization, Cloud Computing And The Pci DssBen Rothke
 
Ben Rothke RSA PK 2010
Ben Rothke RSA PK 2010Ben Rothke RSA PK 2010
Ben Rothke RSA PK 2010Ben Rothke
 
Rothke Using Kazaa To Test Your Security Posture
Rothke Using Kazaa To Test Your Security PostureRothke Using Kazaa To Test Your Security Posture
Rothke Using Kazaa To Test Your Security PostureBen Rothke
 
In Sync Network Time Ben Rothke
In Sync Network Time Ben RothkeIn Sync Network Time Ben Rothke
In Sync Network Time Ben RothkeBen Rothke
 
Rothke Securing Your Wireless Access Network
Rothke Securing Your Wireless Access NetworkRothke Securing Your Wireless Access Network
Rothke Securing Your Wireless Access NetworkBen Rothke
 
Rothke Articles
Rothke ArticlesRothke Articles
Rothke ArticlesBen Rothke
 

Mehr von Ben Rothke (11)

Rothke effective data destruction practices
Rothke effective data destruction practicesRothke effective data destruction practices
Rothke effective data destruction practices
 
Infotec 2010 Ben Rothke - social networks and information security
Infotec 2010 Ben Rothke - social networks and information security Infotec 2010 Ben Rothke - social networks and information security
Infotec 2010 Ben Rothke - social networks and information security
 
Rothke stimulating your career as an information security professional
Rothke stimulating your career as an information security professionalRothke stimulating your career as an information security professional
Rothke stimulating your career as an information security professional
 
Ben Rothke - Effective Data Destruction Practices
Ben Rothke - Effective Data Destruction PracticesBen Rothke - Effective Data Destruction Practices
Ben Rothke - Effective Data Destruction Practices
 
Ben Rothke Getting A Handle On Wireless Security For Pci Dss Compliance
Ben Rothke Getting A Handle On Wireless Security For Pci Dss ComplianceBen Rothke Getting A Handle On Wireless Security For Pci Dss Compliance
Ben Rothke Getting A Handle On Wireless Security For Pci Dss Compliance
 
Virtualization, Cloud Computing And The Pci Dss
Virtualization, Cloud Computing And The Pci DssVirtualization, Cloud Computing And The Pci Dss
Virtualization, Cloud Computing And The Pci Dss
 
Ben Rothke RSA PK 2010
Ben Rothke RSA PK 2010Ben Rothke RSA PK 2010
Ben Rothke RSA PK 2010
 
Rothke Using Kazaa To Test Your Security Posture
Rothke Using Kazaa To Test Your Security PostureRothke Using Kazaa To Test Your Security Posture
Rothke Using Kazaa To Test Your Security Posture
 
In Sync Network Time Ben Rothke
In Sync Network Time Ben RothkeIn Sync Network Time Ben Rothke
In Sync Network Time Ben Rothke
 
Rothke Securing Your Wireless Access Network
Rothke Securing Your Wireless Access NetworkRothke Securing Your Wireless Access Network
Rothke Securing Your Wireless Access Network
 
Rothke Articles
Rothke ArticlesRothke Articles
Rothke Articles
 

Kürzlich hochgeladen

WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 

Kürzlich hochgeladen (20)

WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 

Securing your presence at the perimeter

  • 1. Securing your presence at the perimeter Ben Rothke, CISSP CISA BT Global Services Senior Security Consultant
  • 2. About me…. • Ben Rothke (too many certifications) • Senior Security Consultant – British Telecom • Frequent writer and speaker • Author - Computer Security: 20 Things Every Employee Should Know BT Americas Inc. 2
  • 3. The perimeter is not necessarily dead • Firewalls and border routers are still the cornerstone for perimeter security • Always will be a place for VPNs • Attacks occur at the application layer – So ensure app security BT Professional Services 3
  • 4. But the perimeter it is getting blurred… • VPNs • complicated network connections with multiple partners – contractors, consultants – 3rd party collaboration – vendors • wireless networks • laptops • malicious insiders – worms (compromised computers can be seen as malicious insiders) BT Professional Services 4
  • 5. Ok, the perimeter is dead, the cloud proves it BT Professional Services 5
  • 6. Perimeter challenges • Determining proper firewall design • access to resources for remote users • effective monitoring and reporting • need for enhanced packet inspection • security standards compliance • long-term maintenance • ensuring attackers don’t find that single vulnerability • data leakage BT Professional Services 6
  • 7. Was your perimeter designed in 30 minutes? BT Professional Services 7
  • 8. Key points • Perimeter security is popular – cheap, convenient, somewhat effective – firewalls and IDS most common tools for network security • Firewalls and IDS fighting an uphill battle – both attackers and legitimate users struggle to avoid/evade them • Security management is a key challenge BT Professional Services 8
  • 9. Securing network perimeters • Goal is to provide adequate access without jeopardizing confidential or mission-critical areas • Elements: – firewalls, IDS, bastion host, Network Address Translation (NAT), proxy servers – combined with authentication mechanisms • Bastion host – provides Web, FTP, e-mail, or other services running on a specially secured server BT Professional Services 9
  • 10. But the firewall is not a panacea • Malicious traffic that is passed on open ports and not inspected by the firewall • any traffic that passes through an encrypted tunnel or session • attacks after a network has been penetrated • traffic that appears legitimate • users and administrators who intentionally or accidentally install viruses • administrators who use weak passwords BT Professional Services 10
  • 11. Policy is required to secure a perimeter • Firewall policies typically lists of allow or deny rules • what should the default rule be? • Default allow: – convenient since doesn’t interfere with legitimate activity • Default deny: – more secure, since every allowed use undergoes security review – if policy too restrictive, people complain and it gets fixed – if policy too permissive, only learn about it too late after an attack BT Professional Services 11
  • 12. Other policy issues • Scale – Large organizations have thousands of rules – How do you process them efficiently? – How do you know they are correct? • Ingress vs. egress filtering – Ingress: filter packets from the Internet – Egress: filter traffic to the Internet (why?) BT Professional Services 12
  • 13. Operational weaknessess • Technology – firewall rules not adequately maintained – system configurations and access not being monitored – passwords • Standards – unpatched software/firmware – no criteria for hiring outside auditors and IT pros – no consistent security assessments – production data being used for dev/QA apps BT Professional Services 13
  • 14. Start thinking about DLP • Small data leaks lead to major damage – a minor water leak… – becomes major structural damage BT Professional Services 14
  • 15. There is a lot DLP can do • Detect sensitive content in any combination of network traffic, data at rest or endpoint operations • Detect sensitive content using – sophisticated content-aware detection techniques, including partial/exact document matching, structured data fingerprinting, statistical analysis, extended regular expression matching, conceptual and lexicon analysis, and more • Support detection of sensitive data content in structured and unstructured data, using registered or described data definitions • Block email communication policy violations BT Professional Services 15
  • 16. Do you have authority over your data? • DLP enables you to finally control your data: – Identify: know where your data resides – Monitor: what is happening, who did it, when – Warning: user alerted when moving sensitive data – Prevention: unauthorized actions are thwarted – Control: only approved devices can be used – Reporting: compliance reports (SoX, PCI, HIPAA / HITECH, GLBA, Euro-SoX, and more) BT Professional Services 16
  • 17. Testing • Publicly-accessible systems – IP-hosts – all web apps – web services • Web interfaces: – routers – firewalls – email • Wireless BT Professional Services 17
  • 18. Ask lots of questions and fill up whiteboards 1. What are we doing beyond vulnerability scans to find security flaws? 2. Are we looking at all of our critical perimeter systems? 3. When are we going to get to everything else? 4. What are the results of our latest external security assessment? 5. What’s being done to resolve these issues? 6. Even if nothing is turned up, when’s our next round of testing scheduled for? 7. Have we started thinking about the data? 8. Should we consider DLP? BT Professional Services 18
  • 19. Use tools • There are myriad tools, use them judiciously – QualysGuard – WebInspect – Acunetix WVS – CommView for WiFi – Web browsers – Google – other exploit tools – Make sure your staff reads Security Strategy: From Requirements to Reality – http://amzn.to/fT2yG6 BT Professional Services 19
  • 20. Creating and maintaining a strong perimeter • Good design • updated design • built and designed by engineers – with management oversight • risk-based • business needs understood • maintained – competent staff – maintained at an adequate level BT Professional Services 20
  • 21. Contact info… • Ben Rothke, CISSP CISA • Senior Security Consultant • BT Professional Services • www.linkedin.com/in/benrothke • www.twitter.com/benrothke • www.slideshare.net/benrothke BT Professional Services 21