Title: CyberSecurity with OpenSource.
In the talk Sergio will demonstrate that you do not need a big budget to protect you organization.
OpenSource can be the ansawer to reduce the risk of a cyberattack. Firewalls, IDS, Network Monitoring, traing a testing resources are some of the topics on this talk. This time Sérgio promizes that he will not bring a cat photo!
2. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
ABOUT ME
Sérgio Silva
ssilva@cybersec.pt
I used to work for the government
I founded CyberSec, so that i could be a
CEO on Linkedin
3. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
ABOUT ME
You can find me on main Social Networks
4. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
DISCLAIMER
SPECIALLY FOR THIS EVENT, I HAVE MADE A ENGLISH
CRASH COURSE
5. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
WHY OPENSOURCE ?
WHY SHOULD YOU PROTECT YOUR ORGANIZATION
WITH OPENSOURCE ?
FREEDOM OF CHOICE
FREEDOM TO CHANGE SOURCE CODE
FREEDOM TO CHECK SOURCE CODE
SUPPORT OF THE COMMUNITY
ONE SOLUTION MANY CLIENTS
IT´S SEXY ( GEEK TALK )
6. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
WHY OPENSOURCE ?
WHY SHOULD YOU NOT PROTECT YOUR
ORGANIZATION WITH OPENSOURCE ?
BECAUSE IF YOU USE OPEN SOURCE THERE IS NO ONE
TO BLAME !
7. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
LET´S BEGIN
CYBER ATTACKS
BEFORE
DURING
AFTER
8. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
BEFORE ATTACK
WE MUST BE PREPARED
• VULNERABILITY ASSESSMENT
• PEN TESTING
• TRAINING
• DEFENCE MECHANISM
9. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
OSINT YOUR ORGANIZATION
10. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
OSINT YOUR ORGANIZATION
11. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
NETWORK SCANNER
12. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
VULNERABILITY ASSESSMENT
13. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
PEN TESTING
ZED
ATTACK
PROXY
14. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
BREACH AND ATTACK SIMULATION
15. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
OPEN-SOURCE PHISHING FRAMEWORK
16. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
REQUIREMENTS
17. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
BUT... NO MONEY
18. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
DO NOT FEAR … OPEN SOURCE IS HERE
19. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
SECURITY ONION
20. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
ELASTICSEARCH, LOGSTASH, KIBANA, SNORT,
SURICATA, BRO, WAZUH, SGUIL, SQUERT,
NETWORKMINER
ALL INSIDE
21. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
VERY HARD TO INSTALL ( NOT )
22. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
GDPR
DEPENDING ON THE CIRCUMSTANCES,
AN EFFECTIVE AND APPROPRIATE
ENCRYPTION SOLUTION CAN ALSO BE
A MEANS OF DEMONSTRATING
COMPLIANCE WITH THE SECURITY
REQUIREMENTS OF THE GDPR
23. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
ENCRYPTION SOLUTION
24. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
GDPR - Privacy Impact Assessment
The instrument for a privacy impact assessment
(PIA) or data protection impact assessment (DPIA)
was introduced with the General Data Protection
Regulation (Art. 35 of the GDPR). This refers to the
obligation of the controller to conduct an impact
assessment and to document it before starting the
intended data processing.
25. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
GDPR - Privacy Impact Assessment
26. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
GDPR - Privacy Impact Assessment
27. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
GDPR - Privacy Impact Assessment
28. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
GDPR - Privacy Impact Assessment
29. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
Forensic tools
THE SIFT WORKSTATION IS
A GROUP OF FREE OPEN-
SOURCE INCIDENT
RESPONSE AND FORENSIC
TOOLS DESIGNED TO
PERFORM DETAILED
DIGITAL FORENSIC
EXAMINATIONS IN A
VARIETY OF SETTINGS
30. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
CONCLUSIONS
YOU CAN USE OPENSOURCE TO PROTECT YOUR
ORGANIZATION;
THERE ARE OPENSOURCE SOLUTIONS FOR EVERY STAGES
OF AN CYBERATTACK;
YOU DON´T NEED TO SPEND A LOT OF MONEY;
MY ENGLISH IS VERY BAD.
31. CY3C29 – WHITE HAT HACKINGCYBERSECURITY WITH OPENSOURCE
THANKYOU