�ݺ�ߣshows by User: EricHGoldman

�ݺ�ߣshows by User: EricHGoldman / http://www.slideshare.net/images/logo.gif �ݺ�ߣshows by User: EricHGoldman / Fri, 12 Feb 2021 16:23:29 GMT �ݺ�ߣShare feed for �ݺ�ߣshows by User: EricHGoldman Before It's Out The Door: Securing Outbound Open Source /slideshow/before-its-out-the-door-securing-outbound-open-source/242630901 goldman-owasp-presentation-v01-210212162329
When your organization decides it is time to release part of your codebase as open source software it is important to consider security implications for your internal stakeholders as well as downstream users of your project. After the release of your project to the public, you have a responsibility to actively monitor and maintain your code. In this talk we will explore how to prepare your code and organize your project to ensure that security is baked in from the first release and that you lay the foundation for ensuring all stakeholders remain secure throughout the entirety of the project's lifecycle. Participants will learn how to build and improve their outbound open source security processes with initial and ongoing governance and security processes. We will also discuss planning for responsible disclosure, securing related infrastructure and documentation, as well as end of life and end of support considerations for your open source project. View Sample Policies and Template at: https://github.com/erichgoldman/outbound-open-source-policy]]>
When your organization decides it is time to release part of your codebase as open source software it is important to consider security implications for your internal stakeholders as well as downstream users of your project. After the release of your project to the public, you have a responsibility to actively monitor and maintain your code. In this talk we will explore how to prepare your code and organize your project to ensure that security is baked in from the first release and that you lay the foundation for ensuring all stakeholders remain secure throughout the entirety of the project's lifecycle. Participants will learn how to build and improve their outbound open source security processes with initial and ongoing governance and security processes. We will also discuss planning for responsible disclosure, securing related infrastructure and documentation, as well as end of life and end of support considerations for your open source project. View Sample Policies and Template at: https://github.com/erichgoldman/outbound-open-source-policy]]> Fri, 12 Feb 2021 16:23:29 GMT /slideshow/before-its-out-the-door-securing-outbound-open-source/242630901 EricHGoldman@slideshare.net(EricHGoldman) Before It's Out The Door: Securing Outbound Open Source EricHGoldman When your organization decides it is time to release part of your codebase as open source software it is important to consider security implications for your internal stakeholders as well as downstream users of your project. After the release of your project to the public, you have a responsibility to actively monitor and maintain your code. In this talk we will explore how to prepare your code and organize your project to ensure that security is baked in from the first release and that you lay the foundation for ensuring all stakeholders remain secure throughout the entirety of the project's lifecycle. Participants will learn how to build and improve their outbound open source security processes with initial and ongoing governance and security processes. We will also discuss planning for responsible disclosure, securing related infrastructure and documentation, as well as end of life and end of support considerations for your open source project. View Sample Policies and Template at: https://github.com/erichgoldman/outbound-open-source-policy <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/goldman-owasp-presentation-v01-210212162329-thumbnail.jpg?width=120&height=120&fit=bounds" /> When your organization decides it is time to release part of your codebase as open source software it is important to consider security implications for your internal stakeholders as well as downstream users of your project. After the release of your project to the public, you have a responsibility to actively monitor and maintain your code. In this talk we will explore how to prepare your code and organize your project to ensure that security is baked in from the first release and that you lay the foundation for ensuring all stakeholders remain secure throughout the entirety of the project's lifecycle. Participants will learn how to build and improve their outbound open source security processes with initial and ongoing governance and security processes. We will also discuss planning for responsible disclosure, securing related infrastructure and documentation, as well as end of life and end of support considerations for your open source project. View Sample Policies and Template at: https://github.com/erichgoldman/outbound-open-source-policy

Before It's Out The Door: Securing Outbound Open Source from Eric Goldman

]]> 52 0 https://cdn.slidesharecdn.com/ss_thumbnails/goldman-owasp-presentation-v01-210212162329-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Auditing web servers for HIPAA compliance - §164.312(a)(1) /slideshow/auditing-web-servers-for-hipaa-compliance-a-164312a1/1682272 audit-presentation-no-audio-090704141949-phpapp02
This presentation provides an overview of HIPAA (Health Insurance Portability and Accountability Act) from a technical standpoint, and the requirements it places upon a business. Specifically, this presentation addresses HIPAA § 164.312(a)(1). The presentation covers the requirements of this area of the law. In order to demonstrate the requirements, a test environment was built and some application mock-ups were created (intentionally vulnerable) in order to demonstrate what an auditor needs to look for, why the law requires this, and how to address such issues. The testbed demonstration also provides a good primer on SQL injection, password cracking, and file inclusion vulnerabilities. The presentation steps through many of these aspects in detail. The demonstration is embedded from YouTube, and is available in higher quality there. The presentation concludes with some hints and lessons learned through the process. You can get more information on this presentation, demo, and related materials by visiting http://www.ericgoldman.name]]>
This presentation provides an overview of HIPAA (Health Insurance Portability and Accountability Act) from a technical standpoint, and the requirements it places upon a business. Specifically, this presentation addresses HIPAA § 164.312(a)(1). The presentation covers the requirements of this area of the law. In order to demonstrate the requirements, a test environment was built and some application mock-ups were created (intentionally vulnerable) in order to demonstrate what an auditor needs to look for, why the law requires this, and how to address such issues. The testbed demonstration also provides a good primer on SQL injection, password cracking, and file inclusion vulnerabilities. The presentation steps through many of these aspects in detail. The demonstration is embedded from YouTube, and is available in higher quality there. The presentation concludes with some hints and lessons learned through the process. You can get more information on this presentation, demo, and related materials by visiting http://www.ericgoldman.name]]> Sat, 04 Jul 2009 14:19:44 GMT /slideshow/auditing-web-servers-for-hipaa-compliance-a-164312a1/1682272 EricHGoldman@slideshare.net(EricHGoldman) Auditing web servers for HIPAA compliance - §164.312(a)(1) EricHGoldman This presentation provides an overview of HIPAA (Health Insurance Portability and Accountability Act) from a technical standpoint, and the requirements it places upon a business. Specifically, this presentation addresses HIPAA § 164.312(a)(1). The presentation covers the requirements of this area of the law. In order to demonstrate the requirements, a test environment was built and some application mock-ups were created (intentionally vulnerable) in order to demonstrate what an auditor needs to look for, why the law requires this, and how to address such issues. The testbed demonstration also provides a good primer on SQL injection, password cracking, and file inclusion vulnerabilities. The presentation steps through many of these aspects in detail. The demonstration is embedded from YouTube, and is available in higher quality there. The presentation concludes with some hints and lessons learned through the process. You can get more information on this presentation, demo, and related materials by visiting http://www.ericgoldman.name <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/audit-presentation-no-audio-090704141949-phpapp02-thumbnail.jpg?width=120&height=120&fit=bounds" /> This presentation provides an overview of HIPAA (Health Insurance Portability and Accountability Act) from a technical standpoint, and the requirements it places upon a business. Specifically, this presentation addresses HIPAA § 164.312(a)(1). The presentation covers the requirements of this area of the law. In order to demonstrate the requirements, a test environment was built and some application mock-ups were created (intentionally vulnerable) in order to demonstrate what an auditor needs to look for, why the law requires this, and how to address such issues. The testbed demonstration also provides a good primer on SQL injection, password cracking, and file inclusion vulnerabilities. The presentation steps through many of these aspects in detail. The demonstration is embedded from YouTube, and is available in higher quality there. The presentation concludes with some hints and lessons learned through the process. You can get more information on this presentation, demo, and related materials by visiting http://www.ericgoldman.name

Auditing web servers for HIPAA compliance - 則164.312(a)(1) from Eric Goldman

]]> 3296 5 https://cdn.slidesharecdn.com/ss_thumbnails/audit-presentation-no-audio-090704141949-phpapp02-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Fair Information Practices: Overview and Application to the Omnibus Approach /slideshow/fair-information-practices-overview-and-application-to-the-omnibus-approach/1503872 fair-information-practices-congress-090528183053-phpapp01
This presentation provides a high level overview of the Fair Information Practices and the creation of an Omnibus Privacy Law. The presentation is designed to inform lawmakers on the background and benefits of creating and Omnibus Privacy Law in the United States, as such laws already exist in other parts of the world such as the European Union. This is the first of three presentations on this topic.]]>
This presentation provides a high level overview of the Fair Information Practices and the creation of an Omnibus Privacy Law. The presentation is designed to inform lawmakers on the background and benefits of creating and Omnibus Privacy Law in the United States, as such laws already exist in other parts of the world such as the European Union. This is the first of three presentations on this topic.]]> Thu, 28 May 2009 18:30:26 GMT /slideshow/fair-information-practices-overview-and-application-to-the-omnibus-approach/1503872 EricHGoldman@slideshare.net(EricHGoldman) Fair Information Practices: Overview and Application to the Omnibus Approach EricHGoldman This presentation provides a high level overview of the Fair Information Practices and the creation of an Omnibus Privacy Law. The presentation is designed to inform lawmakers on the background and benefits of creating and Omnibus Privacy Law in the United States, as such laws already exist in other parts of the world such as the European Union. This is the first of three presentations on this topic. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/fair-information-practices-congress-090528183053-phpapp01-thumbnail.jpg?width=120&height=120&fit=bounds" /> This presentation provides a high level overview of the Fair Information Practices and the creation of an Omnibus Privacy Law. The presentation is designed to inform lawmakers on the background and benefits of creating and Omnibus Privacy Law in the United States, as such laws already exist in other parts of the world such as the European Union. This is the first of three presentations on this topic.

Fair Information Practices: Overview and Application to the Omnibus Approach from Eric Goldman

]]> 762 7 https://cdn.slidesharecdn.com/ss_thumbnails/fair-information-practices-congress-090528183053-phpapp01-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Evil Twin Demonstration /slideshow/evil-twin-demonstration/1480452 eviltwindemonstration-090523215905-phpapp02
A technical demo presentation showing an Evil Twin attack in action. The demo shows the attack from the victim, attacker, and evil twin perspectives. Background information is available. Full report is available at http://www.ericgoldman.name]]>
A technical demo presentation showing an Evil Twin attack in action. The demo shows the attack from the victim, attacker, and evil twin perspectives. Background information is available. Full report is available at http://www.ericgoldman.name]]> Sat, 23 May 2009 21:58:56 GMT /slideshow/evil-twin-demonstration/1480452 EricHGoldman@slideshare.net(EricHGoldman) Evil Twin Demonstration EricHGoldman A technical demo presentation showing an Evil Twin attack in action. The demo shows the attack from the victim, attacker, and evil twin perspectives. Background information is available. Full report is available at http://www.ericgoldman.name <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/eviltwindemonstration-090523215905-phpapp02-thumbnail.jpg?width=120&height=120&fit=bounds" /> A technical demo presentation showing an Evil Twin attack in action. The demo shows the attack from the victim, attacker, and evil twin perspectives. Background information is available. Full report is available at http://www.ericgoldman.name

Evil Twin Demonstration from Eric Goldman

]]> 10758 7 https://cdn.slidesharecdn.com/ss_thumbnails/eviltwindemonstration-090523215905-phpapp02-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 AP Takeover Attacks /slideshow/ap-takeover-attacks/1480422 ap-takeover-attacks-090523214312-phpapp01
This is a short presentation about access point (AP) takeover attacks. It gives a brief overview of methods and the reasons hackers may want to use these attacks, it then provides some examples. A full paper on this topic is available at http://www.ericgoldman.name]]>
This is a short presentation about access point (AP) takeover attacks. It gives a brief overview of methods and the reasons hackers may want to use these attacks, it then provides some examples. A full paper on this topic is available at http://www.ericgoldman.name]]> Sat, 23 May 2009 21:43:05 GMT /slideshow/ap-takeover-attacks/1480422 EricHGoldman@slideshare.net(EricHGoldman) AP Takeover Attacks EricHGoldman This is a short presentation about access point (AP) takeover attacks. It gives a brief overview of methods and the reasons hackers may want to use these attacks, it then provides some examples. A full paper on this topic is available at http://www.ericgoldman.name <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/ap-takeover-attacks-090523214312-phpapp01-thumbnail.jpg?width=120&height=120&fit=bounds" /> This is a short presentation about access point (AP) takeover attacks. It gives a brief overview of methods and the reasons hackers may want to use these attacks, it then provides some examples. A full paper on this topic is available at http://www.ericgoldman.name

AP Takeover Attacks from Eric Goldman

]]> 1496 3 https://cdn.slidesharecdn.com/ss_thumbnails/ap-takeover-attacks-090523214312-phpapp01-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Introduction to WiMAX /slideshow/introduction-to-wimax-1438207/1438207 goldman-wimax-090514235245-phpapp01
A primer on WiMax.]]>
A primer on WiMax.]]> Thu, 14 May 2009 23:52:38 GMT /slideshow/introduction-to-wimax-1438207/1438207 EricHGoldman@slideshare.net(EricHGoldman) Introduction to WiMAX EricHGoldman A primer on WiMax. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/goldman-wimax-090514235245-phpapp01-thumbnail.jpg?width=120&height=120&fit=bounds" /> A primer on WiMax.

Introduction to WiMAX from Eric Goldman

]]> 3570 4 https://cdn.slidesharecdn.com/ss_thumbnails/goldman-wimax-090514235245-phpapp01-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 Evolution Of The Public Network /slideshow/evolution-of-the-public-network/1438081 evolutionofthepublicnetwork-090514225526-phpapp01
This is a presentation on the evolution of the public network, including POTS, ATM, SONET, DWDM, RPR, Ethernet, and other technologies. Explains how needs and design principles have changed over time and compares the different technologies. A full research paper is available at http://www.ericgoldman.name]]>
This is a presentation on the evolution of the public network, including POTS, ATM, SONET, DWDM, RPR, Ethernet, and other technologies. Explains how needs and design principles have changed over time and compares the different technologies. A full research paper is available at http://www.ericgoldman.name]]> Thu, 14 May 2009 22:55:20 GMT /slideshow/evolution-of-the-public-network/1438081 EricHGoldman@slideshare.net(EricHGoldman) Evolution Of The Public Network EricHGoldman This is a presentation on the evolution of the public network, including POTS, ATM, SONET, DWDM, RPR, Ethernet, and other technologies. Explains how needs and design principles have changed over time and compares the different technologies. A full research paper is available at http://www.ericgoldman.name <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/evolutionofthepublicnetwork-090514225526-phpapp01-thumbnail.jpg?width=120&height=120&fit=bounds" /> This is a presentation on the evolution of the public network, including POTS, ATM, SONET, DWDM, RPR, Ethernet, and other technologies. Explains how needs and design principles have changed over time and compares the different technologies. A full research paper is available at http://www.ericgoldman.name

Evolution Of The Public Network from Eric Goldman

]]> 584 4 https://cdn.slidesharecdn.com/ss_thumbnails/evolutionofthepublicnetwork-090514225526-phpapp01-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post

http://activitystrea.ms/schema/1.0/posted

0 https://cdn.slidesharecdn.com/profile-photo-EricHGoldman-48x48.jpg?cb=1613146957 www.ericgoldman.name https://cdn.slidesharecdn.com/ss_thumbnails/goldman-owasp-presentation-v01-210212162329-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/before-its-out-the-door-securing-outbound-open-source/242630901 Before It's Out The Do... https://cdn.slidesharecdn.com/ss_thumbnails/audit-presentation-no-audio-090704141949-phpapp02-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/auditing-web-servers-for-hipaa-compliance-a-164312a1/1682272 Auditing web servers f... https://cdn.slidesharecdn.com/ss_thumbnails/fair-information-practices-congress-090528183053-phpapp01-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/fair-information-practices-overview-and-application-to-the-omnibus-approach/1503872 Fair Information Pract...