Soumettre la recherche
Mettre en ligne
20 Critical Security Controls and QualysGuard
•
Télécharger en tant que PPTX, PDF
•
0 j'aime
•
432 vues
Wolfgang Kandek
Suivre
Implementation of the 20 Critical Security Controls using QualysGuard
Lire moins
Lire la suite
Technologie
Signaler
Partager
Signaler
Partager
1 sur 64
Télécharger maintenant
Recommandé
Spo1 t19
Spo1 t19
SelectedPresentations
2012 hc class -qt
2012 hc class -qt
台灣國際基督教會
SANS Critical Security Controls Summit London 2013
SANS Critical Security Controls Summit London 2013
Wolfgang Kandek
Gartner UK 2015 Anatomy of An Attack
Gartner UK 2015 Anatomy of An Attack
Wolfgang Kandek
Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11
Skybox Security
The CIS Critical Security Controls the International Standard for Defense
The CIS Critical Security Controls the International Standard for Defense
EnclaveSecurity
MindTheSec Anatomia de um Ataque
MindTheSec Anatomia de um Ataque
Wolfgang Kandek
Estadística i pensament crític a la vida diària
Estadística i pensament crític a la vida diària
Universitat de Barcelona
Recommandé
Spo1 t19
Spo1 t19
SelectedPresentations
2012 hc class -qt
2012 hc class -qt
台灣國際基督教會
SANS Critical Security Controls Summit London 2013
SANS Critical Security Controls Summit London 2013
Wolfgang Kandek
Gartner UK 2015 Anatomy of An Attack
Gartner UK 2015 Anatomy of An Attack
Wolfgang Kandek
Using a Network Model to Address SANS Critical Controls 10 and 11
Using a Network Model to Address SANS Critical Controls 10 and 11
Skybox Security
The CIS Critical Security Controls the International Standard for Defense
The CIS Critical Security Controls the International Standard for Defense
EnclaveSecurity
MindTheSec Anatomia de um Ataque
MindTheSec Anatomia de um Ataque
Wolfgang Kandek
Estadística i pensament crític a la vida diària
Estadística i pensament crític a la vida diària
Universitat de Barcelona
Critical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6a
Critical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6a
James W. De Rienzo
AWS Security in Plain English – AWS Security Day
AWS Security in Plain English – AWS Security Day
Amazon Web Services
Ebook: Splunk SANS - CIS Top 20 Critical Security Controls
Ebook: Splunk SANS - CIS Top 20 Critical Security Controls
Dominique Dessy
More practical insights on the 20 critical controls
More practical insights on the 20 critical controls
EnclaveSecurity
Map Critical Security Controls (CSC) v5.0 to NIST SP 800-53 Revision 4 (Summa...
Map Critical Security Controls (CSC) v5.0 to NIST SP 800-53 Revision 4 (Summa...
James W. De Rienzo
The Critical Security Controls and the StealthWatch System
The Critical Security Controls and the StealthWatch System
Lancope, Inc.
Phishing attacks, Types Of Phishing Attacks, How To Avoid Phishing Attacks
Phishing attacks, Types Of Phishing Attacks, How To Avoid Phishing Attacks
Er. Rahul Jain
Extend Enterprise Application-level Security to Your AWS Environment
Extend Enterprise Application-level Security to Your AWS Environment
Imperva
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
ControlScan, Inc.
20 Security Controls for the Cloud
20 Security Controls for the Cloud
NetStandard
Networking and communications security – network architecture design
Networking and communications security – network architecture design
EnterpriseGRC Solutions, Inc.
Webinar: 10 steps you can take to protect your business from phishing attacks
Webinar: 10 steps you can take to protect your business from phishing attacks
Cyren, Inc
Using an Open Source Threat Model for Prioritized Defense
Using an Open Source Threat Model for Prioritized Defense
EnclaveSecurity
Security Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network Attacks
Savvius, Inc
Overview of the 20 critical controls
Overview of the 20 critical controls
EnclaveSecurity
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
WAJAHAT IQBAL
20 Critical Controls for Effective Cyber Defense (A must read for security pr...
20 Critical Controls for Effective Cyber Defense (A must read for security pr...
Tahir Abbas
RSA Anatomy of an Attack
RSA Anatomy of an Attack
integritysolutions
Anatomie eines Angriffs
Anatomie eines Angriffs
Wolfgang Kandek
RSA USA 2015 - Getting a Jump on Hackers
RSA USA 2015 - Getting a Jump on Hackers
Wolfgang Kandek
Unsafe SSL webinar
Unsafe SSL webinar
Wolfgang Kandek
BSI Lagebericht 2014
BSI Lagebericht 2014
Wolfgang Kandek
Contenu connexe
En vedette
Critical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6a
Critical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6a
James W. De Rienzo
AWS Security in Plain English – AWS Security Day
AWS Security in Plain English – AWS Security Day
Amazon Web Services
Ebook: Splunk SANS - CIS Top 20 Critical Security Controls
Ebook: Splunk SANS - CIS Top 20 Critical Security Controls
Dominique Dessy
More practical insights on the 20 critical controls
More practical insights on the 20 critical controls
EnclaveSecurity
Map Critical Security Controls (CSC) v5.0 to NIST SP 800-53 Revision 4 (Summa...
Map Critical Security Controls (CSC) v5.0 to NIST SP 800-53 Revision 4 (Summa...
James W. De Rienzo
The Critical Security Controls and the StealthWatch System
The Critical Security Controls and the StealthWatch System
Lancope, Inc.
Phishing attacks, Types Of Phishing Attacks, How To Avoid Phishing Attacks
Phishing attacks, Types Of Phishing Attacks, How To Avoid Phishing Attacks
Er. Rahul Jain
Extend Enterprise Application-level Security to Your AWS Environment
Extend Enterprise Application-level Security to Your AWS Environment
Imperva
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
ControlScan, Inc.
20 Security Controls for the Cloud
20 Security Controls for the Cloud
NetStandard
Networking and communications security – network architecture design
Networking and communications security – network architecture design
EnterpriseGRC Solutions, Inc.
Webinar: 10 steps you can take to protect your business from phishing attacks
Webinar: 10 steps you can take to protect your business from phishing attacks
Cyren, Inc
Using an Open Source Threat Model for Prioritized Defense
Using an Open Source Threat Model for Prioritized Defense
EnclaveSecurity
Security Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network Attacks
Savvius, Inc
Overview of the 20 critical controls
Overview of the 20 critical controls
EnclaveSecurity
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
WAJAHAT IQBAL
20 Critical Controls for Effective Cyber Defense (A must read for security pr...
20 Critical Controls for Effective Cyber Defense (A must read for security pr...
Tahir Abbas
RSA Anatomy of an Attack
RSA Anatomy of an Attack
integritysolutions
En vedette
(18)
Critical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6a
Critical Security Controls v4 1 Mapped to NIST SP 800-53 Rev.4-final r6a
AWS Security in Plain English – AWS Security Day
AWS Security in Plain English – AWS Security Day
Ebook: Splunk SANS - CIS Top 20 Critical Security Controls
Ebook: Splunk SANS - CIS Top 20 Critical Security Controls
More practical insights on the 20 critical controls
More practical insights on the 20 critical controls
Map Critical Security Controls (CSC) v5.0 to NIST SP 800-53 Revision 4 (Summa...
Map Critical Security Controls (CSC) v5.0 to NIST SP 800-53 Revision 4 (Summa...
The Critical Security Controls and the StealthWatch System
The Critical Security Controls and the StealthWatch System
Phishing attacks, Types Of Phishing Attacks, How To Avoid Phishing Attacks
Phishing attacks, Types Of Phishing Attacks, How To Avoid Phishing Attacks
Extend Enterprise Application-level Security to Your AWS Environment
Extend Enterprise Application-level Security to Your AWS Environment
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
20 Security Controls for the Cloud
20 Security Controls for the Cloud
Networking and communications security – network architecture design
Networking and communications security – network architecture design
Webinar: 10 steps you can take to protect your business from phishing attacks
Webinar: 10 steps you can take to protect your business from phishing attacks
Using an Open Source Threat Model for Prioritized Defense
Using an Open Source Threat Model for Prioritized Defense
Security Attack Analysis for Finding and Stopping Network Attacks
Security Attack Analysis for Finding and Stopping Network Attacks
Overview of the 20 critical controls
Overview of the 20 critical controls
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
CYBERSECURITY - Best Practices,Concepts & Case Study (Mindmap)
20 Critical Controls for Effective Cyber Defense (A must read for security pr...
20 Critical Controls for Effective Cyber Defense (A must read for security pr...
RSA Anatomy of an Attack
RSA Anatomy of an Attack
Plus de Wolfgang Kandek
Anatomie eines Angriffs
Anatomie eines Angriffs
Wolfgang Kandek
RSA USA 2015 - Getting a Jump on Hackers
RSA USA 2015 - Getting a Jump on Hackers
Wolfgang Kandek
Unsafe SSL webinar
Unsafe SSL webinar
Wolfgang Kandek
BSI Lagebericht 2014
BSI Lagebericht 2014
Wolfgang Kandek
Februar Patch Tuesday 2015 Webinar
Februar Patch Tuesday 2015 Webinar
Wolfgang Kandek
RSA ASIA 2014 - Internet of Things
RSA ASIA 2014 - Internet of Things
Wolfgang Kandek
Patch Summary Webinar February 14
Patch Summary Webinar February 14
Wolfgang Kandek
Patch Summary Webinar April 11
Patch Summary Webinar April 11
Wolfgang Kandek
Plus de Wolfgang Kandek
(8)
Anatomie eines Angriffs
Anatomie eines Angriffs
RSA USA 2015 - Getting a Jump on Hackers
RSA USA 2015 - Getting a Jump on Hackers
Unsafe SSL webinar
Unsafe SSL webinar
BSI Lagebericht 2014
BSI Lagebericht 2014
Februar Patch Tuesday 2015 Webinar
Februar Patch Tuesday 2015 Webinar
RSA ASIA 2014 - Internet of Things
RSA ASIA 2014 - Internet of Things
Patch Summary Webinar February 14
Patch Summary Webinar February 14
Patch Summary Webinar April 11
Patch Summary Webinar April 11
20 Critical Security Controls and QualysGuard
1.
Session ID: Session Classification:
2.
2011 – the
Year of Data Breaches
3.
2012 – proceeded almost
the same
4.
2012 – proceeded almost
the same
5.
2012 – proceeded almost
the same
6.
2013 – started
in a similar Way
7.
2013 – started
in a similar Way
8.
2013 – started
in a similar Way
9.
2013 – started
in a similar Way
10.
• • • • • ►
11.
• • •
12.
• •
13.
• • • •
14.
• • • •
15.
• • • •
16.
• • • • •
17.
• • • •
18.
• • • • • •
19.
• • • • • •
20.
• • • • • • • •
21.
22.
• • • • • • • • • • •
23.
• • • •
24.
• • • •
25.
• • • •
26.
• • • • • • •
27.
• • • • • • • ►
28.
• • • • • • • • •
29.
• • • • • •
30.
• • • • •
31.
• • • • • • •
32.
• • • • • • •
33.
• • • • • • • •
34.
• • • • • • • •
35.
• • • • • • • •
36.
• • • • • • • • •
37.
• •
38.
• •
39.
• • • •
40.
• • • •
41.
•
42.
•
43.
•
44.
•
45.
• •
46.
• Weekly/Daily Scheduled
Vulnerability Scanning •
47.
• •
48.
• • •
49.
• • •
50.
• • • •
51.
• • • •
52.
• • • •
53.
• • • •
54.
• • • • • • • •
55.
• • • • • • • •
56.
• • •
57.
• • •
58.
• • •
59.
• • • Mitigated by
use of EMET
60.
• • • •
61.
• Ability to
add tactical controls • Example: Recent Internet Explorer Vulnerabilities CVE-2012-4969 • Mitigated by use of EMET • Audit the Deployment
62.
• • • • •
63.
• • •
Télécharger maintenant