SlideShare a Scribd company logo

The Corporate Web Security Landscape

Download as PPT, PDF
Peter Wood
Peter Wood

The Corporate Web Security Landscape - An Ethical Hacker's View

Technology
1 of 24
The Corporate Web Security Landscape Peter Wood Chief Executive Officer First • Base Technologies LLP An Ethical Hacker’s View
Who is Peter Wood? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],1969 1989
Information leakage
Web Security Issues ,[object Object],[object Object],[object Object]
Web Security Issues ,[object Object],[object Object],[object Object]
The Statistics Cisco 1Q11 Global Threat Report
Drive-by Malware Infection ,[object Object],[object Object]
Drive-by Malware Infection ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Browser Version %
Operation Aurora ,[object Object],[object Object],[object Object]
Web Security Issues ,[object Object],[object Object],[object Object]
 
Spear phishing
Web Security Issues ,[object Object],[object Object],[object Object]
Malware on LinkedIn January 2009 - www.lavasoft.com
Malware on Facebook ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
3 May 2011- http://technolog.msnbc.msn.com
Social Networking Attacks http://www.independent.co.uk
DON’T PANIC! (assuming you’re the only user)
Patch and Check Regularly!
Control Your Web Browsing
Think Before You Click!
Don’t Forget to Cross Your Fingers!
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Need more information?

Recommended

Computer virus
Computer virusComputer virus
Computer virusShubham_Indrawat
 
Computer And Internet Security
Computer And Internet SecurityComputer And Internet Security
Computer And Internet SecurityJFashant
 
computer virus ppt.pptx
computer virus ppt.pptxcomputer virus ppt.pptx
computer virus ppt.pptxAbiniyavk
 
Virus
VirusVirus
VirusCHITRA S
 
Top Ten Ways to Shockproof Your Use of Social Media (Lightning Talk)
Top Ten Ways to Shockproof Your Use of Social Media (Lightning Talk)Top Ten Ways to Shockproof Your Use of Social Media (Lightning Talk)
Top Ten Ways to Shockproof Your Use of Social Media (Lightning Talk)Ben Woelk, CISSP, CPTC
 
[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATS
[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATS[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATS
[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATSJazzyNF
 
Internet security
Internet securityInternet security
Internet securityrfukunaga
 
Internet Security
Internet SecurityInternet Security
Internet SecurityChris Rodgers
 

Recommended

Computer virus
Computer virusComputer virus
Computer virusShubham_Indrawat
 
Computer And Internet Security
Computer And Internet SecurityComputer And Internet Security
Computer And Internet SecurityJFashant
 
computer virus ppt.pptx
computer virus ppt.pptxcomputer virus ppt.pptx
computer virus ppt.pptxAbiniyavk
 
Virus
VirusVirus
VirusCHITRA S
 
Top Ten Ways to Shockproof Your Use of Social Media (Lightning Talk)
Top Ten Ways to Shockproof Your Use of Social Media (Lightning Talk)Top Ten Ways to Shockproof Your Use of Social Media (Lightning Talk)
Top Ten Ways to Shockproof Your Use of Social Media (Lightning Talk)Ben Woelk, CISSP, CPTC
 
[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATS
[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATS[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATS
[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATSJazzyNF
 
Internet security
Internet securityInternet security
Internet securityrfukunaga
 
Internet Security
Internet SecurityInternet Security
Internet SecurityChris Rodgers
 
Internet Threats
Internet ThreatsInternet Threats
Internet ThreatsRonalyn_Cao
 
Safe Internet Banking Cyber Security
Safe Internet Banking Cyber SecuritySafe Internet Banking Cyber Security
Safe Internet Banking Cyber SecurityKushantha Gunawardana
 
Internet Threats
Internet ThreatsInternet Threats
Internet ThreatsLeelet1121
 
INTERNET SAFETY FOR KIDS
INTERNET SAFETY FOR KIDSINTERNET SAFETY FOR KIDS
INTERNET SAFETY FOR KIDSCamille Hazellie
 
A dozen dangerous myths about computer viruses
A dozen dangerous myths about computer virusesA dozen dangerous myths about computer viruses
A dozen dangerous myths about computer virusesUltraUploader
 
Malware program by mohsin ali dahar khairpur
Malware program by mohsin ali dahar khairpurMalware program by mohsin ali dahar khairpur
Malware program by mohsin ali dahar khairpurMohsin Dahar
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Jay Nagar
 
Cyber security
Cyber securityCyber security
Cyber securityDebaroy1995
 
Viruses and Spyware
Viruses and SpywareViruses and Spyware
Viruses and SpywareBuffalo Seminary
 
Internet security
Internet securityInternet security
Internet securityat1211
 
Bug bounty
Bug bountyBug bounty
Bug bountyRamin Farajpour Cami
 
Tutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the WebTutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the Webdpd
 
One of the most destructive botnets can now spread to nearby Wi-Fi networks
One of the most destructive botnets can now spread to nearby Wi-Fi networksOne of the most destructive botnets can now spread to nearby Wi-Fi networks
One of the most destructive botnets can now spread to nearby Wi-Fi networksAbaram Network Solutions
 
Introduction to Malwares
Introduction to MalwaresIntroduction to Malwares
Introduction to MalwaresAbdelhamid Limami
 
Cyber security[1118]
Cyber security[1118]Cyber security[1118]
Cyber security[1118]MeeraNairJ
 
Viruses, Worms And Trojan Horses
Viruses, Worms And Trojan HorsesViruses, Worms And Trojan Horses
Viruses, Worms And Trojan HorsesMario Reascos
 
Cyber warfare
Cyber warfareCyber warfare
Cyber warfareVedangiBrahmbhatt
 
Internet security issues
Internet security issuesInternet security issues
Internet security issuesirfan shaikh
 
Internet Security in Web 2.0
Internet Security in Web 2.0 Internet Security in Web 2.0
Internet Security in Web 2.0 Arjunsinh Sindhav
 
Hacking Vs Cracking in Computer Networks
Hacking Vs Cracking in Computer NetworksHacking Vs Cracking in Computer Networks
Hacking Vs Cracking in Computer NetworksSrikanth VNV
 
Jean pier talbot - web is the battlefield - atlseccon2011
Jean pier talbot - web is the battlefield - atlseccon2011Jean pier talbot - web is the battlefield - atlseccon2011
Jean pier talbot - web is the battlefield - atlseccon2011Atlantic Security Conference
 
Cyber security
Cyber securityCyber security
Cyber securityManjushree Mashal
 

More Related Content

What's hot

Internet Threats
Internet ThreatsInternet Threats
Internet ThreatsRonalyn_Cao
 
Safe Internet Banking Cyber Security
Safe Internet Banking Cyber SecuritySafe Internet Banking Cyber Security
Safe Internet Banking Cyber SecurityKushantha Gunawardana
 
Internet Threats
Internet ThreatsInternet Threats
Internet ThreatsLeelet1121
 
A dozen dangerous myths about computer viruses
A dozen dangerous myths about computer virusesA dozen dangerous myths about computer viruses
A dozen dangerous myths about computer virusesUltraUploader
 
Malware program by mohsin ali dahar khairpur
Malware program by mohsin ali dahar khairpurMalware program by mohsin ali dahar khairpur
Malware program by mohsin ali dahar khairpurMohsin Dahar
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Jay Nagar
 
Internet security
Internet securityInternet security
Internet securityat1211
 
Tutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the WebTutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the Webdpd
 
One of the most destructive botnets can now spread to nearby Wi-Fi networks
One of the most destructive botnets can now spread to nearby Wi-Fi networksOne of the most destructive botnets can now spread to nearby Wi-Fi networks
One of the most destructive botnets can now spread to nearby Wi-Fi networksAbaram Network Solutions
 
Cyber security[1118]
Cyber security[1118]Cyber security[1118]
Cyber security[1118]MeeraNairJ
 
Viruses, Worms And Trojan Horses
Viruses, Worms And Trojan HorsesViruses, Worms And Trojan Horses
Viruses, Worms And Trojan HorsesMario Reascos
 
Internet security issues
Internet security issuesInternet security issues
Internet security issuesirfan shaikh
 
Internet Security in Web 2.0
Internet Security in Web 2.0 Internet Security in Web 2.0
Internet Security in Web 2.0 Arjunsinh Sindhav
 
Hacking Vs Cracking in Computer Networks
Hacking Vs Cracking in Computer NetworksHacking Vs Cracking in Computer Networks
Hacking Vs Cracking in Computer NetworksSrikanth VNV
 

What's hot (20)

Internet Threats
Internet ThreatsInternet Threats
Internet Threats
 
Safe Internet Banking Cyber Security
Safe Internet Banking Cyber SecuritySafe Internet Banking Cyber Security
Safe Internet Banking Cyber Security
 
Internet Threats
Internet ThreatsInternet Threats
Internet Threats
 
INTERNET SAFETY FOR KIDS
INTERNET SAFETY FOR KIDSINTERNET SAFETY FOR KIDS
INTERNET SAFETY FOR KIDS
 
A dozen dangerous myths about computer viruses
A dozen dangerous myths about computer virusesA dozen dangerous myths about computer viruses
A dozen dangerous myths about computer viruses
 
Malware program by mohsin ali dahar khairpur
Malware program by mohsin ali dahar khairpurMalware program by mohsin ali dahar khairpur
Malware program by mohsin ali dahar khairpur
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness
 
Cyber security
Cyber securityCyber security
Cyber security
 
Viruses and Spyware
Viruses and SpywareViruses and Spyware
Viruses and Spyware
 
Internet security
Internet securityInternet security
Internet security
 
Bug bounty
Bug bountyBug bounty
Bug bounty
 
Tutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the WebTutorial 09 - Security on the Internet and the Web
Tutorial 09 - Security on the Internet and the Web
 
One of the most destructive botnets can now spread to nearby Wi-Fi networks
One of the most destructive botnets can now spread to nearby Wi-Fi networksOne of the most destructive botnets can now spread to nearby Wi-Fi networks
One of the most destructive botnets can now spread to nearby Wi-Fi networks
 
Introduction to Malwares
Introduction to MalwaresIntroduction to Malwares
Introduction to Malwares
 
Cyber security[1118]
Cyber security[1118]Cyber security[1118]
Cyber security[1118]
 
Viruses, Worms And Trojan Horses
Viruses, Worms And Trojan HorsesViruses, Worms And Trojan Horses
Viruses, Worms And Trojan Horses
 
Cyber warfare
Cyber warfareCyber warfare
Cyber warfare
 
Internet security issues
Internet security issuesInternet security issues
Internet security issues
 
Internet Security in Web 2.0
Internet Security in Web 2.0 Internet Security in Web 2.0
Internet Security in Web 2.0
 
Hacking Vs Cracking in Computer Networks
Hacking Vs Cracking in Computer NetworksHacking Vs Cracking in Computer Networks
Hacking Vs Cracking in Computer Networks
 

Similar to The Corporate Web Security Landscape

Jean pier talbot - web is the battlefield - atlseccon2011
Jean pier talbot - web is the battlefield - atlseccon2011Jean pier talbot - web is the battlefield - atlseccon2011
Jean pier talbot - web is the battlefield - atlseccon2011Atlantic Security Conference
 
DEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.pptDEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.pptschwarz10
 
PC Maker's Support Page Succumbs To Compromise
PC Maker's Support Page Succumbs To CompromisePC Maker's Support Page Succumbs To Compromise
PC Maker's Support Page Succumbs To CompromiseTrend Micro
 
How Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software VulnerabilitiesHow Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software VulnerabilitiesBunmi Sowande
 
Sophos Threatsaurus: The A-Z of Computer and Data Security Threats
Sophos Threatsaurus: The A-Z of Computer and Data Security ThreatsSophos Threatsaurus: The A-Z of Computer and Data Security Threats
Sophos Threatsaurus: The A-Z of Computer and Data Security ThreatsConnecting Up
 
Internet threats and defence mechanism
Internet threats and defence mechanismInternet threats and defence mechanism
Internet threats and defence mechanismCAS
 
Web Threat Spotlight Issue 66: Zero-Day Adobe Flash Player Exploits in a Flash
Web Threat Spotlight Issue 66: Zero-Day Adobe Flash Player Exploits in a FlashWeb Threat Spotlight Issue 66: Zero-Day Adobe Flash Player Exploits in a Flash
Web Threat Spotlight Issue 66: Zero-Day Adobe Flash Player Exploits in a FlashTrend Micro
 
Cybersecurity Awareness Training for Employees.pptx
Cybersecurity Awareness Training for Employees.pptxCybersecurity Awareness Training for Employees.pptx
Cybersecurity Awareness Training for Employees.pptxMustafa Amiri
 
Spyware powerpoint
Spyware powerpointSpyware powerpoint
Spyware powerpointgalaxy201
 
The process of computer security
The process of computer securityThe process of computer security
The process of computer securityWritingHubUK
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Security
 
The Whys and Wherefores of Web Security – by United Security Providers
The Whys and Wherefores of Web Security – by United Security ProvidersThe Whys and Wherefores of Web Security – by United Security Providers
The Whys and Wherefores of Web Security – by United Security ProvidersUnited Security Providers AG
 

Similar to The Corporate Web Security Landscape (20)

Jean pier talbot - web is the battlefield - atlseccon2011
Jean pier talbot - web is the battlefield - atlseccon2011Jean pier talbot - web is the battlefield - atlseccon2011
Jean pier talbot - web is the battlefield - atlseccon2011
 
Cyber security
Cyber securityCyber security
Cyber security
 
DEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.pptDEVSECOPS_the_beginning.ppt
DEVSECOPS_the_beginning.ppt
 
PC Maker's Support Page Succumbs To Compromise
PC Maker's Support Page Succumbs To CompromisePC Maker's Support Page Succumbs To Compromise
PC Maker's Support Page Succumbs To Compromise
 
How Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software VulnerabilitiesHow Malware Works - Understanding Software Vulnerabilities
How Malware Works - Understanding Software Vulnerabilities
 
Sophos Threatsaurus: The A-Z of Computer and Data Security Threats
Sophos Threatsaurus: The A-Z of Computer and Data Security ThreatsSophos Threatsaurus: The A-Z of Computer and Data Security Threats
Sophos Threatsaurus: The A-Z of Computer and Data Security Threats
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Internet threats and defence mechanism
Internet threats and defence mechanismInternet threats and defence mechanism
Internet threats and defence mechanism
 
Hamza
HamzaHamza
Hamza
 
Threats of Computer System and its Prevention
Threats of Computer System and its PreventionThreats of Computer System and its Prevention
Threats of Computer System and its Prevention
 
Web Threat Spotlight Issue 66: Zero-Day Adobe Flash Player Exploits in a Flash
Web Threat Spotlight Issue 66: Zero-Day Adobe Flash Player Exploits in a FlashWeb Threat Spotlight Issue 66: Zero-Day Adobe Flash Player Exploits in a Flash
Web Threat Spotlight Issue 66: Zero-Day Adobe Flash Player Exploits in a Flash
 
Cyber security
Cyber securityCyber security
Cyber security
 
Malicious malware breaches - eScan
Malicious malware breaches - eScanMalicious malware breaches - eScan
Malicious malware breaches - eScan
 
Cybersecurity Awareness Training for Employees.pptx
Cybersecurity Awareness Training for Employees.pptxCybersecurity Awareness Training for Employees.pptx
Cybersecurity Awareness Training for Employees.pptx
 
Spyware powerpoint
Spyware powerpointSpyware powerpoint
Spyware powerpoint
 
Botnet
BotnetBotnet
Botnet
 
The process of computer security
The process of computer securityThe process of computer security
The process of computer security
 
Cisco Web and Email Security Overview
Cisco Web and Email Security OverviewCisco Web and Email Security Overview
Cisco Web and Email Security Overview
 
The Whys and Wherefores of Web Security – by United Security Providers
The Whys and Wherefores of Web Security – by United Security ProvidersThe Whys and Wherefores of Web Security – by United Security Providers
The Whys and Wherefores of Web Security – by United Security Providers
 
C3
C3C3
C3
 

More from Peter Wood

Hacking is easy: understanding your vulnerabilities
Hacking is easy: understanding your vulnerabilitiesHacking is easy: understanding your vulnerabilities
Hacking is easy: understanding your vulnerabilitiesPeter Wood
 
The future of cloud security
The future of cloud securityThe future of cloud security
The future of cloud securityPeter Wood
 
The 2018 Threatscape
The 2018 ThreatscapeThe 2018 Threatscape
The 2018 ThreatscapePeter Wood
 
Introduction to Cyber Resilience
Introduction to Cyber ResilienceIntroduction to Cyber Resilience
Introduction to Cyber ResiliencePeter Wood
 
Network security, seriously?
Network security, seriously?Network security, seriously?
Network security, seriously?Peter Wood
 
Lessons from a Red Team Exercise
Lessons from a Red Team ExerciseLessons from a Red Team Exercise
Lessons from a Red Team ExercisePeter Wood
 
Red teaming in the cloud
Red teaming in the cloudRed teaming in the cloud
Red teaming in the cloudPeter Wood
 
All your files now belong to us
All your files now belong to usAll your files now belong to us
All your files now belong to usPeter Wood
 
Network Security - Real and Present Dangers
Network Security - Real and Present DangersNetwork Security - Real and Present Dangers
Network Security - Real and Present DangersPeter Wood
 
Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Peter Wood
 
Advanced Threat Protection: Lessons from a Red Team Exercise
Advanced Threat Protection: Lessons from a Red Team ExerciseAdvanced Threat Protection: Lessons from a Red Team Exercise
Advanced Threat Protection: Lessons from a Red Team ExercisePeter Wood
 
Pragmatic Network Security - Avoiding Real-World Vulnerabilities
Pragmatic Network Security - Avoiding Real-World VulnerabilitiesPragmatic Network Security - Avoiding Real-World Vulnerabilities
Pragmatic Network Security - Avoiding Real-World VulnerabilitiesPeter Wood
 
Attacking the cloud with social engineering
Attacking the cloud with social engineeringAttacking the cloud with social engineering
Attacking the cloud with social engineeringPeter Wood
 
Advanced threat protection and big data
Advanced threat protection and big dataAdvanced threat protection and big data
Advanced threat protection and big dataPeter Wood
 
Cloud, social networking and BYOD collide!
Cloud, social networking and BYOD collide!Cloud, social networking and BYOD collide!
Cloud, social networking and BYOD collide!Peter Wood
 
Unpatched Systems: An Ethical Hacker's View
Unpatched Systems: An Ethical Hacker's ViewUnpatched Systems: An Ethical Hacker's View
Unpatched Systems: An Ethical Hacker's ViewPeter Wood
 
Prime Targets in Network Infrastructure
Prime Targets in Network InfrastructurePrime Targets in Network Infrastructure
Prime Targets in Network InfrastructurePeter Wood
 
Security Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsSecurity Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsPeter Wood
 
Emerging Threats and Attack Surfaces
Emerging Threats and Attack SurfacesEmerging Threats and Attack Surfaces
Emerging Threats and Attack SurfacesPeter Wood
 
Out of the Blue: Responding to New Zero-Day Threats
Out of the Blue: Responding to New Zero-Day ThreatsOut of the Blue: Responding to New Zero-Day Threats
Out of the Blue: Responding to New Zero-Day ThreatsPeter Wood
 

More from Peter Wood (20)

Hacking is easy: understanding your vulnerabilities
Hacking is easy: understanding your vulnerabilitiesHacking is easy: understanding your vulnerabilities
Hacking is easy: understanding your vulnerabilities
 
The future of cloud security
The future of cloud securityThe future of cloud security
The future of cloud security
 
The 2018 Threatscape
The 2018 ThreatscapeThe 2018 Threatscape
The 2018 Threatscape
 
Introduction to Cyber Resilience
Introduction to Cyber ResilienceIntroduction to Cyber Resilience
Introduction to Cyber Resilience
 
Network security, seriously?
Network security, seriously?Network security, seriously?
Network security, seriously?
 
Lessons from a Red Team Exercise
Lessons from a Red Team ExerciseLessons from a Red Team Exercise
Lessons from a Red Team Exercise
 
Red teaming in the cloud
Red teaming in the cloudRed teaming in the cloud
Red teaming in the cloud
 
All your files now belong to us
All your files now belong to usAll your files now belong to us
All your files now belong to us
 
Network Security - Real and Present Dangers
Network Security - Real and Present DangersNetwork Security - Real and Present Dangers
Network Security - Real and Present Dangers
 
Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)
 
Advanced Threat Protection: Lessons from a Red Team Exercise
Advanced Threat Protection: Lessons from a Red Team ExerciseAdvanced Threat Protection: Lessons from a Red Team Exercise
Advanced Threat Protection: Lessons from a Red Team Exercise
 
Pragmatic Network Security - Avoiding Real-World Vulnerabilities
Pragmatic Network Security - Avoiding Real-World VulnerabilitiesPragmatic Network Security - Avoiding Real-World Vulnerabilities
Pragmatic Network Security - Avoiding Real-World Vulnerabilities
 
Attacking the cloud with social engineering
Attacking the cloud with social engineeringAttacking the cloud with social engineering
Attacking the cloud with social engineering
 
Advanced threat protection and big data
Advanced threat protection and big dataAdvanced threat protection and big data
Advanced threat protection and big data
 
Cloud, social networking and BYOD collide!
Cloud, social networking and BYOD collide!Cloud, social networking and BYOD collide!
Cloud, social networking and BYOD collide!
 
Unpatched Systems: An Ethical Hacker's View
Unpatched Systems: An Ethical Hacker's ViewUnpatched Systems: An Ethical Hacker's View
Unpatched Systems: An Ethical Hacker's View
 
Prime Targets in Network Infrastructure
Prime Targets in Network InfrastructurePrime Targets in Network Infrastructure
Prime Targets in Network Infrastructure
 
Security Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent ThreatsSecurity Intelligence: Advanced Persistent Threats
Security Intelligence: Advanced Persistent Threats
 
Emerging Threats and Attack Surfaces
Emerging Threats and Attack SurfacesEmerging Threats and Attack Surfaces
Emerging Threats and Attack Surfaces
 
Out of the Blue: Responding to New Zero-Day Threats
Out of the Blue: Responding to New Zero-Day ThreatsOut of the Blue: Responding to New Zero-Day Threats
Out of the Blue: Responding to New Zero-Day Threats
 

Recently uploaded

A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI AgeCprime
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Kaya Weers
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...itnewsafrica
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 

Recently uploaded (20)

A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
A Framework for Development in the AI Age
A Framework for Development in the AI AgeA Framework for Development in the AI Age
A Framework for Development in the AI Age
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)Design pattern talk by Kaya Weers - 2024 (v2)
Design pattern talk by Kaya Weers - 2024 (v2)
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 

The Corporate Web Security Landscape

Editor's Notes

  1. Welcome to another trip down the Internet highway, with me your friendly security guide.
  2. I’m going to briefly examine three web security issues …
  3. Enterprise users experienced an average of 274 Web malware encounters per month in 1Q11 This is a 103% increase compared with 2010 Unique Web malware encountered also increased (46%) in 1Q11 Up from 72,294 unique Web malware in January 2011 to 105,536 in March
  4. There are still plenty of out-of-date browsers out there, ripe for exploitation. StatCounter is a web analytics service. From their web site: As of 1 June 2010, our tracking code is installed on more than 3 million sites globally. (These sites cover various activities and geographic locations.) Every month, we record billions of hits to these sites. For each hit, we analyse the browser/operating system used and we establish if the hit is from a mobile device. We do not manipulate the data in any way. We do not collate it with any other information sources. No artificial weightings are used. We simply publish the data as we record it. In other words we calculate our Global Stats on the basis of more than 15 billion hits per month, by people from all over the world onto our 3 million+ member sites. By collating our data in this way, we track the activity of third party visitors to our member websites. We do not calculate our stats based on the activity of our members. This helps to minimise bias in the data and ensures a random sample is achieved. In May 2010, our global sample consisted of 16.3 billion hits (US: 4.0 billion); 2.1 billion of these were search engine referrals (US: 532 million); 109 million of these were social media referrals (US: 51 million).
  5. Operation Aurora is a cyber attack which began in mid-2009 and continued through December 2009. The attack was first publicly disclosed by Google on January 12, 2010, in a blog post. In the blog post, Google said the attack originated in China. The attacks were both sophisticated and well resourced and consistent with that associated with an Advanced Persistent Threat. The exploit used a zero-day vulnerability in Internet Explorer. Even if you were patched up to date, you were still at risk.
  6. Here’s an example of a simple spear phishing email that we used to test our client’s ‘human firewall’. People still fall for these!
  7. This is data from my home PC as analysed by Secunia’s Personal Software Inspector (PSI)
  8. We use the NoScript plugin for Firefox