SlideShare ist ein Scribd-Unternehmen logo

nullcon 2011 - Protect infrastructure of protect information – Lessons from Wikileaks

Als PPT, PDF herunterladen
n|u - The Open Security Community
n|u - The Open Security Community

Protect infrastructure of protect information – Lessons from Wikileaks by Vishal Gupta

Technologie
1 von 14
 
Question : Why do F1 cars have the biggest brakes ? Answer : Because they need to go the fastest.
Protect Infrastructure or protect information ?? Lessons from Wikileaks Presentation at NullCon 2011, Goa Vishal Gupta Seclore
Information exchange in the collaborative world Information is exchanged between Employees of the organisation Enterprise CUSTOMERS VENDORS Information is exchanged between employees & vendors & employees & customers What happens if an employee with privileged access leaves to join a competitor ? What happens if information shared with a vendor is lost by the vendor ? VPN SSL UTM Firewall … TELEMARKETER Competitors Firewalls
The compromise ... Increasing risks of systems and data Decreasing availability of systems and data Data Center Enterprise + Partners Enterprise The world Decreasing control and protection over data
Underlying Issues ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
The Result
Information lifecycle … Create Store Transmit & collaborate Use Archive & Backup Delete DLP Anti-virus Anti-… Hard disk encryption SSL UTM Application security IDM DLP Vaults Digital shredders Heterogeneous policies … Heterogeneous infrastructure Security NTFS Desktops Laptops Mobile devices Removable media Email Content Management Online workspaces Remote desktops Shared folders Removable media Instant Messaging Desktops Laptops Mobile devices Archive Backup Document retention
Unstructured information security Option 1 : Control Distribution . . . Security Collaboration
Unstructured information security Option 2 : Control Usage . . . Security Collaboration Right Location Right Time Right Action Right Person
Information Rights Management ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],IRM systems allow enterprises to define , implement & audit information usage “policies”. A “policy” defines : Policies are persistent with data, dynamic & audit-able
Lessons from Wikileaks Content is King security supposed to be like ‘ s security 1 Thou shall focus on protecting the information … because no “wall” is too high 3 Thou shall listen to dad & not watch TV beyond 7 pm 2
About … Seclore is a high growth information security product company focused on providing Security without compromising collaboration Seclore’s flagship product Seclore FileSecure is used by More than 1 million users & some of the largest enterprises
Contact Vishal Gupta +91-22-4015-5252 www.seclore.com

Empfohlen

What is IRM? bright talk
What is IRM? bright talkWhat is IRM? bright talk
What is IRM? bright talkritupande
 
Email encryption plus | Seclore
Email encryption plus | SecloreEmail encryption plus | Seclore
Email encryption plus | SecloreSeclore
 
Email Security Solutions | Seclore
Email Security Solutions | SecloreEmail Security Solutions | Seclore
Email Security Solutions | SecloreSeclore
 
Securing IBM ECM with Rights Management
Securing IBM ECM with Rights ManagementSecuring IBM ECM with Rights Management
Securing IBM ECM with Rights ManagementSeclore
 
GDPR Compliance & Data-Centric Security | Seclore
GDPR Compliance & Data-Centric Security | SecloreGDPR Compliance & Data-Centric Security | Seclore
GDPR Compliance & Data-Centric Security | SecloreSeclore
 
Security Myths Surrounding Microsoft Information Protection
Security Myths Surrounding Microsoft Information ProtectionSecurity Myths Surrounding Microsoft Information Protection
Security Myths Surrounding Microsoft Information ProtectionSeclore
 
Seclore For Spirion Data Classification | Seclore
Seclore For Spirion Data Classification | SecloreSeclore For Spirion Data Classification | Seclore
Seclore For Spirion Data Classification | SecloreSeclore
 
NIST Compliance & Data Centric Security
NIST Compliance & Data Centric Security NIST Compliance & Data Centric Security
NIST Compliance & Data Centric Security Seclore
 

Empfohlen

What is IRM? bright talk
What is IRM? bright talkWhat is IRM? bright talk
What is IRM? bright talkritupande
 
Email encryption plus | Seclore
Email encryption plus | SecloreEmail encryption plus | Seclore
Email encryption plus | SecloreSeclore
 
Email Security Solutions | Seclore
Email Security Solutions | SecloreEmail Security Solutions | Seclore
Email Security Solutions | SecloreSeclore
 
Securing IBM ECM with Rights Management
Securing IBM ECM with Rights ManagementSecuring IBM ECM with Rights Management
Securing IBM ECM with Rights ManagementSeclore
 
GDPR Compliance & Data-Centric Security | Seclore
GDPR Compliance & Data-Centric Security | SecloreGDPR Compliance & Data-Centric Security | Seclore
GDPR Compliance & Data-Centric Security | SecloreSeclore
 
Security Myths Surrounding Microsoft Information Protection
Security Myths Surrounding Microsoft Information ProtectionSecurity Myths Surrounding Microsoft Information Protection
Security Myths Surrounding Microsoft Information ProtectionSeclore
 
Seclore For Spirion Data Classification | Seclore
Seclore For Spirion Data Classification | SecloreSeclore For Spirion Data Classification | Seclore
Seclore For Spirion Data Classification | SecloreSeclore
 
NIST Compliance & Data Centric Security
NIST Compliance & Data Centric Security NIST Compliance & Data Centric Security
NIST Compliance & Data Centric Security Seclore
 
Seclore For Microsoft 365 | Seclore
Seclore For Microsoft 365 | SecloreSeclore For Microsoft 365 | Seclore
Seclore For Microsoft 365 | SecloreSeclore
 
Inbound Data Protection
Inbound Data ProtectionInbound Data Protection
Inbound Data ProtectionSeclore
 
Cloud Security is not equal to Cloud Data Security
Cloud Security is not equal to Cloud Data SecurityCloud Security is not equal to Cloud Data Security
Cloud Security is not equal to Cloud Data SecuritySeclore
 
DLP Solutions Protection | Seclore
DLP Solutions Protection | SecloreDLP Solutions Protection | Seclore
DLP Solutions Protection | SecloreSeclore
 
Data-Centric Security | Seclore
Data-Centric Security | Seclore Data-Centric Security | Seclore
Data-Centric Security | Seclore Seclore
 
Seclore Decrypter For Email
Seclore Decrypter For EmailSeclore Decrypter For Email
Seclore Decrypter For EmailSeclore
 
Bring Your Own Encryption | Seclore
Bring Your Own Encryption | SecloreBring Your Own Encryption | Seclore
Bring Your Own Encryption | SecloreSeclore
 
NIAP Compliance & Data-Centric Security
NIAP Compliance & Data-Centric SecurityNIAP Compliance & Data-Centric Security
NIAP Compliance & Data-Centric SecuritySeclore
 
One click protection in microsoft office
One click protection in microsoft officeOne click protection in microsoft office
One click protection in microsoft officeSeclore
 
Seclore for Titus
Seclore for TitusSeclore for Titus
Seclore for TitusSeclore
 
Securing MS SharePoint with IRM
Securing MS SharePoint with IRMSecuring MS SharePoint with IRM
Securing MS SharePoint with IRMSeclore
 
Data Governance Solutions With Seclore and Stash
Data Governance Solutions With Seclore and StashData Governance Solutions With Seclore and Stash
Data Governance Solutions With Seclore and StashSeclore
 
Securing application data | Seclore
Securing application data | SecloreSecuring application data | Seclore
Securing application data | SecloreSeclore
 
Five Key Trends for Data-Centric Security
Five Key Trends for Data-Centric SecurityFive Key Trends for Data-Centric Security
Five Key Trends for Data-Centric SecuritySeclore
 
Application Data Security | Seclore
Application Data Security | SecloreApplication Data Security | Seclore
Application Data Security | SecloreSeclore
 
Benefits of automating data protection | Seclore
Benefits of automating data protection | SecloreBenefits of automating data protection | Seclore
Benefits of automating data protection | SecloreSeclore
 
Seclore For Microsoft’s Sensitivity Labels
Seclore For Microsoft’s Sensitivity LabelsSeclore For Microsoft’s Sensitivity Labels
Seclore For Microsoft’s Sensitivity LabelsSeclore
 
Seclore for Forcepoint DLP
Seclore for Forcepoint DLPSeclore for Forcepoint DLP
Seclore for Forcepoint DLPSeclore
 
Data Security For Pharmaceutical Industry
Data Security For Pharmaceutical IndustryData Security For Pharmaceutical Industry
Data Security For Pharmaceutical IndustrySeclore
 
Securing Remote Workforce | Seclore
Securing Remote Workforce | SecloreSecuring Remote Workforce | Seclore
Securing Remote Workforce | SecloreSeclore
 
What Is Irm
What Is IrmWhat Is Irm
What Is Irmvickyrangani
 
Seclore File Secure Introduction Brief
Seclore File Secure Introduction BriefSeclore File Secure Introduction Brief
Seclore File Secure Introduction BriefNováccent
 

Weitere ähnliche Inhalte

Was ist angesagt?

Seclore For Microsoft 365 | Seclore
Seclore For Microsoft 365 | SecloreSeclore For Microsoft 365 | Seclore
Seclore For Microsoft 365 | SecloreSeclore
 
Inbound Data Protection
Inbound Data ProtectionInbound Data Protection
Inbound Data ProtectionSeclore
 
Cloud Security is not equal to Cloud Data Security
Cloud Security is not equal to Cloud Data SecurityCloud Security is not equal to Cloud Data Security
Cloud Security is not equal to Cloud Data SecuritySeclore
 
DLP Solutions Protection | Seclore
DLP Solutions Protection | SecloreDLP Solutions Protection | Seclore
DLP Solutions Protection | SecloreSeclore
 
Data-Centric Security | Seclore
Data-Centric Security | Seclore Data-Centric Security | Seclore
Data-Centric Security | Seclore Seclore
 
Seclore Decrypter For Email
Seclore Decrypter For EmailSeclore Decrypter For Email
Seclore Decrypter For EmailSeclore
 
Bring Your Own Encryption | Seclore
Bring Your Own Encryption | SecloreBring Your Own Encryption | Seclore
Bring Your Own Encryption | SecloreSeclore
 
NIAP Compliance & Data-Centric Security
NIAP Compliance & Data-Centric SecurityNIAP Compliance & Data-Centric Security
NIAP Compliance & Data-Centric SecuritySeclore
 
One click protection in microsoft office
One click protection in microsoft officeOne click protection in microsoft office
One click protection in microsoft officeSeclore
 
Seclore for Titus
Seclore for TitusSeclore for Titus
Seclore for TitusSeclore
 
Securing MS SharePoint with IRM
Securing MS SharePoint with IRMSecuring MS SharePoint with IRM
Securing MS SharePoint with IRMSeclore
 
Data Governance Solutions With Seclore and Stash
Data Governance Solutions With Seclore and StashData Governance Solutions With Seclore and Stash
Data Governance Solutions With Seclore and StashSeclore
 
Securing application data | Seclore
Securing application data | SecloreSecuring application data | Seclore
Securing application data | SecloreSeclore
 
Five Key Trends for Data-Centric Security
Five Key Trends for Data-Centric SecurityFive Key Trends for Data-Centric Security
Five Key Trends for Data-Centric SecuritySeclore
 
Application Data Security | Seclore
Application Data Security | SecloreApplication Data Security | Seclore
Application Data Security | SecloreSeclore
 
Benefits of automating data protection | Seclore
Benefits of automating data protection | SecloreBenefits of automating data protection | Seclore
Benefits of automating data protection | SecloreSeclore
 
Seclore For Microsoft’s Sensitivity Labels
Seclore For Microsoft’s Sensitivity LabelsSeclore For Microsoft’s Sensitivity Labels
Seclore For Microsoft’s Sensitivity LabelsSeclore
 
Seclore for Forcepoint DLP
Seclore for Forcepoint DLPSeclore for Forcepoint DLP
Seclore for Forcepoint DLPSeclore
 
Data Security For Pharmaceutical Industry
Data Security For Pharmaceutical IndustryData Security For Pharmaceutical Industry
Data Security For Pharmaceutical IndustrySeclore
 
Securing Remote Workforce | Seclore
Securing Remote Workforce | SecloreSecuring Remote Workforce | Seclore
Securing Remote Workforce | SecloreSeclore
 

Was ist angesagt? (20)

Seclore For Microsoft 365 | Seclore
Seclore For Microsoft 365 | SecloreSeclore For Microsoft 365 | Seclore
Seclore For Microsoft 365 | Seclore
 
Inbound Data Protection
Inbound Data ProtectionInbound Data Protection
Inbound Data Protection
 
Cloud Security is not equal to Cloud Data Security
Cloud Security is not equal to Cloud Data SecurityCloud Security is not equal to Cloud Data Security
Cloud Security is not equal to Cloud Data Security
 
DLP Solutions Protection | Seclore
DLP Solutions Protection | SecloreDLP Solutions Protection | Seclore
DLP Solutions Protection | Seclore
 
Data-Centric Security | Seclore
Data-Centric Security | Seclore Data-Centric Security | Seclore
Data-Centric Security | Seclore
 
Seclore Decrypter For Email
Seclore Decrypter For EmailSeclore Decrypter For Email
Seclore Decrypter For Email
 
Bring Your Own Encryption | Seclore
Bring Your Own Encryption | SecloreBring Your Own Encryption | Seclore
Bring Your Own Encryption | Seclore
 
NIAP Compliance & Data-Centric Security
NIAP Compliance & Data-Centric SecurityNIAP Compliance & Data-Centric Security
NIAP Compliance & Data-Centric Security
 
One click protection in microsoft office
One click protection in microsoft officeOne click protection in microsoft office
One click protection in microsoft office
 
Seclore for Titus
Seclore for TitusSeclore for Titus
Seclore for Titus
 
Securing MS SharePoint with IRM
Securing MS SharePoint with IRMSecuring MS SharePoint with IRM
Securing MS SharePoint with IRM
 
Data Governance Solutions With Seclore and Stash
Data Governance Solutions With Seclore and StashData Governance Solutions With Seclore and Stash
Data Governance Solutions With Seclore and Stash
 
Securing application data | Seclore
Securing application data | SecloreSecuring application data | Seclore
Securing application data | Seclore
 
Five Key Trends for Data-Centric Security
Five Key Trends for Data-Centric SecurityFive Key Trends for Data-Centric Security
Five Key Trends for Data-Centric Security
 
Application Data Security | Seclore
Application Data Security | SecloreApplication Data Security | Seclore
Application Data Security | Seclore
 
Benefits of automating data protection | Seclore
Benefits of automating data protection | SecloreBenefits of automating data protection | Seclore
Benefits of automating data protection | Seclore
 
Seclore For Microsoft’s Sensitivity Labels
Seclore For Microsoft’s Sensitivity LabelsSeclore For Microsoft’s Sensitivity Labels
Seclore For Microsoft’s Sensitivity Labels
 
Seclore for Forcepoint DLP
Seclore for Forcepoint DLPSeclore for Forcepoint DLP
Seclore for Forcepoint DLP
 
Data Security For Pharmaceutical Industry
Data Security For Pharmaceutical IndustryData Security For Pharmaceutical Industry
Data Security For Pharmaceutical Industry
 
Securing Remote Workforce | Seclore
Securing Remote Workforce | SecloreSecuring Remote Workforce | Seclore
Securing Remote Workforce | Seclore
 

Ähnlich wie nullcon 2011 - Protect infrastructure of protect information – Lessons from Wikileaks

Seclore File Secure Introduction Brief
Seclore File Secure Introduction BriefSeclore File Secure Introduction Brief
Seclore File Secure Introduction BriefNováccent
 
Seclore FileSecure HotFolder Walkthrough
Seclore FileSecure HotFolder WalkthroughSeclore FileSecure HotFolder Walkthrough
Seclore FileSecure HotFolder Walkthroughsiddarthc
 
Vishal Seclore TR35
Vishal Seclore TR35Vishal Seclore TR35
Vishal Seclore TR35EmTech
 
Storage Made Easy solution to fragmented data
Storage Made Easy solution to fragmented dataStorage Made Easy solution to fragmented data
Storage Made Easy solution to fragmented dataHybrid Cloud
 
Data Governance Trends and Best Practices To Implement Today
Data Governance Trends and Best Practices To Implement TodayData Governance Trends and Best Practices To Implement Today
Data Governance Trends and Best Practices To Implement TodayDATAVERSITY
 
Cloud_security.pptx
Cloud_security.pptxCloud_security.pptx
Cloud_security.pptxSofiyaKhan49
 
Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)Huntsman Security
 
Andrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs Utrecht
Andrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs UtrechtAndrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs Utrecht
Andrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs UtrechtInfosecurity2010
 
Information protection and compliance
Information protection and complianceInformation protection and compliance
Information protection and complianceDean Iacovelli
 
Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...
Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...
Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...Unisys Corporation
 
Data security strategies and drivers
Data security strategies and driversData security strategies and drivers
Data security strategies and driversFreeform Dynamics
 
5 Myths About Data Loss Prevention
5 Myths About Data Loss Prevention5 Myths About Data Loss Prevention
5 Myths About Data Loss PreventionGary Bahadur
 
Automatski - The Internet of Things - Privacy Standards
Automatski - The Internet of Things - Privacy StandardsAutomatski - The Internet of Things - Privacy Standards
Automatski - The Internet of Things - Privacy Standardsautomatskicorporation
 
A network security policy group project unit 4 (1) july 2015
A network security policy group project unit 4 (1) july 2015A network security policy group project unit 4 (1) july 2015
A network security policy group project unit 4 (1) july 2015Jeffery Brown
 
Sample Discussion 1Security is one of the most important fun.docx
Sample Discussion 1Security is one of the most important fun.docxSample Discussion 1Security is one of the most important fun.docx
Sample Discussion 1Security is one of the most important fun.docxrtodd599
 
Sample Discussion 1Security is one of the most important fun.docx
Sample Discussion 1Security is one of the most important fun.docxSample Discussion 1Security is one of the most important fun.docx
Sample Discussion 1Security is one of the most important fun.docxjeffsrosalyn
 

Ähnlich wie nullcon 2011 - Protect infrastructure of protect information – Lessons from Wikileaks (20)

What Is Irm
What Is IrmWhat Is Irm
What Is Irm
 
Seclore File Secure Introduction Brief
Seclore File Secure Introduction BriefSeclore File Secure Introduction Brief
Seclore File Secure Introduction Brief
 
Seclore FileSecure HotFolder Walkthrough
Seclore FileSecure HotFolder WalkthroughSeclore FileSecure HotFolder Walkthrough
Seclore FileSecure HotFolder Walkthrough
 
Vishal Seclore TR35
Vishal Seclore TR35Vishal Seclore TR35
Vishal Seclore TR35
 
Storage Made Easy solution to fragmented data
Storage Made Easy solution to fragmented dataStorage Made Easy solution to fragmented data
Storage Made Easy solution to fragmented data
 
Data Governance Trends and Best Practices To Implement Today
Data Governance Trends and Best Practices To Implement TodayData Governance Trends and Best Practices To Implement Today
Data Governance Trends and Best Practices To Implement Today
 
Chris D'Aguanno
Chris D'AguannoChris D'Aguanno
Chris D'Aguanno
 
Big Data Dectives
Big Data DectivesBig Data Dectives
Big Data Dectives
 
Cloud_security.pptx
Cloud_security.pptxCloud_security.pptx
Cloud_security.pptx
 
Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)Monitoring security in the externalised organisation (Auscert 2013)
Monitoring security in the externalised organisation (Auscert 2013)
 
Andrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs Utrecht
Andrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs UtrechtAndrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs Utrecht
Andrew Yeomans, Infosecurity.nl, 3 november 2010, Jaarbeurs Utrecht
 
Information protection and compliance
Information protection and complianceInformation protection and compliance
Information protection and compliance
 
Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...
Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...
Frost & Sullivan 2015 North American Encrypted Network Security Solutions New...
 
Data security strategies and drivers
Data security strategies and driversData security strategies and drivers
Data security strategies and drivers
 
5 Myths About Data Loss Prevention
5 Myths About Data Loss Prevention5 Myths About Data Loss Prevention
5 Myths About Data Loss Prevention
 
Automatski - The Internet of Things - Privacy Standards
Automatski - The Internet of Things - Privacy StandardsAutomatski - The Internet of Things - Privacy Standards
Automatski - The Internet of Things - Privacy Standards
 
18 Tips of IRM - Making IRM Work for You
18 Tips of IRM - Making IRM Work for You18 Tips of IRM - Making IRM Work for You
18 Tips of IRM - Making IRM Work for You
 
A network security policy group project unit 4 (1) july 2015
A network security policy group project unit 4 (1) july 2015A network security policy group project unit 4 (1) july 2015
A network security policy group project unit 4 (1) july 2015
 
Sample Discussion 1Security is one of the most important fun.docx
Sample Discussion 1Security is one of the most important fun.docxSample Discussion 1Security is one of the most important fun.docx
Sample Discussion 1Security is one of the most important fun.docx
 
Sample Discussion 1Security is one of the most important fun.docx
Sample Discussion 1Security is one of the most important fun.docxSample Discussion 1Security is one of the most important fun.docx
Sample Discussion 1Security is one of the most important fun.docx
 

Mehr von n|u - The Open Security Community

Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...n|u - The Open Security Community
 

Mehr von n|u - The Open Security Community (20)

Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)
 
Osint primer
Osint primerOsint primer
Osint primer
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
 
Introduction to TLS 1.3
Introduction to TLS 1.3Introduction to TLS 1.3
Introduction to TLS 1.3
 
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
 
Building active directory lab for red teaming
Building active directory lab for red teamingBuilding active directory lab for red teaming
Building active directory lab for red teaming
 
Owning a company through their logs
Owning a company through their logsOwning a company through their logs
Owning a company through their logs
 
Introduction to shodan
Introduction to shodanIntroduction to shodan
Introduction to shodan
 
Cloud security
Cloud security Cloud security
Cloud security
 
Detecting persistence in windows
Detecting persistence in windowsDetecting persistence in windows
Detecting persistence in windows
 
Frida - Objection Tool Usage
Frida - Objection Tool UsageFrida - Objection Tool Usage
Frida - Objection Tool Usage
 
OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Process
 
DevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -SecurityDevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -Security
 
Extensible markup language attacks
Extensible markup language attacksExtensible markup language attacks
Extensible markup language attacks
 
Linux for hackers
Linux for hackersLinux for hackers
Linux for hackers
 
Android Pentesting
Android PentestingAndroid Pentesting
Android Pentesting
 

Kürzlich hochgeladen

How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 

Kürzlich hochgeladen (20)

How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 

nullcon 2011 - Protect infrastructure of protect information – Lessons from Wikileaks

  • 1.  
  • 2. Question : Why do F1 cars have the biggest brakes ? Answer : Because they need to go the fastest.
  • 3. Protect Infrastructure or protect information ?? Lessons from Wikileaks Presentation at NullCon 2011, Goa Vishal Gupta Seclore
  • 4. Information exchange in the collaborative world Information is exchanged between Employees of the organisation Enterprise CUSTOMERS VENDORS Information is exchanged between employees & vendors & employees & customers What happens if an employee with privileged access leaves to join a competitor ? What happens if information shared with a vendor is lost by the vendor ? VPN SSL UTM Firewall … TELEMARKETER Competitors Firewalls
  • 5. The compromise ... Increasing risks of systems and data Decreasing availability of systems and data Data Center Enterprise + Partners Enterprise The world Decreasing control and protection over data
  • 6.
  • 8. Information lifecycle … Create Store Transmit & collaborate Use Archive & Backup Delete DLP Anti-virus Anti-… Hard disk encryption SSL UTM Application security IDM DLP Vaults Digital shredders Heterogeneous policies … Heterogeneous infrastructure Security NTFS Desktops Laptops Mobile devices Removable media Email Content Management Online workspaces Remote desktops Shared folders Removable media Instant Messaging Desktops Laptops Mobile devices Archive Backup Document retention
  • 9. Unstructured information security Option 1 : Control Distribution . . . Security Collaboration
  • 10. Unstructured information security Option 2 : Control Usage . . . Security Collaboration Right Location Right Time Right Action Right Person
  • 11.
  • 12. Lessons from Wikileaks Content is King security supposed to be like ‘ s security 1 Thou shall focus on protecting the information … because no “wall” is too high 3 Thou shall listen to dad & not watch TV beyond 7 pm 2
  • 13. About … Seclore is a high growth information security product company focused on providing Security without compromising collaboration Seclore’s flagship product Seclore FileSecure is used by More than 1 million users & some of the largest enterprises
  • 14. Contact Vishal Gupta +91-22-4015-5252 www.seclore.com

Hinweis der Redaktion

  1. A Formula 1 car ( top speed 260 Miles an hour ) can decelerate from 62-0 mph in about 55 ft. Compare this to a 2007 Porsche 911 turbo ( top speed 180 Miles an hour ) which takes about 103 feet to brake from 62-0 mph. Formula 1 cars can brake from 124 mph to a complete stop in just 2.9 seconds and use only 213 feet.
  2. A Formula 1 car ( top speed 260 Miles an hour ) can decelerate from 62-0 mph in about 55 ft. Compare this to a 2007 Porsche 911 turbo ( top speed 180 Miles an hour ) which takes about 103 feet to brake from 62-0 mph. Formula 1 cars can brake from 124 mph to a complete stop in just 2.9 seconds and use only 213 feet.