Learn essential cybersecurity strategies to defend against sophisticated cyber threats in this 45-minute video from Derbycon 2012. Explore how to build a robust security program without breaking the bank, focusing on passionate people and simple yet effective solutions. Discover key areas of protection including user awareness, endpoint systems, network security, and application security. Gain insights into managing application risks, implementing secure coding practices, and addressing database vulnerabilities. Understand the importance of centralized management, risk acceptance models, and cloud storage security. Apply practical tips and techniques to strengthen your organization's cyber defenses against an army of cyber ninja warriors.
Overview
Syllabus
Introduction
About Ryan Elkins
How can security be simple
Security is like a puzzle
You dont need bottomless pockets
Security requires passionate people
Building a program
Zero day
Common attack vector
Curiosity
Set
Metaphor Module
What to Protect Against
User Awareness
Make Security the Trend
Quick Game
Attack Dogs
Users Cant Always Protect
Endpoint System Protection
Centralized Management
Network Protection
Application Security
Application sprawl
Review all applications
Training developers
I dont know code
Checklist
Application Risks
Review Checklist
Review Categories
Passwords
Cookies
Databases
Input Validation
Output Encoding
Transport Layer
Web Config
Encryption
ThirdParty Applications
ThirdParty Code
Search Strings
Application Reviews
Database Security
Integrated Authentication
Vulnerability Management
Cloud Storage
Centralization
Baselines
Risk Acceptance Model
Time to Build
Closing Thoughts
