際際滷shows by User: SecurityInnovation / http://www.slideshare.net/images/logo.gif 際際滷shows by User: SecurityInnovation / Tue, 16 Mar 2021 01:44:42 GMT 際際滷Share feed for 際際滷shows by User: SecurityInnovation Securing Applications in the Cloud /slideshow/securing-applications-in-the-cloud/244460415 securingapplicationsinthecloud-210316014442
As organizations shift control of their infrastructure and data to the cloud, it is critical that they rethink their application security efforts. This can be accomplished by ensuring applications are designed to take advantage of built-in cloud security controls and configured properly in deployment. Attend this webcast to gain insight into the security nuances of the cloud platform and risk mitigation techniques. Topics include: Common cloud threats and vulnerabilities Exposing data with insufficient Authorization and Authentication The danger of relying on untrusted components Distributed Denial of Service (DDoS) and other application attacks Securing APIs and other defensive measures]]>
As organizations shift control of their infrastructure and data to the cloud, it is critical that they rethink their application security efforts. This can be accomplished by ensuring applications are designed to take advantage of built-in cloud security controls and configured properly in deployment. Attend this webcast to gain insight into the security nuances of the cloud platform and risk mitigation techniques. Topics include: Common cloud threats and vulnerabilities Exposing data with insufficient Authorization and Authentication The danger of relying on untrusted components Distributed Denial of Service (DDoS) and other application attacks Securing APIs and other defensive measures]]> Tue, 16 Mar 2021 01:44:42 GMT /slideshow/securing-applications-in-the-cloud/244460415 SecurityInnovation@slideshare.net(SecurityInnovation) Securing Applications in the Cloud SecurityInnovation As organizations shift control of their infrastructure and data to the cloud, it is critical that they rethink their application security efforts. This can be accomplished by ensuring applications are designed to take advantage of built-in cloud security controls and configured properly in deployment. Attend this webcast to gain insight into the security nuances of the cloud platform and risk mitigation techniques. Topics include: Common cloud threats and vulnerabilities Exposing data with insufficient Authorization and Authentication The danger of relying on untrusted components Distributed Denial of Service (DDoS) and other application attacks Securing APIs and other defensive measures <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/securingapplicationsinthecloud-210316014442-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> As organizations shift control of their infrastructure and data to the cloud, it is critical that they rethink their application security efforts. This can be accomplished by ensuring applications are designed to take advantage of built-in cloud security controls and configured properly in deployment. Attend this webcast to gain insight into the security nuances of the cloud platform and risk mitigation techniques. Topics include: Common cloud threats and vulnerabilities Exposing data with insufficient Authorization and Authentication The danger of relying on untrusted components Distributed Denial of Service (DDoS) and other application attacks Securing APIs and other defensive measures
Securing Applications in the Cloud from Security Innovation
]]> 226 0 https://cdn.slidesharecdn.com/ss_thumbnails/securingapplicationsinthecloud-210316014442-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Modernizing, Migrating & Mitigating - Moving to Modern Cloud & API Web Apps Webinar /SecurityInnovation/modernizing-migrating-mitigating-moving-to-modern-cloud-api-web-apps-webinar mondernizingmigratingandmitigating-201014201339
This talk will help you, as a decision maker or architect, to understand the risks of migrating a thick client or traditional web application to the modern web. In this talk Ill give you tools and techniques to make the migration to the modern web painless and secure so you can mitigate common pitfalls without having to make the mistakes first. Ill be doing demos, and telling lots of stories throughout. Making some good architectural decisions up front can help you: - Minimize the risk of data breach - Protect your users privacy - Make security choices easy the easy default for your developers - Understand the cloud security model - Create defaults, policies, wrappers, and guidance for developers - Detect when developers have bypassed security controls]]>
This talk will help you, as a decision maker or architect, to understand the risks of migrating a thick client or traditional web application to the modern web. In this talk Ill give you tools and techniques to make the migration to the modern web painless and secure so you can mitigate common pitfalls without having to make the mistakes first. Ill be doing demos, and telling lots of stories throughout. Making some good architectural decisions up front can help you: - Minimize the risk of data breach - Protect your users privacy - Make security choices easy the easy default for your developers - Understand the cloud security model - Create defaults, policies, wrappers, and guidance for developers - Detect when developers have bypassed security controls]]> Wed, 14 Oct 2020 20:13:39 GMT /SecurityInnovation/modernizing-migrating-mitigating-moving-to-modern-cloud-api-web-apps-webinar SecurityInnovation@slideshare.net(SecurityInnovation) Modernizing, Migrating & Mitigating - Moving to Modern Cloud & API Web Apps Webinar SecurityInnovation This talk will help you, as a decision maker or architect, to understand the risks of migrating a thick client or traditional web application to the modern web. In this talk Ill give you tools and techniques to make the migration to the modern web painless and secure so you can mitigate common pitfalls without having to make the mistakes first. Ill be doing demos, and telling lots of stories throughout. Making some good architectural decisions up front can help you: - Minimize the risk of data breach - Protect your users privacy - Make security choices easy the easy default for your developers - Understand the cloud security model - Create defaults, policies, wrappers, and guidance for developers - Detect when developers have bypassed security controls <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/mondernizingmigratingandmitigating-201014201339-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> This talk will help you, as a decision maker or architect, to understand the risks of migrating a thick client or traditional web application to the modern web. In this talk Ill give you tools and techniques to make the migration to the modern web painless and secure so you can mitigate common pitfalls without having to make the mistakes first. Ill be doing demos, and telling lots of stories throughout. Making some good architectural decisions up front can help you: - Minimize the risk of data breach - Protect your users privacy - Make security choices easy the easy default for your developers - Understand the cloud security model - Create defaults, policies, wrappers, and guidance for developers - Detect when developers have bypassed security controls
Modernizing, Migrating & Mitigating - Moving to Modern Cloud & API Web Apps Webinar from Security Innovation
]]> 185 0 https://cdn.slidesharecdn.com/ss_thumbnails/mondernizingmigratingandmitigating-201014201339-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Develop, Test & Maintain Secure Systems (While Being PCI Compliant) /slideshow/develop-test-maintain-secure-systems-while-being-pci-compliant/234351814 developtestmaintainsecuresystemssoftware-200520155237
To ensure critical data can only be accessed by authorized personnel, it is paramount to integrate security best practices during development. Its equally important to protect deployed systems, especially in CI/CD (continuous integration and deployment) and DevOps environments. Attend this webcast to learn techniques to define, design, develop, test, and maintain secure systems. Particular focus will be paid to software-dependent systems. Topics include: Identifying and risk-rating common vulnerabilities Applying practices such as least privilege, input/output sanitation, and system hardening Implementing test techniques for system components, COTS, and custom software]]>
To ensure critical data can only be accessed by authorized personnel, it is paramount to integrate security best practices during development. Its equally important to protect deployed systems, especially in CI/CD (continuous integration and deployment) and DevOps environments. Attend this webcast to learn techniques to define, design, develop, test, and maintain secure systems. Particular focus will be paid to software-dependent systems. Topics include: Identifying and risk-rating common vulnerabilities Applying practices such as least privilege, input/output sanitation, and system hardening Implementing test techniques for system components, COTS, and custom software]]> Wed, 20 May 2020 15:52:37 GMT /slideshow/develop-test-maintain-secure-systems-while-being-pci-compliant/234351814 SecurityInnovation@slideshare.net(SecurityInnovation) Develop, Test & Maintain Secure Systems (While Being PCI Compliant) SecurityInnovation To ensure critical data can only be accessed by authorized personnel, it is paramount to integrate security best practices during development. Its equally important to protect deployed systems, especially in CI/CD (continuous integration and deployment) and DevOps environments. Attend this webcast to learn techniques to define, design, develop, test, and maintain secure systems. Particular focus will be paid to software-dependent systems. Topics include: Identifying and risk-rating common vulnerabilities Applying practices such as least privilege, input/output sanitation, and system hardening Implementing test techniques for system components, COTS, and custom software <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/developtestmaintainsecuresystemssoftware-200520155237-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> To ensure critical data can only be accessed by authorized personnel, it is paramount to integrate security best practices during development. Its equally important to protect deployed systems, especially in CI/CD (continuous integration and deployment) and DevOps environments. Attend this webcast to learn techniques to define, design, develop, test, and maintain secure systems. Particular focus will be paid to software-dependent systems. Topics include: Identifying and risk-rating common vulnerabilities Applying practices such as least privilege, input/output sanitation, and system hardening Implementing test techniques for system components, COTS, and custom software
Develop, Test & Maintain Secure Systems (While Being PCI Compliant) from Security Innovation
]]> 192 0 https://cdn.slidesharecdn.com/ss_thumbnails/developtestmaintainsecuresystemssoftware-200520155237-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Protecting Sensitive Data (and be PCI Compliant too!) /slideshow/protecting-sensitive-data-and-be-pci-compliant-too/233366273 pciwebinar20201-protectingsensitivedata-final-200507180737
Sensitive data is vulnerable when it is stored insecurely and transmitted over open networks. The PCI Security Council takes a hard line on protecting cardholder data and describes specific methods to comply with its standards. Attend this webinar to better understand methods that make data theft more difficult for attackers and render stolen data unusable. Topics covered include: Properly protecting stored cardholder data - encryption, hashing, masking and truncation Securing data during transmission - using strong cipher suites, valid certificates, and strong TLS security How to identify and mitigate missing encryption]]>
Sensitive data is vulnerable when it is stored insecurely and transmitted over open networks. The PCI Security Council takes a hard line on protecting cardholder data and describes specific methods to comply with its standards. Attend this webinar to better understand methods that make data theft more difficult for attackers and render stolen data unusable. Topics covered include: Properly protecting stored cardholder data - encryption, hashing, masking and truncation Securing data during transmission - using strong cipher suites, valid certificates, and strong TLS security How to identify and mitigate missing encryption]]> Thu, 07 May 2020 18:07:37 GMT /slideshow/protecting-sensitive-data-and-be-pci-compliant-too/233366273 SecurityInnovation@slideshare.net(SecurityInnovation) Protecting Sensitive Data (and be PCI Compliant too!) SecurityInnovation Sensitive data is vulnerable when it is stored insecurely and transmitted over open networks. The PCI Security Council takes a hard line on protecting cardholder data and describes specific methods to comply with its standards. Attend this webinar to better understand methods that make data theft more difficult for attackers and render stolen data unusable. Topics covered include: Properly protecting stored cardholder data - encryption, hashing, masking and truncation Securing data during transmission - using strong cipher suites, valid certificates, and strong TLS security How to identify and mitigate missing encryption <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/pciwebinar20201-protectingsensitivedata-final-200507180737-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> Sensitive data is vulnerable when it is stored insecurely and transmitted over open networks. The PCI Security Council takes a hard line on protecting cardholder data and describes specific methods to comply with its standards. Attend this webinar to better understand methods that make data theft more difficult for attackers and render stolen data unusable. Topics covered include: Properly protecting stored cardholder data - encryption, hashing, masking and truncation Securing data during transmission - using strong cipher suites, valid certificates, and strong TLS security How to identify and mitigate missing encryption
Protecting Sensitive Data (and be PCI Compliant too!) from Security Innovation
]]> 150 1 https://cdn.slidesharecdn.com/ss_thumbnails/pciwebinar20201-protectingsensitivedata-final-200507180737-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 5 Ways To Train Security Champions /slideshow/5-ways-to-train-security-champions/228634180 5-ways-to-train-security-champs-200219135427
How to do it in cross-functional DevOps teams]]>
How to do it in cross-functional DevOps teams]]> Wed, 19 Feb 2020 13:54:27 GMT /slideshow/5-ways-to-train-security-champions/228634180 SecurityInnovation@slideshare.net(SecurityInnovation) 5 Ways To Train Security Champions SecurityInnovation How to do it in cross-functional DevOps teams <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/5-ways-to-train-security-champs-200219135427-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> How to do it in cross-functional DevOps teams
5 Ways To Train Security Champions from Security Innovation
]]> 67 0 https://cdn.slidesharecdn.com/ss_thumbnails/5-ways-to-train-security-champs-200219135427-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Aligning Application Security to Compliance /slideshow/aligning-application-security-to-compliance/222655158 aligningappsectocompliance-2020final-200121201241
Regulatory compliance mandates have historically focused on IT & endpoint security as the primary means to protect data. However, as our digital economy has increasingly become software dependent, standards bodies have dutifully added requirements as they relate to development and deployment practices. Enterprise applications and cloud-based services constantly store and transmit data; yet, they are often difficult to understand and assess for compliance. This webcast will present a practical approach towards mapping application security practices to common compliance frameworks. It will discuss how to define and enact a secure, repeatable software development lifecycle (SDLC) and highlight activities that can be leveraged across multiple compliance controls. Topics include: * Consolidating security and compliance controls * Creating application security standards for development and operations teams * Identifying and remediating gaps between current practices and industry accepted "best practices]]>
Regulatory compliance mandates have historically focused on IT & endpoint security as the primary means to protect data. However, as our digital economy has increasingly become software dependent, standards bodies have dutifully added requirements as they relate to development and deployment practices. Enterprise applications and cloud-based services constantly store and transmit data; yet, they are often difficult to understand and assess for compliance. This webcast will present a practical approach towards mapping application security practices to common compliance frameworks. It will discuss how to define and enact a secure, repeatable software development lifecycle (SDLC) and highlight activities that can be leveraged across multiple compliance controls. Topics include: * Consolidating security and compliance controls * Creating application security standards for development and operations teams * Identifying and remediating gaps between current practices and industry accepted "best practices]]> Tue, 21 Jan 2020 20:12:41 GMT /slideshow/aligning-application-security-to-compliance/222655158 SecurityInnovation@slideshare.net(SecurityInnovation) Aligning Application Security to Compliance SecurityInnovation Regulatory compliance mandates have historically focused on IT & endpoint security as the primary means to protect data. However, as our digital economy has increasingly become software dependent, standards bodies have dutifully added requirements as they relate to development and deployment practices. Enterprise applications and cloud-based services constantly store and transmit data; yet, they are often difficult to understand and assess for compliance. This webcast will present a practical approach towards mapping application security practices to common compliance frameworks. It will discuss how to define and enact a secure, repeatable software development lifecycle (SDLC) and highlight activities that can be leveraged across multiple compliance controls. Topics include: * Consolidating security and compliance controls * Creating application security standards for development and operations teams * Identifying and remediating gaps between current practices and industry accepted "best practices <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/aligningappsectocompliance-2020final-200121201241-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> Regulatory compliance mandates have historically focused on IT &amp; endpoint security as the primary means to protect data. However, as our digital economy has increasingly become software dependent, standards bodies have dutifully added requirements as they relate to development and deployment practices. Enterprise applications and cloud-based services constantly store and transmit data; yet, they are often difficult to understand and assess for compliance. This webcast will present a practical approach towards mapping application security practices to common compliance frameworks. It will discuss how to define and enact a secure, repeatable software development lifecycle (SDLC) and highlight activities that can be leveraged across multiple compliance controls. Topics include: * Consolidating security and compliance controls * Creating application security standards for development and operations teams * Identifying and remediating gaps between current practices and industry accepted &quot;best practices
Aligning Application Security to Compliance from Security Innovation
]]> 190 2 https://cdn.slidesharecdn.com/ss_thumbnails/aligningappsectocompliance-2020final-200121201241-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 How to Hijack a Pizza Delivery Robot with Injection Flaws /slideshow/how-to-hijack-a-pizza-delivery-robot-with-injection-flaws/206855136 howtohijackapizzadeliveryrobotwithinjectionflaws-191217191540
Welcome to the lighter side of the software security world! Well explain complex topics like injection flaws, configuration errors, and parameter tampering with real-world analogies, like breaking into your house through your shed, or sneaking into a Coldplay concert using a reflective yellow vest, a walkie talkie toy, and your bravado. If youve ever struggled to remember exactly how these issues work or struggled to explain them to someone outside of the security field, this presentation will help (and probably make you laugh). Topics covered include: - Injection Flaws - XSS - SQL Injection - Broken Authentication - Privilege Escalation - Information Disclosure - Parameter Tampering - Configuration Errors This webinar is ideal for anyone who wants to understand core Application Security concepts so they can apply risk mitigation strategies with better context.]]>
Welcome to the lighter side of the software security world! Well explain complex topics like injection flaws, configuration errors, and parameter tampering with real-world analogies, like breaking into your house through your shed, or sneaking into a Coldplay concert using a reflective yellow vest, a walkie talkie toy, and your bravado. If youve ever struggled to remember exactly how these issues work or struggled to explain them to someone outside of the security field, this presentation will help (and probably make you laugh). Topics covered include: - Injection Flaws - XSS - SQL Injection - Broken Authentication - Privilege Escalation - Information Disclosure - Parameter Tampering - Configuration Errors This webinar is ideal for anyone who wants to understand core Application Security concepts so they can apply risk mitigation strategies with better context.]]> Tue, 17 Dec 2019 19:15:40 GMT /slideshow/how-to-hijack-a-pizza-delivery-robot-with-injection-flaws/206855136 SecurityInnovation@slideshare.net(SecurityInnovation) How to Hijack a Pizza Delivery Robot with Injection Flaws SecurityInnovation Welcome to the lighter side of the software security world! Well explain complex topics like injection flaws, configuration errors, and parameter tampering with real-world analogies, like breaking into your house through your shed, or sneaking into a Coldplay concert using a reflective yellow vest, a walkie talkie toy, and your bravado. If youve ever struggled to remember exactly how these issues work or struggled to explain them to someone outside of the security field, this presentation will help (and probably make you laugh). Topics covered include: - Injection Flaws - XSS - SQL Injection - Broken Authentication - Privilege Escalation - Information Disclosure - Parameter Tampering - Configuration Errors This webinar is ideal for anyone who wants to understand core Application Security concepts so they can apply risk mitigation strategies with better context. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/howtohijackapizzadeliveryrobotwithinjectionflaws-191217191540-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> Welcome to the lighter side of the software security world! Well explain complex topics like injection flaws, configuration errors, and parameter tampering with real-world analogies, like breaking into your house through your shed, or sneaking into a Coldplay concert using a reflective yellow vest, a walkie talkie toy, and your bravado. If youve ever struggled to remember exactly how these issues work or struggled to explain them to someone outside of the security field, this presentation will help (and probably make you laugh). Topics covered include: - Injection Flaws - XSS - SQL Injection - Broken Authentication - Privilege Escalation - Information Disclosure - Parameter Tampering - Configuration Errors This webinar is ideal for anyone who wants to understand core Application Security concepts so they can apply risk mitigation strategies with better context.
How to Hijack a Pizza Delivery Robot with Injection Flaws from Security Innovation
]]> 578 8 https://cdn.slidesharecdn.com/ss_thumbnails/howtohijackapizzadeliveryrobotwithinjectionflaws-191217191540-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 How an Attacker "Audits" Your Software Systems /slideshow/how-an-attacker-audits-your-software-systems/195267211 howanattackerauditsyoursoftwaresystems-191119203631
Software runs todays business; however, security implications are often misunderstood, creating significant organizational risk. Poorly configured servers, 3rd-party software, and continuous release cycles put additional pressure on already stressed teams. Hackers no longer just exploit vulnerabilities in code -- faulty cloud deployments, weak database structures, and business logic problems are also easy targets for attackers. To reduce risk, youve got to audit your system in the same way an attacker would. This presentation demonstrates how attackers compromise the modern enterprise. For each attack demonstrated, mitigation practices will be discussed. WARNING: software will be harmed during this presentation. Viewer discretion advised.]]>
Software runs todays business; however, security implications are often misunderstood, creating significant organizational risk. Poorly configured servers, 3rd-party software, and continuous release cycles put additional pressure on already stressed teams. Hackers no longer just exploit vulnerabilities in code -- faulty cloud deployments, weak database structures, and business logic problems are also easy targets for attackers. To reduce risk, youve got to audit your system in the same way an attacker would. This presentation demonstrates how attackers compromise the modern enterprise. For each attack demonstrated, mitigation practices will be discussed. WARNING: software will be harmed during this presentation. Viewer discretion advised.]]> Tue, 19 Nov 2019 20:36:31 GMT /slideshow/how-an-attacker-audits-your-software-systems/195267211 SecurityInnovation@slideshare.net(SecurityInnovation) How an Attacker "Audits" Your Software Systems SecurityInnovation Software runs todays business; however, security implications are often misunderstood, creating significant organizational risk. Poorly configured servers, 3rd-party software, and continuous release cycles put additional pressure on already stressed teams. Hackers no longer just exploit vulnerabilities in code -- faulty cloud deployments, weak database structures, and business logic problems are also easy targets for attackers. To reduce risk, youve got to audit your system in the same way an attacker would. This presentation demonstrates how attackers compromise the modern enterprise. For each attack demonstrated, mitigation practices will be discussed. WARNING: software will be harmed during this presentation. Viewer discretion advised. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/howanattackerauditsyoursoftwaresystems-191119203631-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> Software runs todays business; however, security implications are often misunderstood, creating significant organizational risk. Poorly configured servers, 3rd-party software, and continuous release cycles put additional pressure on already stressed teams. Hackers no longer just exploit vulnerabilities in code -- faulty cloud deployments, weak database structures, and business logic problems are also easy targets for attackers. To reduce risk, youve got to audit your system in the same way an attacker would. This presentation demonstrates how attackers compromise the modern enterprise. For each attack demonstrated, mitigation practices will be discussed. WARNING: software will be harmed during this presentation. Viewer discretion advised.
How an Attacker "Audits" Your Software Systems from Security Innovation
]]> 487 1 https://cdn.slidesharecdn.com/ss_thumbnails/howanattackerauditsyoursoftwaresystems-191119203631-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Opening the Talent Spigot to Securing our Digital Future /slideshow/opening-the-talent-spigot-to-securing-our-digital-future/194008690 pci2019eucm-openingthetalentspigot-adams-final-191115174954
Ed Adams delivered his talk Opening the Talent Spigot to Secure Our Digital Future at both the North American & European 2019 PCI Community Meetings. Here are the slides from that talk.]]>
Ed Adams delivered his talk Opening the Talent Spigot to Secure Our Digital Future at both the North American & European 2019 PCI Community Meetings. Here are the slides from that talk.]]> Fri, 15 Nov 2019 17:49:54 GMT /slideshow/opening-the-talent-spigot-to-securing-our-digital-future/194008690 SecurityInnovation@slideshare.net(SecurityInnovation) Opening the Talent Spigot to Securing our Digital Future SecurityInnovation Ed Adams delivered his talk Opening the Talent Spigot to Secure Our Digital Future at both the North American & European 2019 PCI Community Meetings. Here are the slides from that talk. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/pci2019eucm-openingthetalentspigot-adams-final-191115174954-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> Ed Adams delivered his talk Opening the Talent Spigot to Secure Our Digital Future at both the North American &amp; European 2019 PCI Community Meetings. Here are the slides from that talk.
Opening the Talent Spigot to Securing our Digital Future from Security Innovation
]]> 857 1 https://cdn.slidesharecdn.com/ss_thumbnails/pci2019eucm-openingthetalentspigot-adams-final-191115174954-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Assessing System Risk the Smart Way /slideshow/assessing-system-risk-the-smart-way/185453915 assessinginformationsystemriskwebcastoctober2019-191022195839
Information systems in the digital age are complex and expansive, with attack vectors coming in from every angle. This makes analyzing risk challenging, but more critical than ever. There is a need to better understand the dynamics of modern IT systems, security controls that protect them, and best practices for adherence to todays GRC requirements. These slides are from our webinar covering topics like: 揃 Threats, vulnerabilities, weaknesses why their difference matters 揃 How vulnerability scanning can help (and hinder) your efforts 揃 Security engineering and the system development lifecycle 揃 High impact activities - application risk rating and threat modeling]]>
Information systems in the digital age are complex and expansive, with attack vectors coming in from every angle. This makes analyzing risk challenging, but more critical than ever. There is a need to better understand the dynamics of modern IT systems, security controls that protect them, and best practices for adherence to todays GRC requirements. These slides are from our webinar covering topics like: 揃 Threats, vulnerabilities, weaknesses why their difference matters 揃 How vulnerability scanning can help (and hinder) your efforts 揃 Security engineering and the system development lifecycle 揃 High impact activities - application risk rating and threat modeling]]> Tue, 22 Oct 2019 19:58:39 GMT /slideshow/assessing-system-risk-the-smart-way/185453915 SecurityInnovation@slideshare.net(SecurityInnovation) Assessing System Risk the Smart Way SecurityInnovation Information systems in the digital age are complex and expansive, with attack vectors coming in from every angle. This makes analyzing risk challenging, but more critical than ever. There is a need to better understand the dynamics of modern IT systems, security controls that protect them, and best practices for adherence to todays GRC requirements. These slides are from our webinar covering topics like: 揃 Threats, vulnerabilities, weaknesses why their difference matters 揃 How vulnerability scanning can help (and hinder) your efforts 揃 Security engineering and the system development lifecycle 揃 High impact activities - application risk rating and threat modeling <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/assessinginformationsystemriskwebcastoctober2019-191022195839-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> Information systems in the digital age are complex and expansive, with attack vectors coming in from every angle. This makes analyzing risk challenging, but more critical than ever. There is a need to better understand the dynamics of modern IT systems, security controls that protect them, and best practices for adherence to todays GRC requirements. These slides are from our webinar covering topics like: 揃 Threats, vulnerabilities, weaknesses why their difference matters 揃 How vulnerability scanning can help (and hinder) your efforts 揃 Security engineering and the system development lifecycle 揃 High impact activities - application risk rating and threat modeling
Assessing System Risk the Smart Way from Security Innovation
]]> 112 0 https://cdn.slidesharecdn.com/ss_thumbnails/assessinginformationsystemriskwebcastoctober2019-191022195839-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Slashing Your Cloud Risk: 3 Must-Do's /slideshow/slashing-your-cloud-risk-3-mustdos/176431086 mitigatingcloudrisk-joe-190926182509
The cloud is a cost-effective way to provide maximum accessibility for your customers. However, organizations often fail to optimize and configure it properly for their environment, leaving them inadvertently exposed. These slides are from our recent webinar covering proven techniques that reduce cloud risk, including: Building applications to leverage automation and built-in cloud controls Securing access control and key management Ensuring essential services are running, reachable, and securely hardened]]>
The cloud is a cost-effective way to provide maximum accessibility for your customers. However, organizations often fail to optimize and configure it properly for their environment, leaving them inadvertently exposed. These slides are from our recent webinar covering proven techniques that reduce cloud risk, including: Building applications to leverage automation and built-in cloud controls Securing access control and key management Ensuring essential services are running, reachable, and securely hardened]]> Thu, 26 Sep 2019 18:25:09 GMT /slideshow/slashing-your-cloud-risk-3-mustdos/176431086 SecurityInnovation@slideshare.net(SecurityInnovation) Slashing Your Cloud Risk: 3 Must-Do's SecurityInnovation The cloud is a cost-effective way to provide maximum accessibility for your customers. However, organizations often fail to optimize and configure it properly for their environment, leaving them inadvertently exposed. These slides are from our recent webinar covering proven techniques that reduce cloud risk, including: Building applications to leverage automation and built-in cloud controls Securing access control and key management Ensuring essential services are running, reachable, and securely hardened <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/mitigatingcloudrisk-joe-190926182509-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> The cloud is a cost-effective way to provide maximum accessibility for your customers. However, organizations often fail to optimize and configure it properly for their environment, leaving them inadvertently exposed. These slides are from our recent webinar covering proven techniques that reduce cloud risk, including: Building applications to leverage automation and built-in cloud controls Securing access control and key management Ensuring essential services are running, reachable, and securely hardened
Slashing Your Cloud Risk: 3 Must-Do's from Security Innovation
]]> 74 2 https://cdn.slidesharecdn.com/ss_thumbnails/mitigatingcloudrisk-joe-190926182509-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 A Fresh, New Look for CMD+CTRL Cyber Range /slideshow/a-fresh-new-look-for-cmdctrl-cyber-range/170671328 afreshnewlookforcyberrange-190910191523
After running 300+ customer, community and industry events, Security Innovation has received some great feedback to further enhance our award-winning CMD+CTRL Cyber Range. Weve taken that feedback and made some major improvements to our newly released CMD+CTRL user interface. In this live webinar, we will unveil the new and improved CMD+CTRL platform, showcasing how it provides players with an improved learning environment, and administrators now have maximum control over in-house events. The new CMD+CTRL experience includes: * Enhanced Gamification Experience * Seamless Event Switching * Dedicated Player Report Card * Admin All-in-One mode * Instant Event Setup * Event Specific Dashboards Join us for a first look at all of the new features our CMD+CTRL Cyber Range has to offer. ]]>
After running 300+ customer, community and industry events, Security Innovation has received some great feedback to further enhance our award-winning CMD+CTRL Cyber Range. Weve taken that feedback and made some major improvements to our newly released CMD+CTRL user interface. In this live webinar, we will unveil the new and improved CMD+CTRL platform, showcasing how it provides players with an improved learning environment, and administrators now have maximum control over in-house events. The new CMD+CTRL experience includes: * Enhanced Gamification Experience * Seamless Event Switching * Dedicated Player Report Card * Admin All-in-One mode * Instant Event Setup * Event Specific Dashboards Join us for a first look at all of the new features our CMD+CTRL Cyber Range has to offer. ]]> Tue, 10 Sep 2019 19:15:23 GMT /slideshow/a-fresh-new-look-for-cmdctrl-cyber-range/170671328 SecurityInnovation@slideshare.net(SecurityInnovation) A Fresh, New Look for CMD+CTRL Cyber Range SecurityInnovation After running 300+ customer, community and industry events, Security Innovation has received some great feedback to further enhance our award-winning CMD+CTRL Cyber Range. Weve taken that feedback and made some major improvements to our newly released CMD+CTRL user interface. In this live webinar, we will unveil the new and improved CMD+CTRL platform, showcasing how it provides players with an improved learning environment, and administrators now have maximum control over in-house events. The new CMD+CTRL experience includes: * Enhanced Gamification Experience * Seamless Event Switching * Dedicated Player Report Card * Admin All-in-One mode * Instant Event Setup * Event Specific Dashboards Join us for a first look at all of the new features our CMD+CTRL Cyber Range has to offer. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/afreshnewlookforcyberrange-190910191523-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> After running 300+ customer, community and industry events, Security Innovation has received some great feedback to further enhance our award-winning CMD+CTRL Cyber Range. Weve taken that feedback and made some major improvements to our newly released CMD+CTRL user interface. In this live webinar, we will unveil the new and improved CMD+CTRL platform, showcasing how it provides players with an improved learning environment, and administrators now have maximum control over in-house events. The new CMD+CTRL experience includes: * Enhanced Gamification Experience * Seamless Event Switching * Dedicated Player Report Card * Admin All-in-One mode * Instant Event Setup * Event Specific Dashboards Join us for a first look at all of the new features our CMD+CTRL Cyber Range has to offer.
A Fresh, New Look for CMD+CTRL Cyber Range from Security Innovation
]]> 111 0 https://cdn.slidesharecdn.com/ss_thumbnails/afreshnewlookforcyberrange-190910191523-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Security Testing for IoT Systems /slideshow/security-testing-for-iot-systems/149455670 securitytestingiotsystemsjune2019-190613152739
IoT Systems provide powerful, flexible features for IT systems tracking, monitoring, and other data sharing. Todays IoT devices utilize microservices and APIs that make them easy to put into production. But securing them isnt as easy. This webinar will look at security risks of IoT devices, interfaces, and implementations. Well provide practical steps and checklists any DevOps team can use to make their IoT components as secure as possible. Well also cover some testing best practices that can be done pre- and post-production to verify security and resilience on an ongoing basis. ]]>
IoT Systems provide powerful, flexible features for IT systems tracking, monitoring, and other data sharing. Todays IoT devices utilize microservices and APIs that make them easy to put into production. But securing them isnt as easy. This webinar will look at security risks of IoT devices, interfaces, and implementations. Well provide practical steps and checklists any DevOps team can use to make their IoT components as secure as possible. Well also cover some testing best practices that can be done pre- and post-production to verify security and resilience on an ongoing basis. ]]> Thu, 13 Jun 2019 15:27:39 GMT /slideshow/security-testing-for-iot-systems/149455670 SecurityInnovation@slideshare.net(SecurityInnovation) Security Testing for IoT Systems SecurityInnovation IoT Systems provide powerful, flexible features for IT systems tracking, monitoring, and other data sharing. Todays IoT devices utilize microservices and APIs that make them easy to put into production. But securing them isnt as easy. This webinar will look at security risks of IoT devices, interfaces, and implementations. Well provide practical steps and checklists any DevOps team can use to make their IoT components as secure as possible. Well also cover some testing best practices that can be done pre- and post-production to verify security and resilience on an ongoing basis. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/securitytestingiotsystemsjune2019-190613152739-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> IoT Systems provide powerful, flexible features for IT systems tracking, monitoring, and other data sharing. Todays IoT devices utilize microservices and APIs that make them easy to put into production. But securing them isnt as easy. This webinar will look at security risks of IoT devices, interfaces, and implementations. Well provide practical steps and checklists any DevOps team can use to make their IoT components as secure as possible. Well also cover some testing best practices that can be done pre- and post-production to verify security and resilience on an ongoing basis.
Security Testing for IoT Systems from Security Innovation
]]> 1268 6 https://cdn.slidesharecdn.com/ss_thumbnails/securitytestingiotsystemsjune2019-190613152739-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Cyber Ranges: A New Approach to Security /slideshow/cyber-ranges-a-new-approach-to-security/145272067 webinarcyberranges-anewapproachtosecuritywebinar1-190513135803
This session provides an introduction to simulation environments like Cyber Ranges, differentiate them from gamification systems, and discusses the emerging delivery, adoption and organizational lessons learned that are driving further adoption. ]]>
This session provides an introduction to simulation environments like Cyber Ranges, differentiate them from gamification systems, and discusses the emerging delivery, adoption and organizational lessons learned that are driving further adoption. ]]> Mon, 13 May 2019 13:58:03 GMT /slideshow/cyber-ranges-a-new-approach-to-security/145272067 SecurityInnovation@slideshare.net(SecurityInnovation) Cyber Ranges: A New Approach to Security SecurityInnovation This session provides an introduction to simulation environments like Cyber Ranges, differentiate them from gamification systems, and discusses the emerging delivery, adoption and organizational lessons learned that are driving further adoption. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/webinarcyberranges-anewapproachtosecuritywebinar1-190513135803-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> This session provides an introduction to simulation environments like Cyber Ranges, differentiate them from gamification systems, and discusses the emerging delivery, adoption and organizational lessons learned that are driving further adoption.
Cyber Ranges: A New Approach to Security from Security Innovation
]]> 238 1 https://cdn.slidesharecdn.com/ss_thumbnails/webinarcyberranges-anewapproachtosecuritywebinar1-190513135803-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Is Blockchain Right for You? The Million Dollar Question /slideshow/is-blockchain-right-for-you-the-million-dollar-question/137374906 blockchainwebinar2019-190320185657
Blockchain is a promising technology getting a lot of attention these days; however, organizations arent entirely sure how it might improve business operations, what the risk implications are, and the security savviness needed to implement securely. This webcast will address the most pressing issues and misconceptions surrounding Blockchain today, including: What is Blockchain? What are the new technologies I need to understand? Use Cases: where is Blockchain most advantageous? Snooze Cases: where/when is Blockchain a bad idea? What are the most common pitfalls with Blockchain?]]>
Blockchain is a promising technology getting a lot of attention these days; however, organizations arent entirely sure how it might improve business operations, what the risk implications are, and the security savviness needed to implement securely. This webcast will address the most pressing issues and misconceptions surrounding Blockchain today, including: What is Blockchain? What are the new technologies I need to understand? Use Cases: where is Blockchain most advantageous? Snooze Cases: where/when is Blockchain a bad idea? What are the most common pitfalls with Blockchain?]]> Wed, 20 Mar 2019 18:56:57 GMT /slideshow/is-blockchain-right-for-you-the-million-dollar-question/137374906 SecurityInnovation@slideshare.net(SecurityInnovation) Is Blockchain Right for You? The Million Dollar Question SecurityInnovation Blockchain is a promising technology getting a lot of attention these days; however, organizations arent entirely sure how it might improve business operations, what the risk implications are, and the security savviness needed to implement securely. This webcast will address the most pressing issues and misconceptions surrounding Blockchain today, including: What is Blockchain? What are the new technologies I need to understand? Use Cases: where is Blockchain most advantageous? Snooze Cases: where/when is Blockchain a bad idea? What are the most common pitfalls with Blockchain? <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/blockchainwebinar2019-190320185657-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> Blockchain is a promising technology getting a lot of attention these days; however, organizations arent entirely sure how it might improve business operations, what the risk implications are, and the security savviness needed to implement securely. This webcast will address the most pressing issues and misconceptions surrounding Blockchain today, including: What is Blockchain? What are the new technologies I need to understand? Use Cases: where is Blockchain most advantageous? Snooze Cases: where/when is Blockchain a bad idea? What are the most common pitfalls with Blockchain?
Is Blockchain Right for You? The Million Dollar Question from Security Innovation
]]> 101 4 https://cdn.slidesharecdn.com/ss_thumbnails/blockchainwebinar2019-190320185657-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Privacy: The New Software Development Dilemma /slideshow/privacy-the-new-software-development-dilemma/133797801 privacy-thenewsoftwaredevelopmentdilemma-190301031502
Software runs our world the cars we drive, the phones we use, the websites we browse, the entertainment we consume. In every instance privacy risks abound. How do software development teams design and build software to ensure privacy data is protected? Attend this webcast to learn practical tips to build software applications that protect privacy data. Understand the requirements of new laws such as GDPR and the impact they have on software development. Topics covered: Designing for Privacy: least privilege and compartmentalization Creating privacy impact rating Implementing application privacy controls Techniques for effective privacy testing]]>
Software runs our world the cars we drive, the phones we use, the websites we browse, the entertainment we consume. In every instance privacy risks abound. How do software development teams design and build software to ensure privacy data is protected? Attend this webcast to learn practical tips to build software applications that protect privacy data. Understand the requirements of new laws such as GDPR and the impact they have on software development. Topics covered: Designing for Privacy: least privilege and compartmentalization Creating privacy impact rating Implementing application privacy controls Techniques for effective privacy testing]]> Fri, 01 Mar 2019 03:15:02 GMT /slideshow/privacy-the-new-software-development-dilemma/133797801 SecurityInnovation@slideshare.net(SecurityInnovation) Privacy: The New Software Development Dilemma SecurityInnovation Software runs our world the cars we drive, the phones we use, the websites we browse, the entertainment we consume. In every instance privacy risks abound. How do software development teams design and build software to ensure privacy data is protected? Attend this webcast to learn practical tips to build software applications that protect privacy data. Understand the requirements of new laws such as GDPR and the impact they have on software development. Topics covered: Designing for Privacy: least privilege and compartmentalization Creating privacy impact rating Implementing application privacy controls Techniques for effective privacy testing <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/privacy-thenewsoftwaredevelopmentdilemma-190301031502-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> Software runs our world the cars we drive, the phones we use, the websites we browse, the entertainment we consume. In every instance privacy risks abound. How do software development teams design and build software to ensure privacy data is protected? Attend this webcast to learn practical tips to build software applications that protect privacy data. Understand the requirements of new laws such as GDPR and the impact they have on software development. Topics covered: Designing for Privacy: least privilege and compartmentalization Creating privacy impact rating Implementing application privacy controls Techniques for effective privacy testing
Privacy: The New Software Development Dilemma from Security Innovation
]]> 160 1 https://cdn.slidesharecdn.com/ss_thumbnails/privacy-thenewsoftwaredevelopmentdilemma-190301031502-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Privacy Secrets Your Systems May Be Telling /slideshow/privacy-secrets-your-systems-may-be-telling-129857386/129857386 updatedprivacysecretsyoursystemsmaybetelling-190130155844
Privacy has overtaken security as a top concern for many organizations. New laws such as GDPR come with steep fines and stringent rules, and more are certainly to come. Attend this webcast to learn how everyday business operations put customer privacy data at risk. More importantly understand best practices on protecting this data and dealing with disclosure requirements. Topics include: * Types of privacy and threats to them * How is privacy different than security? * Business systems putting you most at risk]]>
Privacy has overtaken security as a top concern for many organizations. New laws such as GDPR come with steep fines and stringent rules, and more are certainly to come. Attend this webcast to learn how everyday business operations put customer privacy data at risk. More importantly understand best practices on protecting this data and dealing with disclosure requirements. Topics include: * Types of privacy and threats to them * How is privacy different than security? * Business systems putting you most at risk]]> Wed, 30 Jan 2019 15:58:43 GMT /slideshow/privacy-secrets-your-systems-may-be-telling-129857386/129857386 SecurityInnovation@slideshare.net(SecurityInnovation) Privacy Secrets Your Systems May Be Telling SecurityInnovation Privacy has overtaken security as a top concern for many organizations. New laws such as GDPR come with steep fines and stringent rules, and more are certainly to come. Attend this webcast to learn how everyday business operations put customer privacy data at risk. More importantly understand best practices on protecting this data and dealing with disclosure requirements. Topics include: * Types of privacy and threats to them * How is privacy different than security? * Business systems putting you most at risk <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/updatedprivacysecretsyoursystemsmaybetelling-190130155844-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> Privacy has overtaken security as a top concern for many organizations. New laws such as GDPR come with steep fines and stringent rules, and more are certainly to come. Attend this webcast to learn how everyday business operations put customer privacy data at risk. More importantly understand best practices on protecting this data and dealing with disclosure requirements. Topics include: * Types of privacy and threats to them * How is privacy different than security? * Business systems putting you most at risk
Privacy Secrets Your Systems May Be Telling from Security Innovation
]]> 135 4 https://cdn.slidesharecdn.com/ss_thumbnails/updatedprivacysecretsyoursystemsmaybetelling-190130155844-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Secure DevOps - Evolution or Revolution? /slideshow/secure-devops-evolution-or-revolution/125817101 securedevops2018-181213160724
DevOps continues to be a buzzword in the software development and operations world, but is it really a paradigm shift? It depends on what lens you view it through. Roman Garber, an active software security engineering and software team lead thinks so. Ed Adams, Security Innovation CEO, a 20-year software quality veteran and former mechanical engineer, curmudgeonly disagrees. ]]>
DevOps continues to be a buzzword in the software development and operations world, but is it really a paradigm shift? It depends on what lens you view it through. Roman Garber, an active software security engineering and software team lead thinks so. Ed Adams, Security Innovation CEO, a 20-year software quality veteran and former mechanical engineer, curmudgeonly disagrees. ]]> Thu, 13 Dec 2018 16:07:24 GMT /slideshow/secure-devops-evolution-or-revolution/125817101 SecurityInnovation@slideshare.net(SecurityInnovation) Secure DevOps - Evolution or Revolution? SecurityInnovation DevOps continues to be a buzzword in the software development and operations world, but is it really a paradigm shift? It depends on what lens you view it through. Roman Garber, an active software security engineering and software team lead thinks so. Ed Adams, Security Innovation CEO, a 20-year software quality veteran and former mechanical engineer, curmudgeonly disagrees. <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/securedevops2018-181213160724-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> DevOps continues to be a buzzword in the software development and operations world, but is it really a paradigm shift? It depends on what lens you view it through. Roman Garber, an active software security engineering and software team lead thinks so. Ed Adams, Security Innovation CEO, a 20-year software quality veteran and former mechanical engineer, curmudgeonly disagrees.
Secure DevOps - Evolution or Revolution? from Security Innovation
]]> 341 3 https://cdn.slidesharecdn.com/ss_thumbnails/securedevops2018-181213160724-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 IoT Security: Debunking the "We Aren't THAT Connected" Myth /slideshow/iot-security-debunking-the-we-arent-that-connected-myth/102181197 iotsecuritywebinar2018final-180612180612
In a world where convenience is key, consumers are adopting every new connected device that hits the shelves - and doing so with the assumption that due diligence security has been considered. But recent IoT attacks suggest otherwise. As organizations migrate from a primarily offline to online business model, they are failing to consider IoTs unique threats which traditional solutions are unable to secure. As a result, steps must be taken to ensure that the device, connections and infrastructure are hardened, especially software which runs IoT devices and is the source of ~90% of attacks. This webinar is ideal for risk, technology, and security professionals that want to understand why a hacker would want to attack their harmless IoT device and what the stealth risk to their organization and consumers is. Topics covered include: - IoT security why its so different.and tough - The IoT ecosystem and attack surface - Managing liability - IoT risks to consumers and vendors - Auditing IoT software development]]>
In a world where convenience is key, consumers are adopting every new connected device that hits the shelves - and doing so with the assumption that due diligence security has been considered. But recent IoT attacks suggest otherwise. As organizations migrate from a primarily offline to online business model, they are failing to consider IoTs unique threats which traditional solutions are unable to secure. As a result, steps must be taken to ensure that the device, connections and infrastructure are hardened, especially software which runs IoT devices and is the source of ~90% of attacks. This webinar is ideal for risk, technology, and security professionals that want to understand why a hacker would want to attack their harmless IoT device and what the stealth risk to their organization and consumers is. Topics covered include: - IoT security why its so different.and tough - The IoT ecosystem and attack surface - Managing liability - IoT risks to consumers and vendors - Auditing IoT software development]]> Tue, 12 Jun 2018 18:06:12 GMT /slideshow/iot-security-debunking-the-we-arent-that-connected-myth/102181197 SecurityInnovation@slideshare.net(SecurityInnovation) IoT Security: Debunking the "We Aren't THAT Connected" Myth SecurityInnovation In a world where convenience is key, consumers are adopting every new connected device that hits the shelves - and doing so with the assumption that due diligence security has been considered. But recent IoT attacks suggest otherwise. As organizations migrate from a primarily offline to online business model, they are failing to consider IoTs unique threats which traditional solutions are unable to secure. As a result, steps must be taken to ensure that the device, connections and infrastructure are hardened, especially software which runs IoT devices and is the source of ~90% of attacks. This webinar is ideal for risk, technology, and security professionals that want to understand why a hacker would want to attack their harmless IoT device and what the stealth risk to their organization and consumers is. Topics covered include: - IoT security why its so different.and tough - The IoT ecosystem and attack surface - Managing liability - IoT risks to consumers and vendors - Auditing IoT software development <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/iotsecuritywebinar2018final-180612180612-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> In a world where convenience is key, consumers are adopting every new connected device that hits the shelves - and doing so with the assumption that due diligence security has been considered. But recent IoT attacks suggest otherwise. As organizations migrate from a primarily offline to online business model, they are failing to consider IoTs unique threats which traditional solutions are unable to secure. As a result, steps must be taken to ensure that the device, connections and infrastructure are hardened, especially software which runs IoT devices and is the source of ~90% of attacks. This webinar is ideal for risk, technology, and security professionals that want to understand why a hacker would want to attack their harmless IoT device and what the stealth risk to their organization and consumers is. Topics covered include: - IoT security why its so different.and tough - The IoT ecosystem and attack surface - Managing liability - IoT risks to consumers and vendors - Auditing IoT software development
IoT Security: Debunking the "We Aren't THAT Connected" Myth from Security Innovation
]]> 281 4 https://cdn.slidesharecdn.com/ss_thumbnails/iotsecuritywebinar2018final-180612180612-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 Threat Modeling - Locking the Door to Vulnerabilities /slideshow/threat-modeling-locking-the-door-to-vulnerabilities/96712127 threatmodelingwebinar2018-final-180511140454
Did you lock the door before leaving your house this morning? If you did, you threat modeled without even realizing it. Threat modeling is identifying potential threats (house robbery) and implementing measures to mitigate the risk (locking your door). Protecting valuable assets, no matter if personal assets or business-related assets such as the software you are developing, threat modeling should become an instinctual and necessary part of your process. Our talk highlights how nearly 50% of security flaws can be mitigated through threat modeling. We help you prevent and mitigate risks by utilizing a reliable and hard-hitting analysis technique that can be applied to individual applications or across an entire portfolio. We show you how to effectively apply these techniques at the start of the design phase and throughout every phase of the development lifecycle so you can maximize the ROI of your security efforts. Topics covered include: Threat Modeling 101 The propagating effect of poor design Tabletop exercise a world with and without threat modeling Best practices and metrics for every stakeholder]]>
Did you lock the door before leaving your house this morning? If you did, you threat modeled without even realizing it. Threat modeling is identifying potential threats (house robbery) and implementing measures to mitigate the risk (locking your door). Protecting valuable assets, no matter if personal assets or business-related assets such as the software you are developing, threat modeling should become an instinctual and necessary part of your process. Our talk highlights how nearly 50% of security flaws can be mitigated through threat modeling. We help you prevent and mitigate risks by utilizing a reliable and hard-hitting analysis technique that can be applied to individual applications or across an entire portfolio. We show you how to effectively apply these techniques at the start of the design phase and throughout every phase of the development lifecycle so you can maximize the ROI of your security efforts. Topics covered include: Threat Modeling 101 The propagating effect of poor design Tabletop exercise a world with and without threat modeling Best practices and metrics for every stakeholder]]> Fri, 11 May 2018 14:04:54 GMT /slideshow/threat-modeling-locking-the-door-to-vulnerabilities/96712127 SecurityInnovation@slideshare.net(SecurityInnovation) Threat Modeling - Locking the Door to Vulnerabilities SecurityInnovation Did you lock the door before leaving your house this morning? If you did, you threat modeled without even realizing it. Threat modeling is identifying potential threats (house robbery) and implementing measures to mitigate the risk (locking your door). Protecting valuable assets, no matter if personal assets or business-related assets such as the software you are developing, threat modeling should become an instinctual and necessary part of your process. Our talk highlights how nearly 50% of security flaws can be mitigated through threat modeling. We help you prevent and mitigate risks by utilizing a reliable and hard-hitting analysis technique that can be applied to individual applications or across an entire portfolio. We show you how to effectively apply these techniques at the start of the design phase and throughout every phase of the development lifecycle so you can maximize the ROI of your security efforts. Topics covered include: Threat Modeling 101 The propagating effect of poor design Tabletop exercise a world with and without threat modeling Best practices and metrics for every stakeholder <img style="border:1px solid #C3E6D8;float:right;" alt="" src="https://cdn.slidesharecdn.com/ss_thumbnails/threatmodelingwebinar2018-final-180511140454-thumbnail.jpg?width=120&amp;height=120&amp;fit=bounds" /><br> Did you lock the door before leaving your house this morning? If you did, you threat modeled without even realizing it. Threat modeling is identifying potential threats (house robbery) and implementing measures to mitigate the risk (locking your door). Protecting valuable assets, no matter if personal assets or business-related assets such as the software you are developing, threat modeling should become an instinctual and necessary part of your process. Our talk highlights how nearly 50% of security flaws can be mitigated through threat modeling. We help you prevent and mitigate risks by utilizing a reliable and hard-hitting analysis technique that can be applied to individual applications or across an entire portfolio. We show you how to effectively apply these techniques at the start of the design phase and throughout every phase of the development lifecycle so you can maximize the ROI of your security efforts. Topics covered include: Threat Modeling 101 The propagating effect of poor design Tabletop exercise a world with and without threat modeling Best practices and metrics for every stakeholder
Threat Modeling - Locking the Door to Vulnerabilities from Security Innovation
]]> 1143 5 https://cdn.slidesharecdn.com/ss_thumbnails/threatmodelingwebinar2018-final-180511140454-thumbnail.jpg?width=120&height=120&fit=bounds presentation Black http://activitystrea.ms/schema/1.0/post http://activitystrea.ms/schema/1.0/posted 0 https://cdn.slidesharecdn.com/profile-photo-SecurityInnovation-48x48.jpg?cb=1615838318 Security Innovation is a global provider of application security and cryptography solutions. For over a decade, the company has helped Fortune 500 organizations and Federal Government Agencies build internal security expertise, reduce application risk, and improve the process by which applications are built. www.securityinnovation.com https://cdn.slidesharecdn.com/ss_thumbnails/securingapplicationsinthecloud-210316014442-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/securing-applications-in-the-cloud/244460415 Securing Applications ... https://cdn.slidesharecdn.com/ss_thumbnails/mondernizingmigratingandmitigating-201014201339-thumbnail.jpg?width=320&height=320&fit=bounds SecurityInnovation/modernizing-migrating-mitigating-moving-to-modern-cloud-api-web-apps-webinar Modernizing, Migrating... https://cdn.slidesharecdn.com/ss_thumbnails/developtestmaintainsecuresystemssoftware-200520155237-thumbnail.jpg?width=320&height=320&fit=bounds slideshow/develop-test-maintain-secure-systems-while-being-pci-compliant/234351814 Develop, Test &amp; Mainta...