cyber security workshop @spit- 8th october 2016

Presented by:-Nilesh SapariyaSecurity Researcher | CEH v8 | Blogger

Before We Start :- Disclaimer

My posts have nothing to do with my company of organization I’m working. Its strictly educational purpose only.

All the knowledge provided on this slides area unit for academic functions solely. The positioning is not any approach to blame for any misuse of the knowledge.

This slides is completely meant for providing data on “Computer Security”, “Computer Programming” and different connected topics and is not any approach connected towards the terms “CRACKING” or “HACKING” (Unethical).

The word “Hack” or “Hacking” that's used on this slides shall be considered “Ethical Hack” or “Ethical Hacking” severally.

We tend to believe solely in White Hat Hacking. On the opposite hand we tend to condemn Black Hat Hacking.

Who Am I ? A researcher in Web Application Security

A Bug Hunter Enthusiast

4+ years of Experience in Information Security

Listed in top sites hall of fame

Speaker @Null Mumbai Chapter

Blogging at http://shield4you.blogspot.in/

A Twitter lover @nilesh_loganx

And Many more……

This talk is about Cyber security Trends

How to kick start your career in to Information Security

How to protect organizations from cyber criminals

But Why Cyber Security ?

#Reason1 : Apple

https://twitter.com/Zerodium/status/781516292901789696

#Reason2 : Google

https://twitter.com/soaj1664ashar/status/780481355192868864

#Reason3 : Google

https://twitter.com/Dinosn/status/775912785549094912

Why they pay this much for security ?

#Reason1 : Yahoo - 500M Users’ Account Hacked

https://twitter.com/TripwireInc/status/779289562770268161

#Reason2 : Dropbox Hacked

https://twitter.com/newsycombinator/status/770924645893668865

Types of Hacker..

White Hat Grey Hat Black Hat

White Hat Hackers

Grey Hat Hackers

Black Hat Hackers

Cyber security Trends

• Cloud services

https://en.wikipedia.org/wiki/Cloud_computing_security

• Ransomware

Ransomware

https://en.wikipedia.org/wiki/Ransomware

• IOT - Internet of Things

https://en.wikipedia.org/wiki/Internet_of_things

IOT + XXE

https://medium.com/@iraklis/an-unlikely-xxe-in-hikvisions-remote-access-camera-cloud-d57faf99620f#.tcdpedaqd

• Spear phishing

Ransomware

https://en.wikipedia.org/wiki/Phishing

• Known vulnerabilities

https://www.owasp.org/index.php/Top_10_2013-Top_10

CAREER PATH

Primary Domains in Information Security

1. Web Application Security / Mobile Application security

2. Network Security

3. Digital forensics

4. Secure Code review

5. Compliance :- ISO/COBIT implementation

6. Fuzzing / Exploitation

7. Security Architecture and Design

8. Software Development Security

When will I get a job?

Build yourself

Listening is the key

Must for Info Sec people:-

https://twitter.com/nilesh_loganx

Follow me + my followers ;)

http://null.co.in/

Subscribe to null mailing list + Attend free trainings

Take Away :- #NeverGiveUp

Deep dive into some real time attacks

How I could have hacked all Facebook accounts – 15K $

A Story Of How I Landed On Dating Site and Secured it

http://shield4you.blogspot.in/2015/08/a-story-of-how-i-landed-on-dating-site.html

Demo Time :-

Final Takeaway

https://twitter.com/brutelogic/status/649247337190137857

PS:

This presentation is purely to give you idea about different domains and latest trends (2016) in information security.

Its up to you to decide right carrier path according to your choice / likes / dislikes

Questions ?

Thank you

Comments | Feedback | Suggestions Twitter : https://twitter.com/nilesh_loganx

Email: nilesh.s.sapariya@gmail.com

Blog: http://shield4you.blogspot.in/

LinkedIn: https://www.linkedin.com/pub/nilesh-sapariya/39/33/735

Slide share: http://www.slideshare.net/Nilesh_logan