SlideShare a Scribd company logo

Cybersecurity by the #s Regulatory Symposium

Download as PPTX, PDF
APNIC
APNIC

Presented by Klee Aiken at the 2nd Regulatory Internet Symposium held on the 20 October 2016 in Port Vila, Vanuatu.

Internet
1 of 50
Cybersecurity by the #s Regulatory Internet Governance Symposium – Vanuatu 20 October 2016
Cybersecurity by the #s Network Security • A view from the logical layer • Network Security • What are we up against? • The cybersecurity ecosystem CERT | CSIRT • Incident Response • Coordination • Information Sharing • Building a CERT • Components of a CERT/CSIRT • The Road Forward
A view from the logical layer https://www.icann.org/news/multimedia/1563
The fundamental challenge 00101000 01101001 01101110 00101001 01110011 01100101 01100011 01110101 01110010 01101001 01110100 01111001 00100000 01100010 01111001 00100000 01100100 01100101 01110011 01101001 01100111 01101110 (in)Security by Design https://blog.apnic.net/2015/07/07/mapping-the-internet-in-the-asia-pacific/
Confidentiality Integrity Availability SECURITY prevents unauthorized use or disclosure of information safeguards the accuracy and completeness of information authorized users have reliable and timely access to information Goals of Information Security
Terms: Breaking it down • Threat – Any circumstance or factor with the potential to cause harm – a motivated, capable adversary • Vulnerability – A weakness in a system; in procedures, design, or implementation that can be exploited • Software bugs, design flaws, operational mistakes • Risk – The probability that a particular vulnerability will occur – The severity (impact) of that occurrence = likelihood x consequences
Security tradeoffs • Services offered vs. security provided – Each service offers its own security risk – The more services, the less security • Ease of use vs. security – Every security mechanism causes inconvenience – The more “plug n play”, the less security • Risk of loss vs. Cost of security – Assets carry value and risk of loss – The higher the value, the higher the security cost • These factors can be balanced in a comprehensive security policy
What are we up against?
What can the attackers do? • Eavesdropping – Listen in on communications • Masquerading – Impersonating someone else • Forgery – Invent or duplicate/replay information • Trespass – Obtain unauthorised access • Subversion – Modify data and messages in transit • Destruction – Vandalise or delete important data • Disruption – Disable or prevent access to services • Infiltration – Hide out inside our machines • Hijacking – “Own” and use machines for nefarious purposes
And why do they do it? Motivation Examples Knowledge driven • Recreational • Research Issue-based • Hacktivism • Patriotism Antisocial • Revenge • Vandalism Competitive • Theft of IP • Damage to competitors Criminal • Theft of assets • Extortion Strategic • Espionage • State-driven or sponsored
And, how to they do it? • Targeting the user – Masquerading – “Phishing” – DNS Cache Poisoning • IP Address “spoofing” • Disruption – DoS attacks – DDoS attacks
“Phishing” • “Fishing” for information such as usernames, passwords, credit card details, other personal information • Ex: Forged emails apparently from legitimate enterprises, direct users to forged websites.
DNS Cache Poisoning The Internet www.apnic.netwww.apnic.net? www.apnic.net 199.43.0.44 DNS 175.98.98.133 203.119.102.244 199.43.0.44 ☹︎
Securing websites – SSL certificates The Internet www.apnic.net www.apnic.net? 203.119.102.244 DNS 175.98.98.133 203.119.102.244 ☺︎ SSL
Securing DNS – DNSSEC The Internet www.apnic.net www.apnic.net? DNS 175.98.98.133 203.119.102.244 ☺︎ 203.119.102.244 SEC
Misusing IP Addresses… The Internet Global Routing Table 4.128/9 60.100/16 60.100.0/20 135.22/16 … Global Routing Table 4.128/9 60.100/16 60.100.0/20 135.22/16 199.43.0.0/24 … Announce 199.43.0.0/24 R 202.12.29.0/24 Traffic 199.43.0.0/24 ☹︎
Misusing IP Addresses… The Internet Global Routing Table 4.128/9 60.100/16 60.100.0/20 135.22/16 … Global Routing Table 4.128/9 60.100/16 60.100.0/20 135.22/16 202.12.29.0/24 … Announce 202.12.29.0/24 R 202.12.29.0/24 RPKI ☺︎
IP address spoofing InternetISP 203.119.102.244 175.98.98.133 Request Src: 175.98.98.133 Dst: 203.119.102.244 Response Src: 203.119.102.244 Dst: 175.98.98.133 ☺︎
IP address spoofing InternetISP 203.119.102.244 175.98.98.133 Response Src: 203.119.102.244 Dst: 199.43.0.44 199.43.0.44 Request Src: 199.43.0.44 Dst: 203.119.102.244 ☹︎
DoS attack: Amplification InternetISP 203.119.102.244 175.98.98.133 199.43.0.44 Request Src: 199.43.0.44 Dst: 203.119.102.244 ☹︎ Response Src: 203.119.102.244 Dst: 199.43.0.44 BIG PAYLOAD Request Src: 199.43.0.44 Dst: 203.119.102.244 Request Src: 199.43.0.44 Dst: 203.119.102.244 Request Src: 199.43.0.44 Dst: 203.119.102.244 Request Src: 199.43.0.44 Dst: 203.119.102.244 Response Src: 203.119.102.244 Dst: 199.43.0.44 BIG PAYLOAD Response Src: 203.119.102.244 Dst: 199.43.0.44 BIG PAYLOAD Response Src: 203.119.102.244 Dst: 199.43.0.44 BIG PAYLOAD Response Src: 203.119.102.244 Dst: 199.43.0.44 BIG PAYLOAD
Defeating IP spoofing – BCP38 InternetISP 203.119.102.244 175.98.98.133 ☺︎ BCP38 (2000) Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing ISP Request Src: 199.43.0.44 Dst: 203.119.102.244
DDoS attack: Distributed DoS InternetISP ☹︎ “Botnet”
Network Security In A Nutshell • Ensuring Confidentiality's, Integrity, Availability • Building a risk management approach • Implemented through cybersecurity program C I A • Security as a process • Technology, people, and process
The Bigger Picture Network & Information Security Cybersecurity
Users Public Safety Regulators Operators Vendors Software CERTs Internet Security Ecosystem
Asia-Pacific CERTs
Asia-Pacific CERTs
Incident Response Security Incident • A computer security incident is a violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices • Examples: – An attacker commands a botnet to send high volumes of connection requests to a web server, causing it to crash – Users are tricked into opening a “quarterly report” sent via email that is actually malware; running the tool has infected their computers and established connections with an external host. – An attacker obtains sensitive data and threatens that the details will be released publicly if the organization does not pay a designated sum of money. (Source: NIST SP800-61Incident Handling Guide)
1. Preparation – Preparing to handle Incidents – Preventing Incidents 2. Detection and Analysis Source: http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf Stages of Incident Handling 3. Containment, Eradication & Recovery 4. Post Incident Activities
Asia-Pacific CERTs
Coordination Source: NIST Computer Security Incident Handling Guide
Asia-Pacific CERTs
Information Sharing • Trusted Group • Sharing of threat intelligence • Co-ordinated Response • Reach out to the community
Why a Team? • Dedicated resources for Incident Management – Dedicated Service(s) – Human Resources – Specific Polices and SOPs – Expertise & Skillsets • Structured Incident Management / Handling Procedures • Integration with other activities Internal & External to the organization – SOC / IT – CERTs / ISACs etc
Building a - CERT - CSIRT
Defining a CSIRT …is a team that performs, coordinates, and supports the response to security incidents that involve sites within a defined constituency • In ways which the specific community agrees to be in its general interest • Team = Organization that does Incident Response (IR) work! • Must react to reported security incidents or threat faced by the constituency
Defining a CSIRT …is a team that performs, coordinates, and supports the response to security incidents that involve sites within a defined constituency • Mandate & Terms of Reference • Defined Structure • Operational Capacity
38 Components of a CERT/CSIRT
Constituency • Who is the Team meant to serve? • Constituency help defines: – What is the purpose & nature of the CSIRT – Who is the CSIRT Serving – What types of security incidents the CSIRT handles – What are the relationship with other CSIRTs • Constituencies might overlap – Co-ordination is key – CSIRT of the “Last Resort”
Different Types of CSIRTs • National CSIRTs • Coordination Centers • Analysis Centers • Enterprise CSIRTs • Vendor Teams • Incident Response Providers • Regional CERTs Source: US-CERT https://www.cert.org/incident-management/csirt-development/csirt-faq.cfm
Policies & SOPs • Specific for Incident Response & Handling • Definition of Security Incidents and Related Terms • Define Scope, Roles & Responsibilities • Sharing of Information within the organization or with external parties • What to do in the event of a security incident – Specific SOP for dealing with different types of incidents – Forms, Templates, Required information – How to reach you outside office hours • Dealing with Crisis – Escalation (Internal & External) – Dealing with the Media /Press • Setting Realistic Expectations – Dealing with Service Providers
Team Structure • Team Models – Central Incident Response Team – Distributed Incident Response Team – Co-ordination Team • Functions / Workflow – Incident Reporting • Report from internal or external – Incident Analysis • What is happening, Impact, Patterns – Incident Response • Containment, Eradication & Recovery • Post-Incident Activity / Recommendations • How many people do we need in a team?
Services • Incident Handling & Response – Core activity • Advisory / Notification – Issue advisory relevant to constituency • Education and Awareness – Promoting best practices – Policies and SOPs – Cyber Security Exercises • Information Sharing – i.e. Global / Regional CSIRTs groups, ISACS • Other Services – Reactive – Proactive – Security Quality Management
Types of Services Example * Enterprise CSIRT * Proactive Services Reactive Services Security Quality Management Services • Security Alerts • Security Reporting • Security Diagnosis • Monitoring of Websites • Vulnerability Handling • Incident Handling • Artifact Handling • Security Consultation • Security Education • Security Training • Evaluation of Technologies Source: NTT-CERT https://conference.apnic.net/data/39/150304_ntt-cert-activity_1425447986.pdf
Tools & Facilities • Basically two categories of tools – Managing Incident Reports – Tools for analysis • Handling & Managing Incidents Reported – Able to collect & store incidents reported – Track status, produce reports – Function of system can be mapped to SOP – Encryption tools for secure communication • Security Incidents Monitoring & Analysis – Tools for processing or analyzing logs, binaries, network traffic – Forensics Tools – Tools for information sharing – Labs / Separate resources for analysis / testing – Tools in the Public domains (i.e. Passive DNS) • Office / Work facilities – Secure room, Office facilities, etc • Good Resource: FIRST Membership Site Visit: http://www.first.org/membership/site-visit-V1.0.pdf
Building Relationships • Internal – Early buy-in from leadership and constituency – Costing • The cost tends to vary based on a lot of factors – Size of team – Services provided – Nature of Organisation • Start Small – Using open source tools – Scale up as capability and need grows • External – Becoming of a part of a trusted community • Attending Meetings / Conferences • Capacity Development (Training)
Asia-Pacific CERTs
Road Forward “Establishment of a National Computer Emergency Response Team (CERT) that is capable of dealing with relevant Cybersecurity threats for citizens, tourists, businesses and government in Vanuatu”
Lets stay engaged! Klée Aiken External Relations Manager klee@apnic.net Adli Wahid Security Specialist FIRST Board Member adli@apnic.net Upcoming security engagements: • APCERT Conference | Tokyo, JP • 24 to 27 Oct 2016 • NGN Forum | Suva, FJ • 1 to 3 Nov 2016 • Technical Assistance | Suva & Nadi, FJ • 24 to 26 Nov 2016 • PacNOG 19 | Nadi, FJ • 28 Nov to 2 Dec
Tankio tumas! Questions?

Recommended

APrIGF 2015: Security and the Internet of Things
APrIGF 2015: Security and the Internet of ThingsAPrIGF 2015: Security and the Internet of Things
APrIGF 2015: Security and the Internet of ThingsAPNIC
 
Internet of Things... Let's Not Forget Security Please!, by Eric Vyncke [APNI...
Internet of Things... Let's Not Forget Security Please!, by Eric Vyncke [APNI...Internet of Things... Let's Not Forget Security Please!, by Eric Vyncke [APNI...
Internet of Things... Let's Not Forget Security Please!, by Eric Vyncke [APNI...APNIC
 
Stockholm Internet Forum 2017: Development of CERTs in the Asia Pacific
Stockholm Internet Forum 2017: Development of CERTs in the Asia PacificStockholm Internet Forum 2017: Development of CERTs in the Asia Pacific
Stockholm Internet Forum 2017: Development of CERTs in the Asia PacificAPNIC
 
Introduction to CSIRTs
Introduction to CSIRTsIntroduction to CSIRTs
Introduction to CSIRTsAPNIC
 
WHOIS Database for Incident Response & Handling
WHOIS Database for Incident Response & HandlingWHOIS Database for Incident Response & Handling
WHOIS Database for Incident Response & HandlingAPNIC
 
PRFP-10: Cyber threats and security in the Pacific
PRFP-10: Cyber threats and security in the PacificPRFP-10: Cyber threats and security in the Pacific
PRFP-10: Cyber threats and security in the PacificAPNIC
 
Development of Jisc security programme - Networkshop44
Development of Jisc security programme - Networkshop44Development of Jisc security programme - Networkshop44
Development of Jisc security programme - Networkshop44Jisc
 
Cyber Security Week 2015: Get involved and contribute
Cyber Security Week 2015: Get involved and contributeCyber Security Week 2015: Get involved and contribute
Cyber Security Week 2015: Get involved and contributeAPNIC
 

Recommended

APrIGF 2015: Security and the Internet of Things
APrIGF 2015: Security and the Internet of ThingsAPrIGF 2015: Security and the Internet of Things
APrIGF 2015: Security and the Internet of ThingsAPNIC
 
Internet of Things... Let's Not Forget Security Please!, by Eric Vyncke [APNI...
Internet of Things... Let's Not Forget Security Please!, by Eric Vyncke [APNI...Internet of Things... Let's Not Forget Security Please!, by Eric Vyncke [APNI...
Internet of Things... Let's Not Forget Security Please!, by Eric Vyncke [APNI...APNIC
 
Stockholm Internet Forum 2017: Development of CERTs in the Asia Pacific
Stockholm Internet Forum 2017: Development of CERTs in the Asia PacificStockholm Internet Forum 2017: Development of CERTs in the Asia Pacific
Stockholm Internet Forum 2017: Development of CERTs in the Asia PacificAPNIC
 
Introduction to CSIRTs
Introduction to CSIRTsIntroduction to CSIRTs
Introduction to CSIRTsAPNIC
 
WHOIS Database for Incident Response & Handling
WHOIS Database for Incident Response & HandlingWHOIS Database for Incident Response & Handling
WHOIS Database for Incident Response & HandlingAPNIC
 
PRFP-10: Cyber threats and security in the Pacific
PRFP-10: Cyber threats and security in the PacificPRFP-10: Cyber threats and security in the Pacific
PRFP-10: Cyber threats and security in the PacificAPNIC
 
Development of Jisc security programme - Networkshop44
Development of Jisc security programme - Networkshop44Development of Jisc security programme - Networkshop44
Development of Jisc security programme - Networkshop44Jisc
 
Cyber Security Week 2015: Get involved and contribute
Cyber Security Week 2015: Get involved and contributeCyber Security Week 2015: Get involved and contribute
Cyber Security Week 2015: Get involved and contributeAPNIC
 
PANDI Meeting 12: Supporting resilience and security in Internet routing
PANDI Meeting 12: Supporting resilience and security in Internet routingPANDI Meeting 12: Supporting resilience and security in Internet routing
PANDI Meeting 12: Supporting resilience and security in Internet routingAPNIC
 
APAN 52: APNIC Report
APAN 52: APNIC ReportAPAN 52: APNIC Report
APAN 52: APNIC ReportAPNIC
 
Fostering National Incident Response Capacity
Fostering National Incident Response CapacityFostering National Incident Response Capacity
Fostering National Incident Response CapacityAPNIC
 
Collective responsibility for security and resilience of the global routing s...
Collective responsibility for security and resilience of the global routing s...Collective responsibility for security and resilience of the global routing s...
Collective responsibility for security and resilience of the global routing s...APNIC
 
APrIGF 2021: Internet of Communities – Working Together to Build Trust
APrIGF 2021: Internet of Communities – Working Together to Build TrustAPrIGF 2021: Internet of Communities – Working Together to Build Trust
APrIGF 2021: Internet of Communities – Working Together to Build TrustAPNIC
 
ION Malta - Introduction to DNSSEC
ION Malta - Introduction to DNSSECION Malta - Introduction to DNSSEC
ION Malta - Introduction to DNSSECDeploy360 Programme (Internet Society)
 
APEC TEL 62: APNIC Security Engagement Activities
APEC TEL 62: APNIC Security Engagement ActivitiesAPEC TEL 62: APNIC Security Engagement Activities
APEC TEL 62: APNIC Security Engagement ActivitiesAPNIC
 
ION Malta - DANE: The Future of TLS
ION Malta - DANE: The Future of TLSION Malta - DANE: The Future of TLS
ION Malta - DANE: The Future of TLSDeploy360 Programme (Internet Society)
 
ION Malta - Opening Slides
ION Malta - Opening SlidesION Malta - Opening Slides
ION Malta - Opening SlidesDeploy360 Programme (Internet Society)
 
ION Hangzhou - Keynote: Collaborative Security and an Open Internet
ION Hangzhou - Keynote: Collaborative Security and an Open InternetION Hangzhou - Keynote: Collaborative Security and an Open Internet
ION Hangzhou - Keynote: Collaborative Security and an Open InternetDeploy360 Programme (Internet Society)
 
Tech 2 Tech - security
Tech 2 Tech - securityTech 2 Tech - security
Tech 2 Tech - securityJisc
 
Strengthen DNS Through Infrastructure Design
Strengthen DNS Through Infrastructure DesignStrengthen DNS Through Infrastructure Design
Strengthen DNS Through Infrastructure DesignAPNIC
 
ION Malta - IETF Update
ION Malta - IETF UpdateION Malta - IETF Update
ION Malta - IETF UpdateDeploy360 Programme (Internet Society)
 
Source Address Validation Everywhere, by Paul Vixie [APNIC 38 / Technical Key...
Source Address Validation Everywhere, by Paul Vixie [APNIC 38 / Technical Key...Source Address Validation Everywhere, by Paul Vixie [APNIC 38 / Technical Key...
Source Address Validation Everywhere, by Paul Vixie [APNIC 38 / Technical Key...APNIC
 
APNIC update PNG IXP Inauguration
APNIC update PNG IXP InaugurationAPNIC update PNG IXP Inauguration
APNIC update PNG IXP InaugurationAPNIC
 
MMIX Peering Forum and MMNOG 2020: Securing your resources with RPKI and IRT
MMIX Peering Forum and MMNOG 2020: Securing your resources with RPKI and IRTMMIX Peering Forum and MMNOG 2020: Securing your resources with RPKI and IRT
MMIX Peering Forum and MMNOG 2020: Securing your resources with RPKI and IRTAPNIC
 
Honeynet architecture
Honeynet architectureHoneynet architecture
Honeynet architectureamar koppal
 
APEC TEL 62: IPv6 Deployment Update
APEC TEL 62: IPv6 Deployment UpdateAPEC TEL 62: IPv6 Deployment Update
APEC TEL 62: IPv6 Deployment UpdateAPNIC
 
ION Malta - IPv6 Case Study: Finland
ION Malta - IPv6 Case Study: FinlandION Malta - IPv6 Case Study: Finland
ION Malta - IPv6 Case Study: FinlandDeploy360 Programme (Internet Society)
 
Exhibitor session: Efficient IP
Exhibitor session: Efficient IPExhibitor session: Efficient IP
Exhibitor session: Efficient IPJisc
 
Agile Secure Software Development in a Large Software Development Organisatio...
Agile Secure Software Development in a Large Software Development Organisatio...Agile Secure Software Development in a Large Software Development Organisatio...
Agile Secure Software Development in a Large Software Development Organisatio...Achim D. Brucker
 
Continous Integration of (JS) projects & check-build philosophy
Continous Integration of (JS) projects & check-build philosophyContinous Integration of (JS) projects & check-build philosophy
Continous Integration of (JS) projects & check-build philosophyFrançois-Guillaume Ribreau
 

More Related Content

What's hot

PANDI Meeting 12: Supporting resilience and security in Internet routing
PANDI Meeting 12: Supporting resilience and security in Internet routingPANDI Meeting 12: Supporting resilience and security in Internet routing
PANDI Meeting 12: Supporting resilience and security in Internet routingAPNIC
 
APAN 52: APNIC Report
APAN 52: APNIC ReportAPAN 52: APNIC Report
APAN 52: APNIC ReportAPNIC
 
Fostering National Incident Response Capacity
Fostering National Incident Response CapacityFostering National Incident Response Capacity
Fostering National Incident Response CapacityAPNIC
 
Collective responsibility for security and resilience of the global routing s...
Collective responsibility for security and resilience of the global routing s...Collective responsibility for security and resilience of the global routing s...
Collective responsibility for security and resilience of the global routing s...APNIC
 
APrIGF 2021: Internet of Communities – Working Together to Build Trust
APrIGF 2021: Internet of Communities – Working Together to Build TrustAPrIGF 2021: Internet of Communities – Working Together to Build Trust
APrIGF 2021: Internet of Communities – Working Together to Build TrustAPNIC
 
APEC TEL 62: APNIC Security Engagement Activities
APEC TEL 62: APNIC Security Engagement ActivitiesAPEC TEL 62: APNIC Security Engagement Activities
APEC TEL 62: APNIC Security Engagement ActivitiesAPNIC
 
Tech 2 Tech - security
Tech 2 Tech - securityTech 2 Tech - security
Tech 2 Tech - securityJisc
 
Strengthen DNS Through Infrastructure Design
Strengthen DNS Through Infrastructure DesignStrengthen DNS Through Infrastructure Design
Strengthen DNS Through Infrastructure DesignAPNIC
 
Source Address Validation Everywhere, by Paul Vixie [APNIC 38 / Technical Key...
Source Address Validation Everywhere, by Paul Vixie [APNIC 38 / Technical Key...Source Address Validation Everywhere, by Paul Vixie [APNIC 38 / Technical Key...
Source Address Validation Everywhere, by Paul Vixie [APNIC 38 / Technical Key...APNIC
 
APNIC update PNG IXP Inauguration
APNIC update PNG IXP InaugurationAPNIC update PNG IXP Inauguration
APNIC update PNG IXP InaugurationAPNIC
 
MMIX Peering Forum and MMNOG 2020: Securing your resources with RPKI and IRT
MMIX Peering Forum and MMNOG 2020: Securing your resources with RPKI and IRTMMIX Peering Forum and MMNOG 2020: Securing your resources with RPKI and IRT
MMIX Peering Forum and MMNOG 2020: Securing your resources with RPKI and IRTAPNIC
 
Honeynet architecture
Honeynet architectureHoneynet architecture
Honeynet architectureamar koppal
 
APEC TEL 62: IPv6 Deployment Update
APEC TEL 62: IPv6 Deployment UpdateAPEC TEL 62: IPv6 Deployment Update
APEC TEL 62: IPv6 Deployment UpdateAPNIC
 
Exhibitor session: Efficient IP
Exhibitor session: Efficient IPExhibitor session: Efficient IP
Exhibitor session: Efficient IPJisc
 

What's hot (20)

PANDI Meeting 12: Supporting resilience and security in Internet routing
PANDI Meeting 12: Supporting resilience and security in Internet routingPANDI Meeting 12: Supporting resilience and security in Internet routing
PANDI Meeting 12: Supporting resilience and security in Internet routing
 
APAN 52: APNIC Report
APAN 52: APNIC ReportAPAN 52: APNIC Report
APAN 52: APNIC Report
 
Fostering National Incident Response Capacity
Fostering National Incident Response CapacityFostering National Incident Response Capacity
Fostering National Incident Response Capacity
 
Collective responsibility for security and resilience of the global routing s...
Collective responsibility for security and resilience of the global routing s...Collective responsibility for security and resilience of the global routing s...
Collective responsibility for security and resilience of the global routing s...
 
APrIGF 2021: Internet of Communities – Working Together to Build Trust
APrIGF 2021: Internet of Communities – Working Together to Build TrustAPrIGF 2021: Internet of Communities – Working Together to Build Trust
APrIGF 2021: Internet of Communities – Working Together to Build Trust
 
ION Malta - Introduction to DNSSEC
ION Malta - Introduction to DNSSECION Malta - Introduction to DNSSEC
ION Malta - Introduction to DNSSEC
 
APEC TEL 62: APNIC Security Engagement Activities
APEC TEL 62: APNIC Security Engagement ActivitiesAPEC TEL 62: APNIC Security Engagement Activities
APEC TEL 62: APNIC Security Engagement Activities
 
ION Malta - DANE: The Future of TLS
ION Malta - DANE: The Future of TLSION Malta - DANE: The Future of TLS
ION Malta - DANE: The Future of TLS
 
ION Malta - Opening Slides
ION Malta - Opening SlidesION Malta - Opening Slides
ION Malta - Opening Slides
 
ION Hangzhou - Keynote: Collaborative Security and an Open Internet
ION Hangzhou - Keynote: Collaborative Security and an Open InternetION Hangzhou - Keynote: Collaborative Security and an Open Internet
ION Hangzhou - Keynote: Collaborative Security and an Open Internet
 
Tech 2 Tech - security
Tech 2 Tech - securityTech 2 Tech - security
Tech 2 Tech - security
 
Strengthen DNS Through Infrastructure Design
Strengthen DNS Through Infrastructure DesignStrengthen DNS Through Infrastructure Design
Strengthen DNS Through Infrastructure Design
 
ION Malta - IETF Update
ION Malta - IETF UpdateION Malta - IETF Update
ION Malta - IETF Update
 
Source Address Validation Everywhere, by Paul Vixie [APNIC 38 / Technical Key...
Source Address Validation Everywhere, by Paul Vixie [APNIC 38 / Technical Key...Source Address Validation Everywhere, by Paul Vixie [APNIC 38 / Technical Key...
Source Address Validation Everywhere, by Paul Vixie [APNIC 38 / Technical Key...
 
APNIC update PNG IXP Inauguration
APNIC update PNG IXP InaugurationAPNIC update PNG IXP Inauguration
APNIC update PNG IXP Inauguration
 
MMIX Peering Forum and MMNOG 2020: Securing your resources with RPKI and IRT
MMIX Peering Forum and MMNOG 2020: Securing your resources with RPKI and IRTMMIX Peering Forum and MMNOG 2020: Securing your resources with RPKI and IRT
MMIX Peering Forum and MMNOG 2020: Securing your resources with RPKI and IRT
 
Honeynet architecture
Honeynet architectureHoneynet architecture
Honeynet architecture
 
APEC TEL 62: IPv6 Deployment Update
APEC TEL 62: IPv6 Deployment UpdateAPEC TEL 62: IPv6 Deployment Update
APEC TEL 62: IPv6 Deployment Update
 
ION Malta - IPv6 Case Study: Finland
ION Malta - IPv6 Case Study: FinlandION Malta - IPv6 Case Study: Finland
ION Malta - IPv6 Case Study: Finland
 
Exhibitor session: Efficient IP
Exhibitor session: Efficient IPExhibitor session: Efficient IP
Exhibitor session: Efficient IP
 

Viewers also liked

Agile Secure Software Development in a Large Software Development Organisatio...
Agile Secure Software Development in a Large Software Development Organisatio...Agile Secure Software Development in a Large Software Development Organisatio...
Agile Secure Software Development in a Large Software Development Organisatio...Achim D. Brucker
 
Continous Integration of (JS) projects & check-build philosophy
Continous Integration of (JS) projects & check-build philosophyContinous Integration of (JS) projects & check-build philosophy
Continous Integration of (JS) projects & check-build philosophyFrançois-Guillaume Ribreau
 
AppSec Survey 2.0 Fine-Tuning an AppSec Training Program Based on Data
AppSec Survey 2.0 Fine-Tuning an AppSec Training Program Based on DataAppSec Survey 2.0 Fine-Tuning an AppSec Training Program Based on Data
AppSec Survey 2.0 Fine-Tuning an AppSec Training Program Based on DataDenim Group
 
Pythonista も ls を読むべきか?
Pythonista も ls を読むべきか?Pythonista も ls を読むべきか?
Pythonista も ls を読むべきか?Katsunori FUJIWARA
 
Rugged DevOps: Bridging Security and DevOps
Rugged DevOps: Bridging Security and DevOpsRugged DevOps: Bridging Security and DevOps
Rugged DevOps: Bridging Security and DevOpsJames Wickett
 
DevOps AppSec Pipeline Velcocity NY 2015
DevOps AppSec Pipeline Velcocity NY 2015DevOps AppSec Pipeline Velcocity NY 2015
DevOps AppSec Pipeline Velcocity NY 2015Aaron Weaver
 
Automated Security Testing
Automated Security TestingAutomated Security Testing
Automated Security Testingseleniumconf
 
Continuous Security Testing in a Devops World #OWASPHelsinki
Continuous Security Testing in a Devops World #OWASPHelsinkiContinuous Security Testing in a Devops World #OWASPHelsinki
Continuous Security Testing in a Devops World #OWASPHelsinkiStephen de Vries
 
Threat Modeling And Analysis
Threat Modeling And AnalysisThreat Modeling And Analysis
Threat Modeling And AnalysisLalit Kale
 
Continuous and Visible Security Testing with BDD-Security
Continuous and Visible Security Testing with BDD-SecurityContinuous and Visible Security Testing with BDD-Security
Continuous and Visible Security Testing with BDD-SecurityStephen de Vries
 
Automating security tests for Continuous Integration
Automating security tests for Continuous IntegrationAutomating security tests for Continuous Integration
Automating security tests for Continuous IntegrationStephen de Vries
 
Building Risk Management into Enterprise Architecture
Building Risk Management into Enterprise ArchitectureBuilding Risk Management into Enterprise Architecture
Building Risk Management into Enterprise Architectureiasaglobal
 
Integración contínua con Jenkins
Integración contínua con JenkinsIntegración contínua con Jenkins
Integración contínua con JenkinsCésar Hernández
 
(SEC405) Enterprise Cloud Security via DevSecOps | AWS re:Invent 2014
(SEC405) Enterprise Cloud Security via DevSecOps | AWS re:Invent 2014(SEC405) Enterprise Cloud Security via DevSecOps | AWS re:Invent 2014
(SEC405) Enterprise Cloud Security via DevSecOps | AWS re:Invent 2014Amazon Web Services
 
OWASP WTE - Now in the Cloud!
OWASP WTE - Now in the Cloud!OWASP WTE - Now in the Cloud!
OWASP WTE - Now in the Cloud!Matt Tesauro
 
New Farming Methods in the Epistemological Wasteland of Application Security
New Farming Methods in the Epistemological Wasteland of Application SecurityNew Farming Methods in the Epistemological Wasteland of Application Security
New Farming Methods in the Epistemological Wasteland of Application SecurityJames Wickett
 
Real World Application Threat Modelling By Example
Real World Application Threat Modelling By ExampleReal World Application Threat Modelling By Example
Real World Application Threat Modelling By ExampleNCC Group
 
Continuous Security Testing - DevSecCon
Continuous Security Testing - DevSecConContinuous Security Testing - DevSecCon
Continuous Security Testing - DevSecConStephen de Vries
 
DevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityDevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityAlert Logic
 

Viewers also liked (20)

Agile Secure Software Development in a Large Software Development Organisatio...
Agile Secure Software Development in a Large Software Development Organisatio...Agile Secure Software Development in a Large Software Development Organisatio...
Agile Secure Software Development in a Large Software Development Organisatio...
 
Continous Integration of (JS) projects & check-build philosophy
Continous Integration of (JS) projects & check-build philosophyContinous Integration of (JS) projects & check-build philosophy
Continous Integration of (JS) projects & check-build philosophy
 
AppSec Survey 2.0 Fine-Tuning an AppSec Training Program Based on Data
AppSec Survey 2.0 Fine-Tuning an AppSec Training Program Based on DataAppSec Survey 2.0 Fine-Tuning an AppSec Training Program Based on Data
AppSec Survey 2.0 Fine-Tuning an AppSec Training Program Based on Data
 
Pythonista も ls を読むべきか?
Pythonista も ls を読むべきか?Pythonista も ls を読むべきか?
Pythonista も ls を読むべきか?
 
Rugged DevOps: Bridging Security and DevOps
Rugged DevOps: Bridging Security and DevOpsRugged DevOps: Bridging Security and DevOps
Rugged DevOps: Bridging Security and DevOps
 
DevOps AppSec Pipeline Velcocity NY 2015
DevOps AppSec Pipeline Velcocity NY 2015DevOps AppSec Pipeline Velcocity NY 2015
DevOps AppSec Pipeline Velcocity NY 2015
 
Automated Security Testing
Automated Security TestingAutomated Security Testing
Automated Security Testing
 
Security testautomation
Security testautomationSecurity testautomation
Security testautomation
 
Continuous Security Testing in a Devops World #OWASPHelsinki
Continuous Security Testing in a Devops World #OWASPHelsinkiContinuous Security Testing in a Devops World #OWASPHelsinki
Continuous Security Testing in a Devops World #OWASPHelsinki
 
Threat Modeling And Analysis
Threat Modeling And AnalysisThreat Modeling And Analysis
Threat Modeling And Analysis
 
Continuous and Visible Security Testing with BDD-Security
Continuous and Visible Security Testing with BDD-SecurityContinuous and Visible Security Testing with BDD-Security
Continuous and Visible Security Testing with BDD-Security
 
Automating security tests for Continuous Integration
Automating security tests for Continuous IntegrationAutomating security tests for Continuous Integration
Automating security tests for Continuous Integration
 
Building Risk Management into Enterprise Architecture
Building Risk Management into Enterprise ArchitectureBuilding Risk Management into Enterprise Architecture
Building Risk Management into Enterprise Architecture
 
Integración contínua con Jenkins
Integración contínua con JenkinsIntegración contínua con Jenkins
Integración contínua con Jenkins
 
(SEC405) Enterprise Cloud Security via DevSecOps | AWS re:Invent 2014
(SEC405) Enterprise Cloud Security via DevSecOps | AWS re:Invent 2014(SEC405) Enterprise Cloud Security via DevSecOps | AWS re:Invent 2014
(SEC405) Enterprise Cloud Security via DevSecOps | AWS re:Invent 2014
 
OWASP WTE - Now in the Cloud!
OWASP WTE - Now in the Cloud!OWASP WTE - Now in the Cloud!
OWASP WTE - Now in the Cloud!
 
New Farming Methods in the Epistemological Wasteland of Application Security
New Farming Methods in the Epistemological Wasteland of Application SecurityNew Farming Methods in the Epistemological Wasteland of Application Security
New Farming Methods in the Epistemological Wasteland of Application Security
 
Real World Application Threat Modelling By Example
Real World Application Threat Modelling By ExampleReal World Application Threat Modelling By Example
Real World Application Threat Modelling By Example
 
Continuous Security Testing - DevSecCon
Continuous Security Testing - DevSecConContinuous Security Testing - DevSecCon
Continuous Security Testing - DevSecCon
 
DevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityDevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to Security
 

Similar to Cybersecurity by the #s Regulatory Symposium

CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]APNIC
 
Using SurfWatch Labs' Threat Intelligence to Understand Dark Web Threats
Using SurfWatch Labs' Threat Intelligence to Understand Dark Web ThreatsUsing SurfWatch Labs' Threat Intelligence to Understand Dark Web Threats
Using SurfWatch Labs' Threat Intelligence to Understand Dark Web ThreatsSurfWatch Labs
 
Lec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsLec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsBilalMehmood44
 
Ransomware: The Impact is Real
Ransomware: The Impact is RealRansomware: The Impact is Real
Ransomware: The Impact is RealNICSA
 
CompTIA_Security_plus_SY0-701_course_content.pdf
CompTIA_Security_plus_SY0-701_course_content.pdfCompTIA_Security_plus_SY0-701_course_content.pdf
CompTIA_Security_plus_SY0-701_course_content.pdfInfosec train
 
CompTIA_Security_plus_SY0-701_course_content.pdf
CompTIA_Security_plus_SY0-701_course_content.pdfCompTIA_Security_plus_SY0-701_course_content.pdf
CompTIA_Security_plus_SY0-701_course_content.pdfpriyanshamadhwal2
 
𝐋𝐚𝐭𝐞𝐬𝐭 𝐂𝐨𝐦𝐩𝐓𝐈𝐀 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲+ 𝐒𝐘𝟎-𝟕𝟎𝟏 𝐄𝐱𝐚𝐦
𝐋𝐚𝐭𝐞𝐬𝐭 𝐂𝐨𝐦𝐩𝐓𝐈𝐀 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲+ 𝐒𝐘𝟎-𝟕𝟎𝟏 𝐄𝐱𝐚𝐦𝐋𝐚𝐭𝐞𝐬𝐭 𝐂𝐨𝐦𝐩𝐓𝐈𝐀 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲+ 𝐒𝐘𝟎-𝟕𝟎𝟏 𝐄𝐱𝐚𝐦
𝐋𝐚𝐭𝐞𝐬𝐭 𝐂𝐨𝐦𝐩𝐓𝐈𝐀 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲+ 𝐒𝐘𝟎-𝟕𝟎𝟏 𝐄𝐱𝐚𝐦Infosec train
 
𝐋𝐚𝐭𝐞𝐬𝐭 𝐂𝐨𝐦𝐩𝐓𝐈𝐀 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲+ 𝐒𝐘𝟎-𝟕𝟎𝟏 𝐄𝐱𝐚𝐦
𝐋𝐚𝐭𝐞𝐬𝐭 𝐂𝐨𝐦𝐩𝐓𝐈𝐀 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲+ 𝐒𝐘𝟎-𝟕𝟎𝟏 𝐄𝐱𝐚𝐦𝐋𝐚𝐭𝐞𝐬𝐭 𝐂𝐨𝐦𝐩𝐓𝐈𝐀 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲+ 𝐒𝐘𝟎-𝟕𝟎𝟏 𝐄𝐱𝐚𝐦
𝐋𝐚𝐭𝐞𝐬𝐭 𝐂𝐨𝐦𝐩𝐓𝐈𝐀 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲+ 𝐒𝐘𝟎-𝟕𝟎𝟏 𝐄𝐱𝐚𝐦priyanshamadhwal2
 
Security+ SY0-701 CERTIFICATION TRAINING.pdf
Security+ SY0-701 CERTIFICATION TRAINING.pdfSecurity+ SY0-701 CERTIFICATION TRAINING.pdf
Security+ SY0-701 CERTIFICATION TRAINING.pdfinfosecTrain
 
CompTIA Security+ (Plus) Certification Training Course
CompTIA Security+ (Plus) Certification Training CourseCompTIA Security+ (Plus) Certification Training Course
CompTIA Security+ (Plus) Certification Training CourseInfosecTrain Education
 
Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5sabtolinux
 
Advantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity FrameworkAdvantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity FrameworkJack Shaffer
 
Information Security Risk Management
Information Security Risk ManagementInformation Security Risk Management
Information Security Risk Managementipspat
 
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...APNIC
 
Using SurfWatch Labs' Threat Intelligence to Monitor Your Digital Risk
Using SurfWatch Labs' Threat Intelligence to Monitor Your Digital RiskUsing SurfWatch Labs' Threat Intelligence to Monitor Your Digital Risk
Using SurfWatch Labs' Threat Intelligence to Monitor Your Digital RiskSurfWatch Labs
 
Cyber 101 for smb execs v1
Cyber 101 for smb execs v1Cyber 101 for smb execs v1
Cyber 101 for smb execs v1NetWatcher
 
Cyber security and demonstration of security tools
Cyber security and demonstration of security toolsCyber security and demonstration of security tools
Cyber security and demonstration of security toolsVicky Fernandes
 
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskThe Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskBeyondTrust
 

Similar to Cybersecurity by the #s Regulatory Symposium (20)

CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
 
Using SurfWatch Labs' Threat Intelligence to Understand Dark Web Threats
Using SurfWatch Labs' Threat Intelligence to Understand Dark Web ThreatsUsing SurfWatch Labs' Threat Intelligence to Understand Dark Web Threats
Using SurfWatch Labs' Threat Intelligence to Understand Dark Web Threats
 
Lec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendationsLec 1- Intro to cyber security and recommendations
Lec 1- Intro to cyber security and recommendations
 
Ransomware: The Impact is Real
Ransomware: The Impact is RealRansomware: The Impact is Real
Ransomware: The Impact is Real
 
ISACA ISSA Presentation
ISACA ISSA PresentationISACA ISSA Presentation
ISACA ISSA Presentation
 
Cyberattacks.pptx
Cyberattacks.pptxCyberattacks.pptx
Cyberattacks.pptx
 
CompTIA_Security_plus_SY0-701_course_content.pdf
CompTIA_Security_plus_SY0-701_course_content.pdfCompTIA_Security_plus_SY0-701_course_content.pdf
CompTIA_Security_plus_SY0-701_course_content.pdf
 
CompTIA_Security_plus_SY0-701_course_content.pdf
CompTIA_Security_plus_SY0-701_course_content.pdfCompTIA_Security_plus_SY0-701_course_content.pdf
CompTIA_Security_plus_SY0-701_course_content.pdf
 
𝐋𝐚𝐭𝐞𝐬𝐭 𝐂𝐨𝐦𝐩𝐓𝐈𝐀 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲+ 𝐒𝐘𝟎-𝟕𝟎𝟏 𝐄𝐱𝐚𝐦
𝐋𝐚𝐭𝐞𝐬𝐭 𝐂𝐨𝐦𝐩𝐓𝐈𝐀 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲+ 𝐒𝐘𝟎-𝟕𝟎𝟏 𝐄𝐱𝐚𝐦𝐋𝐚𝐭𝐞𝐬𝐭 𝐂𝐨𝐦𝐩𝐓𝐈𝐀 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲+ 𝐒𝐘𝟎-𝟕𝟎𝟏 𝐄𝐱𝐚𝐦
𝐋𝐚𝐭𝐞𝐬𝐭 𝐂𝐨𝐦𝐩𝐓𝐈𝐀 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲+ 𝐒𝐘𝟎-𝟕𝟎𝟏 𝐄𝐱𝐚𝐦
 
𝐋𝐚𝐭𝐞𝐬𝐭 𝐂𝐨𝐦𝐩𝐓𝐈𝐀 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲+ 𝐒𝐘𝟎-𝟕𝟎𝟏 𝐄𝐱𝐚𝐦
𝐋𝐚𝐭𝐞𝐬𝐭 𝐂𝐨𝐦𝐩𝐓𝐈𝐀 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲+ 𝐒𝐘𝟎-𝟕𝟎𝟏 𝐄𝐱𝐚𝐦𝐋𝐚𝐭𝐞𝐬𝐭 𝐂𝐨𝐦𝐩𝐓𝐈𝐀 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲+ 𝐒𝐘𝟎-𝟕𝟎𝟏 𝐄𝐱𝐚𝐦
𝐋𝐚𝐭𝐞𝐬𝐭 𝐂𝐨𝐦𝐩𝐓𝐈𝐀 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲+ 𝐒𝐘𝟎-𝟕𝟎𝟏 𝐄𝐱𝐚𝐦
 
Security+ SY0-701 CERTIFICATION TRAINING.pdf
Security+ SY0-701 CERTIFICATION TRAINING.pdfSecurity+ SY0-701 CERTIFICATION TRAINING.pdf
Security+ SY0-701 CERTIFICATION TRAINING.pdf
 
CompTIA Security+ (Plus) Certification Training Course
CompTIA Security+ (Plus) Certification Training CourseCompTIA Security+ (Plus) Certification Training Course
CompTIA Security+ (Plus) Certification Training Course
 
Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5Latihan6 comp-forensic-bab5
Latihan6 comp-forensic-bab5
 
Advantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity FrameworkAdvantage Technology - Ransomware and the NIST Cybersecurity Framework
Advantage Technology - Ransomware and the NIST Cybersecurity Framework
 
Information Security Risk Management
Information Security Risk ManagementInformation Security Risk Management
Information Security Risk Management
 
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
UMS Cybersecurity Awareness Seminar: Cybersecurity - Lessons learned from sec...
 
Using SurfWatch Labs' Threat Intelligence to Monitor Your Digital Risk
Using SurfWatch Labs' Threat Intelligence to Monitor Your Digital RiskUsing SurfWatch Labs' Threat Intelligence to Monitor Your Digital Risk
Using SurfWatch Labs' Threat Intelligence to Monitor Your Digital Risk
 
Cyber 101 for smb execs v1
Cyber 101 for smb execs v1Cyber 101 for smb execs v1
Cyber 101 for smb execs v1
 
Cyber security and demonstration of security tools
Cyber security and demonstration of security toolsCyber security and demonstration of security tools
Cyber security and demonstration of security tools
 
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce RiskThe Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
The Hacker Playbook: How to Think like a Cybercriminal to Reduce Risk
 

More from APNIC

DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024APNIC
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...APNIC
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024APNIC
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGAPNIC
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119APNIC
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119APNIC
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119APNIC
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119APNIC
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119APNIC
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...APNIC
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonAPNIC
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonAPNIC
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPNIC
 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6APNIC
 
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!APNIC
 
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023APNIC
 
AFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAPNIC
 
AFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAPNIC
 
AFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressingAFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressingAPNIC
 

More from APNIC (20)

DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
'Future Evolution of the Internet' delivered by Geoff Huston at Everything Op...
 
On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024On Starlink, presented by Geoff Huston at NZNOG 2024
On Starlink, presented by Geoff Huston at NZNOG 2024
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
 
IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119IP addressing and IPv6, presented by Paul Wilson at IETF 119
IP addressing and IPv6, presented by Paul Wilson at IETF 119
 
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119draft-harrison-sidrops-manifest-number-01, presented at IETF 119
draft-harrison-sidrops-manifest-number-01, presented at IETF 119
 
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
Making an RFC in Today's IETF, presented by Geoff Huston at IETF 119
 
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
IPv6 Operational Issues (with DNS), presented by Geoff Huston at IETF 119
 
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
Is DNS ready for IPv6, presented by Geoff Huston at IETF 119
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
 
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
APNIC Update and RIR Policies for ccTLDs, presented at APTLD 85
 
NANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff HustonNANOG 90: 'BGP in 2023' presented by Geoff Huston
NANOG 90: 'BGP in 2023' presented by Geoff Huston
 
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff HustonDNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
DNS-OARC 42: Is the DNS ready for IPv6? presentation by Geoff Huston
 
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, ThailandAPAN 57: APNIC Report at APAN 57, Bangkok, Thailand
APAN 57: APNIC Report at APAN 57, Bangkok, Thailand
 
Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6Lao Digital Week 2024: It's time to deploy IPv6
Lao Digital Week 2024: It's time to deploy IPv6
 
AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!AINTEC 2023: Networking in the Penumbra!
AINTEC 2023: Networking in the Penumbra!
 
CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023CNIRC 2023: Global and Regional IPv6 Deployment 2023
CNIRC 2023: Global and Regional IPv6 Deployment 2023
 
AFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet developmentAFSIG 2023: APNIC Foundation and support for Internet development
AFSIG 2023: APNIC Foundation and support for Internet development
 
AFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment StatusAFNOG 1: Afghanistan IP Deployment Status
AFNOG 1: Afghanistan IP Deployment Status
 
AFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressingAFSIG 2023: Internet routing and addressing
AFSIG 2023: Internet routing and addressing
 

Recently uploaded

Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersDamian Radcliffe
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebJames Anderson
 
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts servicesonalikaur4
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Roomdivyansh0kumar0
 
Radiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsRadiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsstephieert
 
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607dollysharma2066
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxellan12
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.soniya singh
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Servicesexy call girls service in goa
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Sheetaleventcompany
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Servicegwenoracqe6
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceDelhi Call girls
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Roomdivyansh0kumar0
 

Recently uploaded (20)

Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 6 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providersMoving Beyond Twitter/X and Facebook - Social Media for local news providers
Moving Beyond Twitter/X and Facebook - Social Media for local news providers
 
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark WebGDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
GDG Cloud Southlake 32: Kyle Hettinger: Demystifying the Dark Web
 
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Porur Phone 🍆 8250192130 👅 celebrity escorts service
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
 
Radiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsRadiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girls
 
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls KolkataRussian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
Russian Call Girls in Kolkata Ishita 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 22 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
 
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptxAWS Community DAY Albertini-Ellan Cloud Security (1).pptx
AWS Community DAY Albertini-Ellan Cloud Security (1).pptx
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
 
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine ServiceHot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
Hot Service (+9316020077 ) Goa Call Girls Real Photos and Genuine Service
 
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
Call Girls Service Chandigarh Lucky ❤️ 7710465962 Independent Call Girls In C...
 
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Defence Colony Delhi 💯Call Us 🔝8264348440🔝
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
 
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With RoomVIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
VIP Kolkata Call Girl Kestopur 👉 8250192130 Available With Room
 

Cybersecurity by the #s Regulatory Symposium

  • 1. Cybersecurity by the #s Regulatory Internet Governance Symposium – Vanuatu 20 October 2016
  • 2. Cybersecurity by the #s Network Security • A view from the logical layer • Network Security • What are we up against? • The cybersecurity ecosystem CERT | CSIRT • Incident Response • Coordination • Information Sharing • Building a CERT • Components of a CERT/CSIRT • The Road Forward
  • 3. A view from the logical layer https://www.icann.org/news/multimedia/1563
  • 4. The fundamental challenge 00101000 01101001 01101110 00101001 01110011 01100101 01100011 01110101 01110010 01101001 01110100 01111001 00100000 01100010 01111001 00100000 01100100 01100101 01110011 01101001 01100111 01101110 (in)Security by Design https://blog.apnic.net/2015/07/07/mapping-the-internet-in-the-asia-pacific/
  • 5. Confidentiality Integrity Availability SECURITY prevents unauthorized use or disclosure of information safeguards the accuracy and completeness of information authorized users have reliable and timely access to information Goals of Information Security
  • 6. Terms: Breaking it down • Threat – Any circumstance or factor with the potential to cause harm – a motivated, capable adversary • Vulnerability – A weakness in a system; in procedures, design, or implementation that can be exploited • Software bugs, design flaws, operational mistakes • Risk – The probability that a particular vulnerability will occur – The severity (impact) of that occurrence = likelihood x consequences
  • 7. Security tradeoffs • Services offered vs. security provided – Each service offers its own security risk – The more services, the less security • Ease of use vs. security – Every security mechanism causes inconvenience – The more “plug n play”, the less security • Risk of loss vs. Cost of security – Assets carry value and risk of loss – The higher the value, the higher the security cost • These factors can be balanced in a comprehensive security policy
  • 8. What are we up against?
  • 9. What can the attackers do? • Eavesdropping – Listen in on communications • Masquerading – Impersonating someone else • Forgery – Invent or duplicate/replay information • Trespass – Obtain unauthorised access • Subversion – Modify data and messages in transit • Destruction – Vandalise or delete important data • Disruption – Disable or prevent access to services • Infiltration – Hide out inside our machines • Hijacking – “Own” and use machines for nefarious purposes
  • 10. And why do they do it? Motivation Examples Knowledge driven • Recreational • Research Issue-based • Hacktivism • Patriotism Antisocial • Revenge • Vandalism Competitive • Theft of IP • Damage to competitors Criminal • Theft of assets • Extortion Strategic • Espionage • State-driven or sponsored
  • 11. And, how to they do it? • Targeting the user – Masquerading – “Phishing” – DNS Cache Poisoning • IP Address “spoofing” • Disruption – DoS attacks – DDoS attacks
  • 12. “Phishing” • “Fishing” for information such as usernames, passwords, credit card details, other personal information • Ex: Forged emails apparently from legitimate enterprises, direct users to forged websites.
  • 13. DNS Cache Poisoning The Internet www.apnic.netwww.apnic.net? www.apnic.net 199.43.0.44 DNS 175.98.98.133 203.119.102.244 199.43.0.44 ☹︎
  • 14. Securing websites – SSL certificates The Internet www.apnic.net www.apnic.net? 203.119.102.244 DNS 175.98.98.133 203.119.102.244 ☺︎ SSL
  • 15. Securing DNS – DNSSEC The Internet www.apnic.net www.apnic.net? DNS 175.98.98.133 203.119.102.244 ☺︎ 203.119.102.244 SEC
  • 16. Misusing IP Addresses… The Internet Global Routing Table 4.128/9 60.100/16 60.100.0/20 135.22/16 … Global Routing Table 4.128/9 60.100/16 60.100.0/20 135.22/16 199.43.0.0/24 … Announce 199.43.0.0/24 R 202.12.29.0/24 Traffic 199.43.0.0/24 ☹︎
  • 17. Misusing IP Addresses… The Internet Global Routing Table 4.128/9 60.100/16 60.100.0/20 135.22/16 … Global Routing Table 4.128/9 60.100/16 60.100.0/20 135.22/16 202.12.29.0/24 … Announce 202.12.29.0/24 R 202.12.29.0/24 RPKI ☺︎
  • 18. IP address spoofing InternetISP 203.119.102.244 175.98.98.133 Request Src: 175.98.98.133 Dst: 203.119.102.244 Response Src: 203.119.102.244 Dst: 175.98.98.133 ☺︎
  • 19. IP address spoofing InternetISP 203.119.102.244 175.98.98.133 Response Src: 203.119.102.244 Dst: 199.43.0.44 199.43.0.44 Request Src: 199.43.0.44 Dst: 203.119.102.244 ☹︎
  • 20. DoS attack: Amplification InternetISP 203.119.102.244 175.98.98.133 199.43.0.44 Request Src: 199.43.0.44 Dst: 203.119.102.244 ☹︎ Response Src: 203.119.102.244 Dst: 199.43.0.44 BIG PAYLOAD Request Src: 199.43.0.44 Dst: 203.119.102.244 Request Src: 199.43.0.44 Dst: 203.119.102.244 Request Src: 199.43.0.44 Dst: 203.119.102.244 Request Src: 199.43.0.44 Dst: 203.119.102.244 Response Src: 203.119.102.244 Dst: 199.43.0.44 BIG PAYLOAD Response Src: 203.119.102.244 Dst: 199.43.0.44 BIG PAYLOAD Response Src: 203.119.102.244 Dst: 199.43.0.44 BIG PAYLOAD Response Src: 203.119.102.244 Dst: 199.43.0.44 BIG PAYLOAD
  • 21. Defeating IP spoofing – BCP38 InternetISP 203.119.102.244 175.98.98.133 ☺︎ BCP38 (2000) Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing ISP Request Src: 199.43.0.44 Dst: 203.119.102.244
  • 22. DDoS attack: Distributed DoS InternetISP ☹︎ “Botnet”
  • 23. Network Security In A Nutshell • Ensuring Confidentiality's, Integrity, Availability • Building a risk management approach • Implemented through cybersecurity program C I A • Security as a process • Technology, people, and process
  • 24. The Bigger Picture Network & Information Security Cybersecurity
  • 28. Incident Response Security Incident • A computer security incident is a violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices • Examples: – An attacker commands a botnet to send high volumes of connection requests to a web server, causing it to crash – Users are tricked into opening a “quarterly report” sent via email that is actually malware; running the tool has infected their computers and established connections with an external host. – An attacker obtains sensitive data and threatens that the details will be released publicly if the organization does not pay a designated sum of money. (Source: NIST SP800-61Incident Handling Guide)
  • 29. 1. Preparation – Preparing to handle Incidents – Preventing Incidents 2. Detection and Analysis Source: http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf Stages of Incident Handling 3. Containment, Eradication & Recovery 4. Post Incident Activities
  • 31. Coordination Source: NIST Computer Security Incident Handling Guide
  • 33. Information Sharing • Trusted Group • Sharing of threat intelligence • Co-ordinated Response • Reach out to the community
  • 34. Why a Team? • Dedicated resources for Incident Management – Dedicated Service(s) – Human Resources – Specific Polices and SOPs – Expertise & Skillsets • Structured Incident Management / Handling Procedures • Integration with other activities Internal & External to the organization – SOC / IT – CERTs / ISACs etc
  • 36. Defining a CSIRT …is a team that performs, coordinates, and supports the response to security incidents that involve sites within a defined constituency • In ways which the specific community agrees to be in its general interest • Team = Organization that does Incident Response (IR) work! • Must react to reported security incidents or threat faced by the constituency
  • 37. Defining a CSIRT …is a team that performs, coordinates, and supports the response to security incidents that involve sites within a defined constituency • Mandate & Terms of Reference • Defined Structure • Operational Capacity
  • 39. Constituency • Who is the Team meant to serve? • Constituency help defines: – What is the purpose & nature of the CSIRT – Who is the CSIRT Serving – What types of security incidents the CSIRT handles – What are the relationship with other CSIRTs • Constituencies might overlap – Co-ordination is key – CSIRT of the “Last Resort”
  • 40. Different Types of CSIRTs • National CSIRTs • Coordination Centers • Analysis Centers • Enterprise CSIRTs • Vendor Teams • Incident Response Providers • Regional CERTs Source: US-CERT https://www.cert.org/incident-management/csirt-development/csirt-faq.cfm
  • 41. Policies & SOPs • Specific for Incident Response & Handling • Definition of Security Incidents and Related Terms • Define Scope, Roles & Responsibilities • Sharing of Information within the organization or with external parties • What to do in the event of a security incident – Specific SOP for dealing with different types of incidents – Forms, Templates, Required information – How to reach you outside office hours • Dealing with Crisis – Escalation (Internal & External) – Dealing with the Media /Press • Setting Realistic Expectations – Dealing with Service Providers
  • 42. Team Structure • Team Models – Central Incident Response Team – Distributed Incident Response Team – Co-ordination Team • Functions / Workflow – Incident Reporting • Report from internal or external – Incident Analysis • What is happening, Impact, Patterns – Incident Response • Containment, Eradication & Recovery • Post-Incident Activity / Recommendations • How many people do we need in a team?
  • 43. Services • Incident Handling & Response – Core activity • Advisory / Notification – Issue advisory relevant to constituency • Education and Awareness – Promoting best practices – Policies and SOPs – Cyber Security Exercises • Information Sharing – i.e. Global / Regional CSIRTs groups, ISACS • Other Services – Reactive – Proactive – Security Quality Management
  • 44. Types of Services Example * Enterprise CSIRT * Proactive Services Reactive Services Security Quality Management Services • Security Alerts • Security Reporting • Security Diagnosis • Monitoring of Websites • Vulnerability Handling • Incident Handling • Artifact Handling • Security Consultation • Security Education • Security Training • Evaluation of Technologies Source: NTT-CERT https://conference.apnic.net/data/39/150304_ntt-cert-activity_1425447986.pdf
  • 45. Tools & Facilities • Basically two categories of tools – Managing Incident Reports – Tools for analysis • Handling & Managing Incidents Reported – Able to collect & store incidents reported – Track status, produce reports – Function of system can be mapped to SOP – Encryption tools for secure communication • Security Incidents Monitoring & Analysis – Tools for processing or analyzing logs, binaries, network traffic – Forensics Tools – Tools for information sharing – Labs / Separate resources for analysis / testing – Tools in the Public domains (i.e. Passive DNS) • Office / Work facilities – Secure room, Office facilities, etc • Good Resource: FIRST Membership Site Visit: http://www.first.org/membership/site-visit-V1.0.pdf
  • 46. Building Relationships • Internal – Early buy-in from leadership and constituency – Costing • The cost tends to vary based on a lot of factors – Size of team – Services provided – Nature of Organisation • Start Small – Using open source tools – Scale up as capability and need grows • External – Becoming of a part of a trusted community • Attending Meetings / Conferences • Capacity Development (Training)
  • 48. Road Forward “Establishment of a National Computer Emergency Response Team (CERT) that is capable of dealing with relevant Cybersecurity threats for citizens, tourists, businesses and government in Vanuatu”
  • 49. Lets stay engaged! Klée Aiken External Relations Manager klee@apnic.net Adli Wahid Security Specialist FIRST Board Member adli@apnic.net Upcoming security engagements: • APCERT Conference | Tokyo, JP • 24 to 27 Oct 2016 • NGN Forum | Suva, FJ • 1 to 3 Nov 2016 • Technical Assistance | Suva & Nadi, FJ • 24 to 26 Nov 2016 • PacNOG 19 | Nadi, FJ • 28 Nov to 2 Dec