cyber security workshop @spit- 8th october 2016
TRANSCRIPT
Presented by:-Nilesh SapariyaSecurity Researcher | CEH v8 | Blogger
Before We Start :- Disclaimer
My posts have nothing to do with my company of organization I’m working. Its strictly educational purpose only.
All the knowledge provided on this slides area unit for academic functions solely. The positioning is not any approach to blame for any misuse of the knowledge.
This slides is completely meant for providing data on “Computer Security”, “Computer Programming” and different connected topics and is not any approach connected towards the terms “CRACKING” or “HACKING” (Unethical).
The word “Hack” or “Hacking” that's used on this slides shall be considered “Ethical Hack” or “Ethical Hacking” severally.
We tend to believe solely in White Hat Hacking. On the opposite hand we tend to condemn Black Hat Hacking.
Who Am I ? A researcher in Web Application Security
A Bug Hunter Enthusiast
4+ years of Experience in Information Security
Listed in top sites hall of fame
Speaker @Null Mumbai Chapter
Blogging at http://shield4you.blogspot.in/
A Twitter lover @nilesh_loganx
And Many more……
This talk is about Cyber security Trends
How to kick start your career in to Information Security
How to protect organizations from cyber criminals
But Why Cyber Security ?
#Reason1 : Apple
https://twitter.com/Zerodium/status/781516292901789696
#Reason2 : Google
https://twitter.com/soaj1664ashar/status/780481355192868864
#Reason3 : Google
https://twitter.com/Dinosn/status/775912785549094912
Why they pay this much for security ?
#Reason1 : Yahoo - 500M Users’ Account Hacked
https://twitter.com/TripwireInc/status/779289562770268161
#Reason2 : Dropbox Hacked
https://twitter.com/newsycombinator/status/770924645893668865
Types of Hacker..
White Hat Grey Hat Black Hat
White Hat Hackers
Grey Hat Hackers
Black Hat Hackers
Cyber security Trends
• Cloud services
https://en.wikipedia.org/wiki/Cloud_computing_security
• Ransomware
Ransomware
https://en.wikipedia.org/wiki/Ransomware
• IOT - Internet of Things
https://en.wikipedia.org/wiki/Internet_of_things
IOT + XXE
https://medium.com/@iraklis/an-unlikely-xxe-in-hikvisions-remote-access-camera-cloud-d57faf99620f#.tcdpedaqd
• Spear phishing
Ransomware
https://en.wikipedia.org/wiki/Phishing
• Known vulnerabilities
https://www.owasp.org/index.php/Top_10_2013-Top_10
CAREER PATH
Primary Domains in Information Security
1. Web Application Security / Mobile Application security
2. Network Security
3. Digital forensics
4. Secure Code review
5. Compliance :- ISO/COBIT implementation
6. Fuzzing / Exploitation
7. Security Architecture and Design
8. Software Development Security
When will I get a job?
Build yourself
Listening is the key
Must for Info Sec people:-
https://twitter.com/nilesh_loganx
Follow me + my followers ;)
http://null.co.in/
Subscribe to null mailing list + Attend free trainings
Take Away :- #NeverGiveUp
Deep dive into some real time attacks
How I could have hacked all Facebook accounts – 15K $
A Story Of How I Landed On Dating Site and Secured it
http://shield4you.blogspot.in/2015/08/a-story-of-how-i-landed-on-dating-site.html
Demo Time :-
Final Takeaway
https://twitter.com/brutelogic/status/649247337190137857
PS:
This presentation is purely to give you idea about different domains and latest trends (2016) in information security.
Its up to you to decide right carrier path according to your choice / likes / dislikes
Questions ?
Thank you
Comments | Feedback | Suggestions Twitter : https://twitter.com/nilesh_loganx
Email: [email protected]
Blog: http://shield4you.blogspot.in/
LinkedIn: https://www.linkedin.com/pub/nilesh-sapariya/39/33/735
Slide share: http://www.slideshare.net/Nilesh_logan