SlideShare ist ein Scribd-Unternehmen logo

The unprecedented state of web insecurity

Als PPT, PDF herunterladen
V
Vincent Kwon

The document summarizes security trends from IBM's X-Force research and development team. It discusses the increasing sophistication of cyber attacks, vulnerabilities in web browsers and document readers, the rise of exploit kits and malware creation tools, and challenges in keeping pace with evolving threats through rapid patching and detection techniques.

Business
1 von 63
The Unprecedented State of Web Insecurity Craig Lawson [email_address]
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],AGENDA
The mission of the IBM Internet Security Systems ™ X-Force ® research and team is to: ,[object Object],[object Object],[object Object],[object Object]
Integrated in IBM’s WW R&D ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
X-Force Vulnerability Database – We analyze them ALL ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Information Sources ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
IBM X-Force web intelligence lifecycle ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
X-Force R&D: Unmatched Security Leadership The mission of the IBM Internet Security Systems ™ X-Force ® research and development team is to: ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
But its really all about security effectiveness ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Security Effectiveness – Top Vulnerabilities of 1st Half 2010 ,[object Object],[object Object],[object Object],[object Object],[object Object]
X-Force® R&D drives IBM’s Security Innovation Solutions Protection Technology Research Threat Landscape Forecasting Malware Analysis Public Vulnerability Analysis Original Vulnerability Research Research Technology The X-Force team delivers reduced operational complexity – helping to build integrated technologies that feature “baked-in” simplification ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
VULNERABILITIES AND YOU
Disappearance of Low Hanging Fruit: Vulnerability Disclosures & Exploitation Declines ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Most Vulnerable Operating Systems ,[object Object],[object Object],[object Object]
Apple, Sun and Microsoft Top Vendor List for Disclosures ,[object Object],[object Object],[object Object],[object Object],[object Object]
Remotely Exploitable Vulnerabilities On The Rise ,[object Object],[object Object]
Patches Still Unavailable for Over Half of Vulnerabilities ,[object Object],[object Object]
2009 Attacker Motivation is to Gain Access and Manipulate Data ,[object Object],[object Object],[object Object],[object Object]
Client-Side Vulnerabilities: Document and Multimedia Vulnerabilities are on the Rise ,[object Object],[object Object]
Vulnerabilities in Document Readers Skyrocket ,[object Object],[object Object]
Malicious PDF Example
Attackers Turn to Adobe Products to Launch Exploits ,[object Object],[object Object]
Exploit Availability
…… and they are obfuscated
Browser Exploitation Prevention (BEP)
Converging the Security Platform A Holistic Security Architecture
Reasons For PAM ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Which one is larger than the rest? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Now, which one is larger than the rest? ,[object Object],[object Object],[object Object],[object Object],[object Object]
Protocol/Content Analysis at ALL Levels ,[object Object],[object Object],[object Object]
So where is the profit?
The Cybercrime Ecosystem – Going after your money Spam Tools Anonymity Hire-a-malware-coder DIY Malware Kit Dual-use RAT Malware to Worm Malware QA Anti-debugging SQL Injection Automation Drive-by-download Kit Vulnerability discovery/sale Drive-by-download Spam Delivery Exploit Updates Localization
The Economics of Attacker Exploitation ,[object Object],[object Object],[object Object],[object Object],[object Object]
Criminal Economics 101 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Exploitation Probability for Snapshot Viewer Vulnerability (2008)
Consequently...
Exploitation Probability for Microsoft IIS HTML Encoded ASP (2008) CVSS Score 10!!
Specific to 2009 ,[object Object],[object Object]
Do you have your thongs on…. Security and Spending are Unbalanced “ The cleanup cost for fixing a bug in a homegrown Web application ranges anywhere from $400 to $4,000 to repair, depending on the vulnerability and the way it's fixed.” -Darkreading.com
A closer look at the “Web” Problem
Web App Vulnerabilities Continue to Dominate ,[object Object],[object Object],[object Object]
SQL Injection SQL Injection attack Monitored by IBM ISS Managed Security Services
Web App Plug-Ins Are Vulnerable ,[object Object],[object Object]
The ILE (Injection Logic Engine) Advantage ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Are you an expert? ,[object Object],[object Object],[object Object],[object Object],A B
Real World Conclusions from Web App Assessments ,[object Object],[object Object],[object Object],[object Object]
Most Prevalent Web Application Vulnerabilities by Industry ,[object Object],[object Object],[object Object],[object Object],Note: Charts show which vulnerabilities were 50% or more likely to appear in a Web assessment for each industry
Malicious Web Links Increase by 345% ,[object Object],[object Object],[object Object]
Suspicious Web Pages and Files are on the Rise ,[object Object],[object Object],[object Object]
Websites Hosting Bad Links ,[object Object],[object Object]
Browser Exploitation Prevention (BEP) ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
The Shell Code Heuristics (SCH) Advantage ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Applications Protected by Shellcode Heuristics ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],asd mpp pps wks xlk csv mpt ppt wpd xlr doc mso pptx wri xls docx pdf pub wbk xlsx dot pot pwz wps xlt fpx ppa rtf wiz xlw
The right tools for the job?
The drive-by-download process Desktop Users Browse The Internet Malicious iframe host Web server with embedded iframe Web browser targeted Downloader installed Malware installed and activated Exploit material Served
SQL Injection Attack Tools * Automatic page-rank verification * Search engine integration for finding “vulnerable” sites * Prioritization of results based on probability for successful injection * Reverse domain name resolution * etc.
Browser Exploitation Prevention (BEP)
Popular drive-by-download exploit packs ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Malware creator kits – Shark 3 ,[object Object],[object Object],[object Object]
Trojan Creator Kits ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Conclusions ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
© Copyright IBM Corporation 2010. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, Rational, the Rational logo, Telelogic, the Telelogic logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Trademarks and disclaimers ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Empfohlen

2009 X Force Treath And Risk Wwiscop
2009 X Force Treath And Risk Wwiscop2009 X Force Treath And Risk Wwiscop
2009 X Force Treath And Risk Wwiscop
Juan Carlos Carrillo
 
Rapport X force 2014
Rapport X force 2014Rapport X force 2014
Rapport X force 2014
Patrick Bouillaud
 
What the New OWASP Top 10 2013 and Latest X-Force Report Mean for App Sec
What the New OWASP Top 10 2013 and Latest X-Force Report Mean for App SecWhat the New OWASP Top 10 2013 and Latest X-Force Report Mean for App Sec
What the New OWASP Top 10 2013 and Latest X-Force Report Mean for App Sec
IBM Security
 
Presentación AMIB Los Cabos
Presentación AMIB Los CabosPresentación AMIB Los Cabos
Presentación AMIB Los Cabos
Juan Carlos Carrillo
 
Research Article On Web Application Security
Research Article On Web Application SecurityResearch Article On Web Application Security
Research Article On Web Application Security
SaadSaif6
 
Turning the Tables on Cyber Attacks
Turning the Tables on Cyber AttacksTurning the Tables on Cyber Attacks
Turning the Tables on Cyber Attacks
- Mark - Fullbright
 
AVG Threat Report Q4 2012
AVG Threat Report Q4 2012AVG Threat Report Q4 2012
AVG Threat Report Q4 2012
AVG Technologies AU
 
VULNERABILITIES AND EXPLOITATION IN COMPUTER SYSTEM – PAST, PRESENT, AND FUTURE
VULNERABILITIES AND EXPLOITATION IN COMPUTER SYSTEM – PAST, PRESENT, AND FUTUREVULNERABILITIES AND EXPLOITATION IN COMPUTER SYSTEM – PAST, PRESENT, AND FUTURE
VULNERABILITIES AND EXPLOITATION IN COMPUTER SYSTEM – PAST, PRESENT, AND FUTURE
Nurul Haszeli Ahmad
 

Empfohlen

2009 X Force Treath And Risk Wwiscop
2009 X Force Treath And Risk Wwiscop2009 X Force Treath And Risk Wwiscop
2009 X Force Treath And Risk Wwiscop
Juan Carlos Carrillo
 
Rapport X force 2014
Rapport X force 2014Rapport X force 2014
Rapport X force 2014
Patrick Bouillaud
 
What the New OWASP Top 10 2013 and Latest X-Force Report Mean for App Sec
What the New OWASP Top 10 2013 and Latest X-Force Report Mean for App SecWhat the New OWASP Top 10 2013 and Latest X-Force Report Mean for App Sec
What the New OWASP Top 10 2013 and Latest X-Force Report Mean for App Sec
IBM Security
 
Presentación AMIB Los Cabos
Presentación AMIB Los CabosPresentación AMIB Los Cabos
Presentación AMIB Los Cabos
Juan Carlos Carrillo
 
Research Article On Web Application Security
Research Article On Web Application SecurityResearch Article On Web Application Security
Research Article On Web Application Security
SaadSaif6
 
Turning the Tables on Cyber Attacks
Turning the Tables on Cyber AttacksTurning the Tables on Cyber Attacks
Turning the Tables on Cyber Attacks
- Mark - Fullbright
 
AVG Threat Report Q4 2012
AVG Threat Report Q4 2012AVG Threat Report Q4 2012
AVG Threat Report Q4 2012
AVG Technologies AU
 
VULNERABILITIES AND EXPLOITATION IN COMPUTER SYSTEM – PAST, PRESENT, AND FUTURE
VULNERABILITIES AND EXPLOITATION IN COMPUTER SYSTEM – PAST, PRESENT, AND FUTUREVULNERABILITIES AND EXPLOITATION IN COMPUTER SYSTEM – PAST, PRESENT, AND FUTURE
VULNERABILITIES AND EXPLOITATION IN COMPUTER SYSTEM – PAST, PRESENT, AND FUTURE
Nurul Haszeli Ahmad
 
Contending Malware Threat using Hybrid Security Model
Contending Malware Threat using Hybrid Security ModelContending Malware Threat using Hybrid Security Model
Contending Malware Threat using Hybrid Security Model
IRJET Journal
 
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest MindsWhitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds
Happiest Minds Technologies
 
A survey of cloud based secured web application
A survey of cloud based secured web applicationA survey of cloud based secured web application
A survey of cloud based secured web application
IAEME Publication
 
How to tell if that pop-up window is offering you a rogue anti-malware product
How to tell if that pop-up window is offering you a rogue anti-malware productHow to tell if that pop-up window is offering you a rogue anti-malware product
How to tell if that pop-up window is offering you a rogue anti-malware product
GFI Software
 
Rational Unified Treatment for Web Application Vulnerability Assessment
Rational Unified Treatment for Web Application Vulnerability AssessmentRational Unified Treatment for Web Application Vulnerability Assessment
Rational Unified Treatment for Web Application Vulnerability Assessment
VESIT/University of Mumbai
 
CYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONS
CYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONSCYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONS
CYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONS
IAEME Publication
 
PALO ALTO -NETWORKS Application Usage & Threat Report 2014
PALO ALTO -NETWORKS Application Usage & Threat Report 2014PALO ALTO -NETWORKS Application Usage & Threat Report 2014
PALO ALTO -NETWORKS Application Usage & Threat Report 2014
Marcello Marchesini
 
Comparing vulnerability and security configuration assessment coverage of lea...
Comparing vulnerability and security configuration assessment coverage of lea...Comparing vulnerability and security configuration assessment coverage of lea...
Comparing vulnerability and security configuration assessment coverage of lea...
Principled Technologies
 
Secure Android Apps- nVisium Security
Secure Android Apps- nVisium SecuritySecure Android Apps- nVisium Security
Secure Android Apps- nVisium Security
Jack Mannino
 
Rp quarterly-threat-q1-2012
Rp quarterly-threat-q1-2012Rp quarterly-threat-q1-2012
Rp quarterly-threat-q1-2012
Комсс Файквэе
 
Mobile threat-report-mid-year-2018 en-us-1.0
Mobile threat-report-mid-year-2018 en-us-1.0Mobile threat-report-mid-year-2018 en-us-1.0
Mobile threat-report-mid-year-2018 en-us-1.0
mobileironmarketing
 
Security Firm Program - Corporate College
Security Firm Program - Corporate CollegeSecurity Firm Program - Corporate College
Security Firm Program - Corporate College
WorkSmart Integrated Marketing
 
Web Application Security Guide by Qualys 2011
Web Application Security Guide by Qualys 2011 Web Application Security Guide by Qualys 2011
Web Application Security Guide by Qualys 2011
nat page
 
Are handheld viruses a significant threat
Are handheld viruses a significant threatAre handheld viruses a significant threat
Are handheld viruses a significant threat
UltraUploader
 
P50 fahl
P50 fahlP50 fahl
P50 fahl
Комсс Файквэе
 
C3
C3C3
C3
Praveen Malisetty
 
7 Ways to Stay 7 Years Ahead of the Threat 2015
7 Ways to Stay 7 Years Ahead of the Threat 20157 Ways to Stay 7 Years Ahead of the Threat 2015
7 Ways to Stay 7 Years Ahead of the Threat 2015
IBM Security
 
APT - Project
APT - Project APT - Project
APT - Project
Dev Lavaniya
 
Smarter Eduction - Higher Education Summit 2011 - D Watt
Smarter Eduction - Higher Education Summit 2011 - D WattSmarter Eduction - Higher Education Summit 2011 - D Watt
Smarter Eduction - Higher Education Summit 2011 - D Watt
Vincent Kwon
 
Paul croft - Auckland Cloud Camp 2010
Paul croft - Auckland Cloud Camp 2010Paul croft - Auckland Cloud Camp 2010
Paul croft - Auckland Cloud Camp 2010
Vincent Kwon
 
Derek wilson - Cloud Camp 2011
Derek wilson - Cloud Camp 2011Derek wilson - Cloud Camp 2011
Derek wilson - Cloud Camp 2011
Vincent Kwon
 
Capitalising on Complexity - Ross Pearce
Capitalising on Complexity - Ross PearceCapitalising on Complexity - Ross Pearce
Capitalising on Complexity - Ross Pearce
Vincent Kwon
 

Weitere ähnliche Inhalte

Was ist angesagt?

A survey of cloud based secured web application
A survey of cloud based secured web applicationA survey of cloud based secured web application
A survey of cloud based secured web application
IAEME Publication
 
CYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONS
CYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONSCYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONS
CYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONS
IAEME Publication
 
Are handheld viruses a significant threat
Are handheld viruses a significant threatAre handheld viruses a significant threat
Are handheld viruses a significant threat
UltraUploader
 
7 Ways to Stay 7 Years Ahead of the Threat 2015
7 Ways to Stay 7 Years Ahead of the Threat 20157 Ways to Stay 7 Years Ahead of the Threat 2015
7 Ways to Stay 7 Years Ahead of the Threat 2015
IBM Security
 

Was ist angesagt? (18)

Contending Malware Threat using Hybrid Security Model
Contending Malware Threat using Hybrid Security ModelContending Malware Threat using Hybrid Security Model
Contending Malware Threat using Hybrid Security Model
 
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest MindsWhitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds
 
A survey of cloud based secured web application
A survey of cloud based secured web applicationA survey of cloud based secured web application
A survey of cloud based secured web application
 
How to tell if that pop-up window is offering you a rogue anti-malware product
How to tell if that pop-up window is offering you a rogue anti-malware productHow to tell if that pop-up window is offering you a rogue anti-malware product
How to tell if that pop-up window is offering you a rogue anti-malware product
 
Rational Unified Treatment for Web Application Vulnerability Assessment
Rational Unified Treatment for Web Application Vulnerability AssessmentRational Unified Treatment for Web Application Vulnerability Assessment
Rational Unified Treatment for Web Application Vulnerability Assessment
 
CYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONS
CYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONSCYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONS
CYBER SECURITY: A SURVEY ON ISSUES AND SOLUTIONS
 
PALO ALTO -NETWORKS Application Usage & Threat Report 2014
PALO ALTO -NETWORKS Application Usage & Threat Report 2014PALO ALTO -NETWORKS Application Usage & Threat Report 2014
PALO ALTO -NETWORKS Application Usage & Threat Report 2014
 
Comparing vulnerability and security configuration assessment coverage of lea...
Comparing vulnerability and security configuration assessment coverage of lea...Comparing vulnerability and security configuration assessment coverage of lea...
Comparing vulnerability and security configuration assessment coverage of lea...
 
Secure Android Apps- nVisium Security
Secure Android Apps- nVisium SecuritySecure Android Apps- nVisium Security
Secure Android Apps- nVisium Security
 
Rp quarterly-threat-q1-2012
Rp quarterly-threat-q1-2012Rp quarterly-threat-q1-2012
Rp quarterly-threat-q1-2012
 
Mobile threat-report-mid-year-2018 en-us-1.0
Mobile threat-report-mid-year-2018 en-us-1.0Mobile threat-report-mid-year-2018 en-us-1.0
Mobile threat-report-mid-year-2018 en-us-1.0
 
Security Firm Program - Corporate College
Security Firm Program - Corporate CollegeSecurity Firm Program - Corporate College
Security Firm Program - Corporate College
 
Web Application Security Guide by Qualys 2011
Web Application Security Guide by Qualys 2011 Web Application Security Guide by Qualys 2011
Web Application Security Guide by Qualys 2011
 
Are handheld viruses a significant threat
Are handheld viruses a significant threatAre handheld viruses a significant threat
Are handheld viruses a significant threat
 
P50 fahl
P50 fahlP50 fahl
P50 fahl
 
C3
C3C3
C3
 
7 Ways to Stay 7 Years Ahead of the Threat 2015
7 Ways to Stay 7 Years Ahead of the Threat 20157 Ways to Stay 7 Years Ahead of the Threat 2015
7 Ways to Stay 7 Years Ahead of the Threat 2015
 
APT - Project
APT - Project APT - Project
APT - Project
 

Andere mochten auch

Paul croft - Auckland Cloud Camp 2010
Paul croft - Auckland Cloud Camp 2010Paul croft - Auckland Cloud Camp 2010
Paul croft - Auckland Cloud Camp 2010
Vincent Kwon
 
Derek wilson - Cloud Camp 2011
Derek wilson - Cloud Camp 2011Derek wilson - Cloud Camp 2011
Derek wilson - Cloud Camp 2011
Vincent Kwon
 
Capitalising on Complexity - Ross Pearce
Capitalising on Complexity - Ross PearceCapitalising on Complexity - Ross Pearce
Capitalising on Complexity - Ross Pearce
Vincent Kwon
 

Andere mochten auch (8)

Smarter Eduction - Higher Education Summit 2011 - D Watt
Smarter Eduction - Higher Education Summit 2011 - D WattSmarter Eduction - Higher Education Summit 2011 - D Watt
Smarter Eduction - Higher Education Summit 2011 - D Watt
 
Paul croft - Auckland Cloud Camp 2010
Paul croft - Auckland Cloud Camp 2010Paul croft - Auckland Cloud Camp 2010
Paul croft - Auckland Cloud Camp 2010
 
Derek wilson - Cloud Camp 2011
Derek wilson - Cloud Camp 2011Derek wilson - Cloud Camp 2011
Derek wilson - Cloud Camp 2011
 
Capitalising on Complexity - Ross Pearce
Capitalising on Complexity - Ross PearceCapitalising on Complexity - Ross Pearce
Capitalising on Complexity - Ross Pearce
 
Security solutions for a smarter planet
Security solutions for a smarter planetSecurity solutions for a smarter planet
Security solutions for a smarter planet
 
Touch Point Wheel - 3 FEB 2011
Touch Point Wheel - 3 FEB 2011Touch Point Wheel - 3 FEB 2011
Touch Point Wheel - 3 FEB 2011
 
Buyer Persona - Key to B2B Marketing Success
Buyer Persona - Key to B2B Marketing SuccessBuyer Persona - Key to B2B Marketing Success
Buyer Persona - Key to B2B Marketing Success
 
Touchpoints: a Customer Experience Story | MCorp Consulting
Touchpoints: a Customer Experience Story | MCorp ConsultingTouchpoints: a Customer Experience Story | MCorp Consulting
Touchpoints: a Customer Experience Story | MCorp Consulting
 

Ähnlich wie The unprecedented state of web insecurity

Key Strategies to Address Rising Application Risk in Your Enterprise
Key Strategies to Address Rising Application Risk in Your EnterpriseKey Strategies to Address Rising Application Risk in Your Enterprise
Key Strategies to Address Rising Application Risk in Your Enterprise
Lumension
 
Kaseya Connect 2011 - Malwarebytes - Marcin Kleczynski
Kaseya Connect 2011 - Malwarebytes - Marcin KleczynskiKaseya Connect 2011 - Malwarebytes - Marcin Kleczynski
Kaseya Connect 2011 - Malwarebytes - Marcin Kleczynski
Kaseya
 
Factors Affecting The Threat Agent Involved
Factors Affecting The Threat Agent InvolvedFactors Affecting The Threat Agent Involved
Factors Affecting The Threat Agent Involved
Jennifer Campbell
 
Symantec intelligence report august 2015
Symantec intelligence report august 2015Symantec intelligence report august 2015
Symantec intelligence report august 2015
Symantec
 

Ähnlich wie The unprecedented state of web insecurity (20)

Web Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging ThreatsWeb Application Testing for Today’s Biggest and Emerging Threats
Web Application Testing for Today’s Biggest and Emerging Threats
 
Presentation gdl
Presentation gdlPresentation gdl
Presentation gdl
 
Research challenges and issues in web security
Research challenges and issues in web securityResearch challenges and issues in web security
Research challenges and issues in web security
 
Key Strategies to Address Rising Application Risk in Your Enterprise
Key Strategies to Address Rising Application Risk in Your EnterpriseKey Strategies to Address Rising Application Risk in Your Enterprise
Key Strategies to Address Rising Application Risk in Your Enterprise
 
It's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint SecurityIt's Your Move: The Changing Game of Endpoint Security
It's Your Move: The Changing Game of Endpoint Security
 
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
 
The CISO Problems Risk Compliance Management in a Software Development 030420...
The CISO Problems Risk Compliance Management in a Software Development 030420...The CISO Problems Risk Compliance Management in a Software Development 030420...
The CISO Problems Risk Compliance Management in a Software Development 030420...
 
2016 Trends in Security
2016 Trends in Security 2016 Trends in Security
2016 Trends in Security
 
En msft-scrty-cntnt-e book-cybersecurity
En msft-scrty-cntnt-e book-cybersecurityEn msft-scrty-cntnt-e book-cybersecurity
En msft-scrty-cntnt-e book-cybersecurity
 
Forcepoint Advanced Malware Detection
Forcepoint Advanced Malware DetectionForcepoint Advanced Malware Detection
Forcepoint Advanced Malware Detection
 
How Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software VulnerabilitiesHow Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software Vulnerabilities
 
The Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day RealityThe Role of Application Control in a Zero-Day Reality
The Role of Application Control in a Zero-Day Reality
 
Protect Yourself Against Today's Cybercriminals and Hackers
Protect Yourself Against Today's Cybercriminals and HackersProtect Yourself Against Today's Cybercriminals and Hackers
Protect Yourself Against Today's Cybercriminals and Hackers
 
Realities of Security in the Cloud
Realities of Security in the CloudRealities of Security in the Cloud
Realities of Security in the Cloud
 
FireEye Use Cases — FireEye Solution Deployment Experience
FireEye Use Cases — FireEye Solution Deployment ExperienceFireEye Use Cases — FireEye Solution Deployment Experience
FireEye Use Cases — FireEye Solution Deployment Experience
 
Kaseya Connect 2011 - Malwarebytes - Marcin Kleczynski
Kaseya Connect 2011 - Malwarebytes - Marcin KleczynskiKaseya Connect 2011 - Malwarebytes - Marcin Kleczynski
Kaseya Connect 2011 - Malwarebytes - Marcin Kleczynski
 
Factors Affecting The Threat Agent Involved
Factors Affecting The Threat Agent InvolvedFactors Affecting The Threat Agent Involved
Factors Affecting The Threat Agent Involved
 
Audit and security application
Audit and security applicationAudit and security application
Audit and security application
 
Symantec intelligence report august 2015
Symantec intelligence report august 2015Symantec intelligence report august 2015
Symantec intelligence report august 2015
 
C Overflows Vulnerabilities Exploit Taxonomy And Evaluation on Static Analysi...
C Overflows Vulnerabilities Exploit Taxonomy And Evaluation on Static Analysi...C Overflows Vulnerabilities Exploit Taxonomy And Evaluation on Static Analysi...
C Overflows Vulnerabilities Exploit Taxonomy And Evaluation on Static Analysi...
 

Mehr von Vincent Kwon

Turn data into intelligence: Uncover insights. Take action
Turn data into intelligence: Uncover insights. Take actionTurn data into intelligence: Uncover insights. Take action
Turn data into intelligence: Uncover insights. Take action
Vincent Kwon
 
Keynote intelligence, innovation & best practice
Keynote intelligence, innovation & best practiceKeynote intelligence, innovation & best practice
Keynote intelligence, innovation & best practice
Vincent Kwon
 
It optimisation & virtualisation
It optimisation & virtualisationIt optimisation & virtualisation
It optimisation & virtualisation
Vincent Kwon
 
Enhanced business performance
Enhanced business performanceEnhanced business performance
Enhanced business performance
Vincent Kwon
 
Drive business performance with information analytics
Drive business performance with information analyticsDrive business performance with information analytics
Drive business performance with information analytics
Vincent Kwon
 
Don't risk it presentation
Don't risk it presentationDon't risk it presentation
Don't risk it presentation
Vincent Kwon
 
Cloud computing (2)
Cloud computing (2)Cloud computing (2)
Cloud computing (2)
Vincent Kwon
 
Acclerating jounrey to cloud computing
Acclerating jounrey to cloud computingAcclerating jounrey to cloud computing
Acclerating jounrey to cloud computing
Vincent Kwon
 

Mehr von Vincent Kwon (20)

IBM Maximo for Utilities
IBM Maximo for UtilitiesIBM Maximo for Utilities
IBM Maximo for Utilities
 
IBM 'After 5' Session - IBM System X
IBM 'After 5' Session - IBM System XIBM 'After 5' Session - IBM System X
IBM 'After 5' Session - IBM System X
 
VMWare Sponsor Presentation: Accelerating the journey to cloud
VMWare Sponsor Presentation: Accelerating the journey to cloudVMWare Sponsor Presentation: Accelerating the journey to cloud
VMWare Sponsor Presentation: Accelerating the journey to cloud
 
Turn data into intelligence: Uncover insights. Take action
Turn data into intelligence: Uncover insights. Take actionTurn data into intelligence: Uncover insights. Take action
Turn data into intelligence: Uncover insights. Take action
 
Keynote intelligence, innovation & best practice
Keynote intelligence, innovation & best practiceKeynote intelligence, innovation & best practice
Keynote intelligence, innovation & best practice
 
It optimisation & virtualisation
It optimisation & virtualisationIt optimisation & virtualisation
It optimisation & virtualisation
 
Enhanced business performance
Enhanced business performanceEnhanced business performance
Enhanced business performance
 
Drive business performance with information analytics
Drive business performance with information analyticsDrive business performance with information analytics
Drive business performance with information analytics
 
Don't risk it presentation
Don't risk it presentationDon't risk it presentation
Don't risk it presentation
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud computing (2)
Cloud computing (2)Cloud computing (2)
Cloud computing (2)
 
Acclerating jounrey to cloud computing
Acclerating jounrey to cloud computingAcclerating jounrey to cloud computing
Acclerating jounrey to cloud computing
 
Gen-i: Business Continuity considering reputation, security and virtualisation
Gen-i: Business Continuity considering reputation, security and virtualisationGen-i: Business Continuity considering reputation, security and virtualisation
Gen-i: Business Continuity considering reputation, security and virtualisation
 
Wellington Business Keynote - Paul Callaghan
Wellington Business Keynote - Paul CallaghanWellington Business Keynote - Paul Callaghan
Wellington Business Keynote - Paul Callaghan
 
VMware vSphere 4.0: The best platform for business applications
VMware vSphere 4.0: The best platform for business applicationsVMware vSphere 4.0: The best platform for business applications
VMware vSphere 4.0: The best platform for business applications
 
WebSphere BlueWorks - how to build your business process models using free IB...
WebSphere BlueWorks - how to build your business process models using free IB...WebSphere BlueWorks - how to build your business process models using free IB...
WebSphere BlueWorks - how to build your business process models using free IB...
 
Utility AP - Best Practice, out of the box with Maximo Asset Management
Utility AP - Best Practice, out of the box with Maximo Asset ManagementUtility AP - Best Practice, out of the box with Maximo Asset Management
Utility AP - Best Practice, out of the box with Maximo Asset Management
 
SolNet - Ministry of Health: Cancer Registry Solution
SolNet - Ministry of Health: Cancer Registry SolutionSolNet - Ministry of Health: Cancer Registry Solution
SolNet - Ministry of Health: Cancer Registry Solution
 
New Zealand Premiere! A first look at Rational Insight
New Zealand Premiere! A first look at Rational InsightNew Zealand Premiere! A first look at Rational Insight
New Zealand Premiere! A first look at Rational Insight
 
Open systems Specialists: XiV Storage Reinvented
Open systems Specialists: XiV Storage ReinventedOpen systems Specialists: XiV Storage Reinvented
Open systems Specialists: XiV Storage Reinvented
 

Kürzlich hochgeladen

The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
Aggregage
 
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
lizamodels9
 
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
amitlee9823
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
lizamodels9
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
dlhescort
 
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Anamikakaur10
 
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Sheetaleventcompany
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
ritikaroy0888
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentation
uneakwhite
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
dollysharma2066
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usage
Matteo Carbone
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
amitlee9823
 

Kürzlich hochgeladen (20)

The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
 
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
 
Organizational Transformation Lead with Culture
Organizational Transformation Lead with CultureOrganizational Transformation Lead with Culture
Organizational Transformation Lead with Culture
 
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
Nelamangala Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore...
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMAN
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
 
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
Call Girls in Delhi, Escort Service Available 24x7 in Delhi 959961-/-3876
 
Falcon Invoice Discounting platform in india
Falcon Invoice Discounting platform in indiaFalcon Invoice Discounting platform in india
Falcon Invoice Discounting platform in india
 
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
Call Now ☎️🔝 9332606886🔝 Call Girls ❤ Service In Bhilwara Female Escorts Serv...
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League City
 
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
 
Phases of Negotiation .pptx
Phases of Negotiation .pptx Phases of Negotiation .pptx
Phases of Negotiation .pptx
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
 
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdfDr. Admir Softic_ presentation_Green Club_ENG.pdf
Dr. Admir Softic_ presentation_Green Club_ENG.pdf
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Century
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentation
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
Insurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usageInsurers' journeys to build a mastery in the IoT usage
Insurers' journeys to build a mastery in the IoT usage
 
Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1Katrina Personal Brand Project and portfolio 1
Katrina Personal Brand Project and portfolio 1
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
 

The unprecedented state of web insecurity