SlideShare a Scribd company logo

Cyber Security and Cloud Computing

K
Keet Sugathadasa

This presentation is on the basics of cyber security and cloud computing, where it also addresses the aspects ethical hacking in detail. The url of the live presentation: http://syscolabs.lk/blog/cyber-security-and-cloud-computing/

Technology
1 of 37
Download to read offline
Let's prepare for what's next, and not what was last... Keet Malin Sugathadasa Software Engineer Sysco Labs Cyber Security and Cloud Computing
• What is Cyber Security? • Cryptanalysis • Computer Hacking • Cloud Computing Architecture • Cloud Security • Notorious 9 threats in cloud computing • AWS Cloud Security AGENDA
Cyber Security Are we really secure?
Best Practices and Measures taken to protect a computer or a computer system, against an unauthorized access or attack • Hardware, Software, Data... • Security Standards • Ethical Hacking • Best Practices CYBER SECURITY Cyber Security
• Interruption • Interception • Modification • Fabrication Threats and Attacks on Security CYBER SECURITY
• Confidentiality (Privacy) • Integrity (Trust) • Availability The CIA in Computer Security CYBER SECURITY
Cryptanalysis Analyzing and breaking encryption schemes
This uses a simple file containing words that can be surprisingly found in a dictionary. • “Iamthebest” • “Iloveblahblah” CRYPTANALYSIS Dictionary Attacks
dictionary + non-dictionary words by working through all possible alpha-numeric combinations • “aaaa901” • “Iloveblahblah2233a” CRYPTANALYSIS Brute Force Attack
Keeps a table of hashes for all possible password combinations. Adding salts will make this task even tougher • “aaaa901” • “fsdfwer232532” CRYPTANALYSIS Rainbow Table Attack
Ask the user for his or her password. A phishing email leads the unsuspecting reader to a faked portal and collect credentials • Sending a fake email related to bank payments CRYPTANALYSIS Phishing
Social engineering takes the whole ‘ask the user’ concept outside of the inbox that phishing tends to stick with and into the real world. • Call a person posing as a bank or other security guy CRYPTANALYSIS Social Engineering
Computer Hacking Cyber war is the new battlefield now...
Anonymous Your ignorance is our Power...
• Trojans • Backdoors • Sniffers • Rootkits • Exploits • Buffer overflows • SQL injection Hacking Technologies COMPUTER HACKING
• Reconnaissance (“Gathering information about a potential target”) • Scanning (“Using the info gathered during reconnaissance to examine the network”) • Gaining access (“Owning the system”) • Maintaining access (“Backdoors, Rootkits, Trojans”) • Covering tracks (“Alter log entries, removing alarms”) 5 Phases in Computer Hacking COMPUTER HACKING
Hacker Classes COMPUTER HACKING
• Discuss the need for testing • Sign an NDA • Tiger team prepares a schedule for testing • Conduct tests • Analysis and report preparation • Present the report to the client Conducting Ethical Hacking COMPUTER HACKING
Legality in Sri Lanka COMPUTER HACKING source: http://www.slcert.gov.lk/Downloads/Acts/Computer_Crimes_Act_No_24_of_2007(E).pdf
Cloud Computer Architecture Cloud is not magic, It’s just another computer...
Definition of Cloud Computing - NIST CLOUD COMPUTING ARCHITECTURE source: https://ww w.nist.gov/
Service Models CLOUD COMPUTING ARCHITECTURE
Cloud Security Basics Security is a process, not a product...
Security in the cloud is much like security in your on-premises data centers - only without the costs of maintaining facilities and hardware. In the cloud, you don’t have to manage physical servers or storage devices. Instead, you use software-based security tools to monitor and protect the flow of information into and of out of your cloud resources. CLOUD SECURITY BASICS Cloud Security
How Secure is the Cloud? CLOUD SECURITY source: https://www.youtube.com/watch?v=8g0NrHExD3g Layer 1: • Perimeter Defense Layer 2: • Clear Zone Layer 3: • Facility facade/ reception area Layer 4: • Hallway/ Escorted Area/ Gray Space Layer 5: • Data Center Room/ White Space Layer 6: • Data Center Cabinet/ White Space
CLOUD SECURITY Strict Regulatory Standards Security Tools Confidentiality DDoS Mitigation
Key Security Aspect in Cloud CLOUD SECURITY • Network Security ↳ Firewall • Configuration Management • Data Encryption • Access Control • Monitoring and Logging
Notorious Nine Threats Cloud Security Alliance (CSA)
1. Data Breaches 2. Data Loss 3. Account or Service Traffic Hijacking 4. Insecure Interfaces and APIs 5. Denial of Service 6. Malicious Insiders 7. Abuse of Cloud Services 8. Insufficient Due Diligence 9. Shared Technology Vulnerabilities NOTORIOUS NINE THREATS
AWS Cloud Security Amazon Web Services Cloud Platform
AWS CLOUD SECURITY Shared Responsibility
AWS Shield AWS CLOUD SECURITY • AWS Shield is a managed Distributed Denial of Service (DDoS) protection service • AWS Shield provides always-on detection and automatic inline mitigations that minimize application downtime and latency • Happens real-time (No support needed)
AWS WAF AWS CLOUD SECURITY • AWS WAF is a web application firewall that helps protect your web applications from common web exploits • AWS WAF gives you control over which traffic to allow or block to your web applications • block common attack patterns, such as SQL injection or cross-site scripting
AWS IAM AWS CLOUD SECURITY • Access Control • Use AWS Identity and Access Management (IAM) to control users' access to AWS services • Create and manage users and groups, and grant or deny access
1. AWS Artifact 2. AWS Certificate Manager 3. Amazon Cloud Directory 4. AWS CloudHSM 5. Amazon Cognito 6. AWS Directory Service 7. Amazon GuardDuty 8. Amazon Inspector 9. And many more... AWS CLOUD SECURITY source: https://aws.amazon.com/products/security/
Think twice before you connect
Thank you

Recommended

Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNinh Nguyen
 
Basics of Information System Security
Basics of Information System SecurityBasics of Information System Security
Basics of Information System Securitychauhankapil
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
Cloud Security: A New Perspective
Cloud Security: A New PerspectiveCloud Security: A New Perspective
Cloud Security: A New PerspectiveWen-Pai Lu
 
Cloud with Cyber Security
Cloud with Cyber SecurityCloud with Cyber Security
Cloud with Cyber SecurityNiki Upadhyay
 
Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security PresentationAjay p
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architectureVladimir Jirasek
 
Information security and Attacks
Information security and AttacksInformation security and Attacks
Information security and AttacksSachin Darekar
 

Recommended

Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityNinh Nguyen
 
Basics of Information System Security
Basics of Information System SecurityBasics of Information System Security
Basics of Information System Securitychauhankapil
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
Cloud Security: A New Perspective
Cloud Security: A New PerspectiveCloud Security: A New Perspective
Cloud Security: A New PerspectiveWen-Pai Lu
 
Cloud with Cyber Security
Cloud with Cyber SecurityCloud with Cyber Security
Cloud with Cyber SecurityNiki Upadhyay
 
Cloud security Presentation
Cloud security PresentationCloud security Presentation
Cloud security PresentationAjay p
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architectureVladimir Jirasek
 
Information security and Attacks
Information security and AttacksInformation security and Attacks
Information security and AttacksSachin Darekar
 
IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessmentCAS
 
The Zero Trust Model of Information Security
The Zero Trust Model of Information Security The Zero Trust Model of Information Security
The Zero Trust Model of Information Security Tripwire
 
Cloud Security
Cloud SecurityCloud Security
Cloud SecurityAWS User Group Bengaluru
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionCAS
 
Information security
Information securityInformation security
Information securityLusungu Mkandawire CISA,CISM,CGEIT,CPF,PRINCE2
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security pptVenkatesh Chary
 
Cloud security
Cloud securityCloud security
Cloud securityTushar Kayande
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityjayashri kolekar
 
The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityBharath Rao
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsViresh Suri
 
Cloud Security
Cloud SecurityCloud Security
Cloud SecurityDevyani Vaidya
 
Cybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurityCybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecuritysommerville-videos
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber SecurityStephen Lahanas
 
Security patterns and model driven architecture
Security patterns and model driven architectureSecurity patterns and model driven architecture
Security patterns and model driven architecturebdemchak
 
Security architecture, engineering and operations
Security architecture, engineering and operationsSecurity architecture, engineering and operations
Security architecture, engineering and operationsPiyush Jain
 
What is zero trust model (ztm)
What is zero trust model (ztm)What is zero trust model (ztm)
What is zero trust model (ztm)Ahmed Banafa
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingJim Geovedi
 
Cyber security
Cyber securityCyber security
Cyber securityAman Pradhan
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and SolutionsColin058
 
03 cia
03 cia03 cia
03 ciaJadavsejal
 
Azure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure CloudAzure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure CloudPaulo Renato
 
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...Ruby Meditation
 

More Related Content

What's hot

IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessmentCAS
 
The Zero Trust Model of Information Security
The Zero Trust Model of Information Security The Zero Trust Model of Information Security
The Zero Trust Model of Information Security Tripwire
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionCAS
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityjayashri kolekar
 
The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityBharath Rao
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsViresh Suri
 
Cybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurityCybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecuritysommerville-videos
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber SecurityStephen Lahanas
 
Security patterns and model driven architecture
Security patterns and model driven architectureSecurity patterns and model driven architecture
Security patterns and model driven architecturebdemchak
 
Security architecture, engineering and operations
Security architecture, engineering and operationsSecurity architecture, engineering and operations
Security architecture, engineering and operationsPiyush Jain
 
What is zero trust model (ztm)
What is zero trust model (ztm)What is zero trust model (ztm)
What is zero trust model (ztm)Ahmed Banafa
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingJim Geovedi
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and SolutionsColin058
 

What's hot (20)

IT Security management and risk assessment
IT Security management and risk assessmentIT Security management and risk assessment
IT Security management and risk assessment
 
The Zero Trust Model of Information Security
The Zero Trust Model of Information Security The Zero Trust Model of Information Security
The Zero Trust Model of Information Security
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
 
Information security
Information securityInformation security
Information security
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
 
Cloud security
Cloud securityCloud security
Cloud security
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
 
The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information Security
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentals
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Cybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurityCybersecurity 1. intro to cybersecurity
Cybersecurity 1. intro to cybersecurity
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
 
Security patterns and model driven architecture
Security patterns and model driven architectureSecurity patterns and model driven architecture
Security patterns and model driven architecture
 
Security architecture, engineering and operations
Security architecture, engineering and operationsSecurity architecture, engineering and operations
Security architecture, engineering and operations
 
What is zero trust model (ztm)
What is zero trust model (ztm)What is zero trust model (ztm)
What is zero trust model (ztm)
 
Cloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud ComputingCloud Security - Security Aspects of Cloud Computing
Cloud Security - Security Aspects of Cloud Computing
 
Cyber security
Cyber securityCyber security
Cyber security
 
Network Security Threats and Solutions
Network Security Threats and SolutionsNetwork Security Threats and Solutions
Network Security Threats and Solutions
 
03 cia
03 cia03 cia
03 cia
 

Similar to Cyber Security and Cloud Computing

Azure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure CloudAzure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure CloudPaulo Renato
 
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...Ruby Meditation
 
Shared Security Responsibility for the Azure Cloud
Shared Security Responsibility for the Azure CloudShared Security Responsibility for the Azure Cloud
Shared Security Responsibility for the Azure CloudAlert Logic
 
A Throwaway Deck for Cloud Security Essentials 2.0 delivered at RSA 2016
A Throwaway Deck for Cloud Security Essentials 2.0 delivered at RSA 2016A Throwaway Deck for Cloud Security Essentials 2.0 delivered at RSA 2016
A Throwaway Deck for Cloud Security Essentials 2.0 delivered at RSA 2016Shannon Lietz
 
Managed Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS ApplicationsManaged Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS ApplicationsAlert Logic
 
Managed Threat Detection and Response
Managed Threat Detection and ResponseManaged Threat Detection and Response
Managed Threat Detection and ResponseAlert Logic
 
Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...Ulf Mattsson
 
Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014Akash Mahajan
 
Azure Fundamentals Part 3
Azure Fundamentals Part 3Azure Fundamentals Part 3
Azure Fundamentals Part 3CCG
 
Dark Insight: the Basic of Security - Alexander Obozinskiy
Dark Insight: the Basic of Security - Alexander ObozinskiyDark Insight: the Basic of Security - Alexander Obozinskiy
Dark Insight: the Basic of Security - Alexander ObozinskiyRuby Meditation
 
Cloud Security and some preferred practices
Cloud Security and some preferred practicesCloud Security and some preferred practices
Cloud Security and some preferred practicesMichael Pearce
 
Alabama CyberNow 2018: Cloud Hardening and Digital Forensics Readiness
Alabama CyberNow 2018: Cloud Hardening and Digital Forensics ReadinessAlabama CyberNow 2018: Cloud Hardening and Digital Forensics Readiness
Alabama CyberNow 2018: Cloud Hardening and Digital Forensics ReadinessToni de la Fuente
 
Defenders of the Galaxy - Protecting the (Cloud) galaxy from threats.pptx
Defenders of the Galaxy - Protecting the (Cloud) galaxy from threats.pptxDefenders of the Galaxy - Protecting the (Cloud) galaxy from threats.pptx
Defenders of the Galaxy - Protecting the (Cloud) galaxy from threats.pptxMatthew Levy
 
Te chnical presentation networkexploits and security
Te chnical presentation networkexploits and securityTe chnical presentation networkexploits and security
Te chnical presentation networkexploits and securityKartik Rao
 
AWS April Webianr Series - How Willbros Builds Securely in AWS with Trend Micro
AWS April Webianr Series - How Willbros Builds Securely in AWS with Trend MicroAWS April Webianr Series - How Willbros Builds Securely in AWS with Trend Micro
AWS April Webianr Series - How Willbros Builds Securely in AWS with Trend MicroAmazon Web Services
 
Slide Deck CISSP Class Session 5
Slide Deck CISSP Class Session 5Slide Deck CISSP Class Session 5
Slide Deck CISSP Class Session 5FRSecure
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and ComplianceKarina Matos
 
Cloud Security Essentials 2.0 at RSA
Cloud Security Essentials 2.0 at RSACloud Security Essentials 2.0 at RSA
Cloud Security Essentials 2.0 at RSAShannon Lietz
 
Protecting microservices using secure design patterns 1.0
Protecting microservices using secure design patterns 1.0Protecting microservices using secure design patterns 1.0
Protecting microservices using secure design patterns 1.0Trupti Shiralkar, CISSP
 

Similar to Cyber Security and Cloud Computing (20)

Azure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure CloudAzure 101: Shared responsibility in the Azure Cloud
Azure 101: Shared responsibility in the Azure Cloud
 
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
Data encryption for Ruby web applications - Dmytro Shapovalov (RUS) | Ruby Me...
 
Shared Security Responsibility for the Azure Cloud
Shared Security Responsibility for the Azure CloudShared Security Responsibility for the Azure Cloud
Shared Security Responsibility for the Azure Cloud
 
A Throwaway Deck for Cloud Security Essentials 2.0 delivered at RSA 2016
A Throwaway Deck for Cloud Security Essentials 2.0 delivered at RSA 2016A Throwaway Deck for Cloud Security Essentials 2.0 delivered at RSA 2016
A Throwaway Deck for Cloud Security Essentials 2.0 delivered at RSA 2016
 
Managed Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS ApplicationsManaged Threat Detection & Response for AWS Applications
Managed Threat Detection & Response for AWS Applications
 
Managed Threat Detection and Response
Managed Threat Detection and ResponseManaged Threat Detection and Response
Managed Threat Detection and Response
 
Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...
 
Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014Security in the cloud Workshop HSTC 2014
Security in the cloud Workshop HSTC 2014
 
Azure Fundamentals Part 3
Azure Fundamentals Part 3Azure Fundamentals Part 3
Azure Fundamentals Part 3
 
Dark Insight: the Basic of Security - Alexander Obozinskiy
Dark Insight: the Basic of Security - Alexander ObozinskiyDark Insight: the Basic of Security - Alexander Obozinskiy
Dark Insight: the Basic of Security - Alexander Obozinskiy
 
Cloud Security and some preferred practices
Cloud Security and some preferred practicesCloud Security and some preferred practices
Cloud Security and some preferred practices
 
Alabama CyberNow 2018: Cloud Hardening and Digital Forensics Readiness
Alabama CyberNow 2018: Cloud Hardening and Digital Forensics ReadinessAlabama CyberNow 2018: Cloud Hardening and Digital Forensics Readiness
Alabama CyberNow 2018: Cloud Hardening and Digital Forensics Readiness
 
Defenders of the Galaxy - Protecting the (Cloud) galaxy from threats.pptx
Defenders of the Galaxy - Protecting the (Cloud) galaxy from threats.pptxDefenders of the Galaxy - Protecting the (Cloud) galaxy from threats.pptx
Defenders of the Galaxy - Protecting the (Cloud) galaxy from threats.pptx
 
Te chnical presentation networkexploits and security
Te chnical presentation networkexploits and securityTe chnical presentation networkexploits and security
Te chnical presentation networkexploits and security
 
AWS April Webianr Series - How Willbros Builds Securely in AWS with Trend Micro
AWS April Webianr Series - How Willbros Builds Securely in AWS with Trend MicroAWS April Webianr Series - How Willbros Builds Securely in AWS with Trend Micro
AWS April Webianr Series - How Willbros Builds Securely in AWS with Trend Micro
 
Slide Deck CISSP Class Session 5
Slide Deck CISSP Class Session 5Slide Deck CISSP Class Session 5
Slide Deck CISSP Class Session 5
 
Cybersecurity Roadmap for Beginners
Cybersecurity Roadmap for BeginnersCybersecurity Roadmap for Beginners
Cybersecurity Roadmap for Beginners
 
Azure security and Compliance
Azure security and ComplianceAzure security and Compliance
Azure security and Compliance
 
Cloud Security Essentials 2.0 at RSA
Cloud Security Essentials 2.0 at RSACloud Security Essentials 2.0 at RSA
Cloud Security Essentials 2.0 at RSA
 
Protecting microservices using secure design patterns 1.0
Protecting microservices using secure design patterns 1.0Protecting microservices using secure design patterns 1.0
Protecting microservices using secure design patterns 1.0
 

More from Keet Sugathadasa

Chaos Engineering - The Art of Breaking Things in Production
Chaos Engineering - The Art of Breaking Things in ProductionChaos Engineering - The Art of Breaking Things in Production
Chaos Engineering - The Art of Breaking Things in ProductionKeet Sugathadasa
 
Site Reliability Engineering (SRE) - Tech Talk by Keet Sugathadasa
Site Reliability Engineering (SRE) - Tech Talk by Keet SugathadasaSite Reliability Engineering (SRE) - Tech Talk by Keet Sugathadasa
Site Reliability Engineering (SRE) - Tech Talk by Keet SugathadasaKeet Sugathadasa
 
Human Computer Interaction - Facebook Messenger
Human Computer Interaction - Facebook MessengerHuman Computer Interaction - Facebook Messenger
Human Computer Interaction - Facebook MessengerKeet Sugathadasa
 
How to compete in hackathons
How to compete in hackathonsHow to compete in hackathons
How to compete in hackathonsKeet Sugathadasa
 
Quality Engineering - When to Stop Testing
Quality Engineering - When to Stop TestingQuality Engineering - When to Stop Testing
Quality Engineering - When to Stop TestingKeet Sugathadasa
 
Training Report WSO2 internship
Training Report WSO2 internshipTraining Report WSO2 internship
Training Report WSO2 internshipKeet Sugathadasa
 
Object oriented programming interview questions
Object oriented programming interview questionsObject oriented programming interview questions
Object oriented programming interview questionsKeet Sugathadasa
 
Revolutionizing digital authentication with gsma mobile connect
Revolutionizing digital authentication with gsma mobile connectRevolutionizing digital authentication with gsma mobile connect
Revolutionizing digital authentication with gsma mobile connectKeet Sugathadasa
 

More from Keet Sugathadasa (9)

Chaos Engineering - The Art of Breaking Things in Production
Chaos Engineering - The Art of Breaking Things in ProductionChaos Engineering - The Art of Breaking Things in Production
Chaos Engineering - The Art of Breaking Things in Production
 
Site Reliability Engineering (SRE) - Tech Talk by Keet Sugathadasa
Site Reliability Engineering (SRE) - Tech Talk by Keet SugathadasaSite Reliability Engineering (SRE) - Tech Talk by Keet Sugathadasa
Site Reliability Engineering (SRE) - Tech Talk by Keet Sugathadasa
 
Human Computer Interaction - Facebook Messenger
Human Computer Interaction - Facebook MessengerHuman Computer Interaction - Facebook Messenger
Human Computer Interaction - Facebook Messenger
 
How to compete in hackathons
How to compete in hackathonsHow to compete in hackathons
How to compete in hackathons
 
Quality Engineering - When to Stop Testing
Quality Engineering - When to Stop TestingQuality Engineering - When to Stop Testing
Quality Engineering - When to Stop Testing
 
Training Report WSO2 internship
Training Report WSO2 internshipTraining Report WSO2 internship
Training Report WSO2 internship
 
Object oriented programming interview questions
Object oriented programming interview questionsObject oriented programming interview questions
Object oriented programming interview questions
 
Interview Facing Workshop
Interview Facing WorkshopInterview Facing Workshop
Interview Facing Workshop
 
Revolutionizing digital authentication with gsma mobile connect
Revolutionizing digital authentication with gsma mobile connectRevolutionizing digital authentication with gsma mobile connect
Revolutionizing digital authentication with gsma mobile connect
 

Recently uploaded

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024The Digital Insurer
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 

Recently uploaded (20)

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 

Cyber Security and Cloud Computing

  • 1. Let's prepare for what's next, and not what was last... Keet Malin Sugathadasa Software Engineer Sysco Labs Cyber Security and Cloud Computing
  • 2. • What is Cyber Security? • Cryptanalysis • Computer Hacking • Cloud Computing Architecture • Cloud Security • Notorious 9 threats in cloud computing • AWS Cloud Security AGENDA
  • 3. Cyber Security Are we really secure?
  • 4. Best Practices and Measures taken to protect a computer or a computer system, against an unauthorized access or attack • Hardware, Software, Data... • Security Standards • Ethical Hacking • Best Practices CYBER SECURITY Cyber Security
  • 5. • Interruption • Interception • Modification • Fabrication Threats and Attacks on Security CYBER SECURITY
  • 6. • Confidentiality (Privacy) • Integrity (Trust) • Availability The CIA in Computer Security CYBER SECURITY
  • 8. This uses a simple file containing words that can be surprisingly found in a dictionary. • “Iamthebest” • “Iloveblahblah” CRYPTANALYSIS Dictionary Attacks
  • 9. dictionary + non-dictionary words by working through all possible alpha-numeric combinations • “aaaa901” • “Iloveblahblah2233a” CRYPTANALYSIS Brute Force Attack
  • 10. Keeps a table of hashes for all possible password combinations. Adding salts will make this task even tougher • “aaaa901” • “fsdfwer232532” CRYPTANALYSIS Rainbow Table Attack
  • 11. Ask the user for his or her password. A phishing email leads the unsuspecting reader to a faked portal and collect credentials • Sending a fake email related to bank payments CRYPTANALYSIS Phishing
  • 12. Social engineering takes the whole ‘ask the user’ concept outside of the inbox that phishing tends to stick with and into the real world. • Call a person posing as a bank or other security guy CRYPTANALYSIS Social Engineering
  • 13. Computer Hacking Cyber war is the new battlefield now...
  • 15. • Trojans • Backdoors • Sniffers • Rootkits • Exploits • Buffer overflows • SQL injection Hacking Technologies COMPUTER HACKING
  • 16. • Reconnaissance (“Gathering information about a potential target”) • Scanning (“Using the info gathered during reconnaissance to examine the network”) • Gaining access (“Owning the system”) • Maintaining access (“Backdoors, Rootkits, Trojans”) • Covering tracks (“Alter log entries, removing alarms”) 5 Phases in Computer Hacking COMPUTER HACKING
  • 18. • Discuss the need for testing • Sign an NDA • Tiger team prepares a schedule for testing • Conduct tests • Analysis and report preparation • Present the report to the client Conducting Ethical Hacking COMPUTER HACKING
  • 19. Legality in Sri Lanka COMPUTER HACKING source: http://www.slcert.gov.lk/Downloads/Acts/Computer_Crimes_Act_No_24_of_2007(E).pdf
  • 20. Cloud Computer Architecture Cloud is not magic, It’s just another computer...
  • 21. Definition of Cloud Computing - NIST CLOUD COMPUTING ARCHITECTURE source: https://ww w.nist.gov/
  • 23. Cloud Security Basics Security is a process, not a product...
  • 24. Security in the cloud is much like security in your on-premises data centers - only without the costs of maintaining facilities and hardware. In the cloud, you don’t have to manage physical servers or storage devices. Instead, you use software-based security tools to monitor and protect the flow of information into and of out of your cloud resources. CLOUD SECURITY BASICS Cloud Security
  • 25. How Secure is the Cloud? CLOUD SECURITY source: https://www.youtube.com/watch?v=8g0NrHExD3g Layer 1: • Perimeter Defense Layer 2: • Clear Zone Layer 3: • Facility facade/ reception area Layer 4: • Hallway/ Escorted Area/ Gray Space Layer 5: • Data Center Room/ White Space Layer 6: • Data Center Cabinet/ White Space
  • 26. CLOUD SECURITY Strict Regulatory Standards Security Tools Confidentiality DDoS Mitigation
  • 27. Key Security Aspect in Cloud CLOUD SECURITY • Network Security ↳ Firewall • Configuration Management • Data Encryption • Access Control • Monitoring and Logging
  • 28. Notorious Nine Threats Cloud Security Alliance (CSA)
  • 29. 1. Data Breaches 2. Data Loss 3. Account or Service Traffic Hijacking 4. Insecure Interfaces and APIs 5. Denial of Service 6. Malicious Insiders 7. Abuse of Cloud Services 8. Insufficient Due Diligence 9. Shared Technology Vulnerabilities NOTORIOUS NINE THREATS
  • 30. AWS Cloud Security Amazon Web Services Cloud Platform
  • 31. AWS CLOUD SECURITY Shared Responsibility
  • 32. AWS Shield AWS CLOUD SECURITY • AWS Shield is a managed Distributed Denial of Service (DDoS) protection service • AWS Shield provides always-on detection and automatic inline mitigations that minimize application downtime and latency • Happens real-time (No support needed)
  • 33. AWS WAF AWS CLOUD SECURITY • AWS WAF is a web application firewall that helps protect your web applications from common web exploits • AWS WAF gives you control over which traffic to allow or block to your web applications • block common attack patterns, such as SQL injection or cross-site scripting
  • 34. AWS IAM AWS CLOUD SECURITY • Access Control • Use AWS Identity and Access Management (IAM) to control users' access to AWS services • Create and manage users and groups, and grant or deny access
  • 35. 1. AWS Artifact 2. AWS Certificate Manager 3. Amazon Cloud Directory 4. AWS CloudHSM 5. Amazon Cognito 6. AWS Directory Service 7. Amazon GuardDuty 8. Amazon Inspector 9. And many more... AWS CLOUD SECURITY source: https://aws.amazon.com/products/security/