Title: CyberSecurity with OpenSource. In the talk Sergio will demonstrate that you do not need a big budget to protect you organization. OpenSource can be the ansawer to reduce the risk of a cyberattack. Firewalls, IDS, Network Monitoring, traing a testing resources are some of the topics on this talk. This time Sérgio promizes that he will not bring a cat photo!

1. HACKING PARA PME´S
CYBERSECURITY WITH OPENSOURCE
WWW.CYBERS3C.PT

2. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
ABOUT ME
Sérgio Silva
ssilva@cybersec.pt
I used to work for the government
I founded CyberSec, so that i could be a
CEO on Linkedin

3. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
ABOUT ME
You can find me on main Social Networks

4. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
DISCLAIMER
SPECIALLY FOR THIS EVENT, I HAVE MADE A ENGLISH
CRASH COURSE

5. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
WHY OPENSOURCE ?
WHY SHOULD YOU PROTECT YOUR ORGANIZATION
WITH OPENSOURCE ?
FREEDOM OF CHOICE
FREEDOM TO CHANGE SOURCE CODE
FREEDOM TO CHECK SOURCE CODE
SUPPORT OF THE COMMUNITY
ONE SOLUTION MANY CLIENTS
IT´S SEXY ( GEEK TALK )

6. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
WHY OPENSOURCE ?
WHY SHOULD YOU NOT PROTECT YOUR
ORGANIZATION WITH OPENSOURCE ?
BECAUSE IF YOU USE OPEN SOURCE THERE IS NO ONE
TO BLAME !

7. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
LET´S BEGIN
CYBER ATTACKS
BEFORE
DURING
AFTER

8. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
BEFORE ATTACK
WE MUST BE PREPARED
• VULNERABILITY ASSESSMENT
• PEN TESTING
• TRAINING
• DEFENCE MECHANISM

9. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
OSINT YOUR ORGANIZATION

10. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
OSINT YOUR ORGANIZATION

11. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
NETWORK SCANNER

12. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
VULNERABILITY ASSESSMENT

13. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
PEN TESTING
ZED
ATTACK
PROXY

14. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
BREACH AND ATTACK SIMULATION

15. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
OPEN-SOURCE PHISHING FRAMEWORK

16. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
REQUIREMENTS

17. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
BUT... NO MONEY

18. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
DO NOT FEAR … OPEN SOURCE IS HERE

19. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
SECURITY ONION

20. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
ELASTICSEARCH, LOGSTASH, KIBANA, SNORT,
SURICATA, BRO, WAZUH, SGUIL, SQUERT,
NETWORKMINER
ALL INSIDE

21. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
VERY HARD TO INSTALL ( NOT )

22. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
GDPR
DEPENDING ON THE CIRCUMSTANCES,
AN EFFECTIVE AND APPROPRIATE
ENCRYPTION SOLUTION CAN ALSO BE
A MEANS OF DEMONSTRATING
COMPLIANCE WITH THE SECURITY
REQUIREMENTS OF THE GDPR

23. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
ENCRYPTION SOLUTION

24. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
GDPR - Privacy Impact Assessment
The instrument for a privacy impact assessment
(PIA) or data protection impact assessment (DPIA)
was introduced with the General Data Protection
Regulation (Art. 35 of the GDPR). This refers to the
obligation of the controller to conduct an impact
assessment and to document it before starting the
intended data processing.

25. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
GDPR - Privacy Impact Assessment

26. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
GDPR - Privacy Impact Assessment

27. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
GDPR - Privacy Impact Assessment

28. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
GDPR - Privacy Impact Assessment

29. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
Forensic tools
THE SIFT WORKSTATION IS
A GROUP OF FREE OPEN-
SOURCE INCIDENT
RESPONSE AND FORENSIC
TOOLS DESIGNED TO
PERFORM DETAILED
DIGITAL FORENSIC
EXAMINATIONS IN A
VARIETY OF SETTINGS

30. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
CONCLUSIONS
YOU CAN USE OPENSOURCE TO PROTECT YOUR
ORGANIZATION;
THERE ARE OPENSOURCE SOLUTIONS FOR EVERY STAGES
OF AN CYBERATTACK;
YOU DON´T NEED TO SPEND A LOT OF MONEY;
MY ENGLISH IS VERY BAD.

31. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
THANKYOU