SlideShare a Scribd company logo

How to Find Security Breaches Before They Sink You

Skyhigh Networks
Skyhigh Networks
Technology
1 of 13
Download to read offline
Brought to you by ! How to Find Security Breaches Before they Sink Your Business
Security breaches can put your company on the front page
That’s why you need to find them early To stop the breach and minimize exposure But how do you tell if it’s normal behavior or something to be worried about?
Breaches create outliers. In mathematical terms, they are several standard deviations outside of normal activity
You can think of them as being at the very edge of the bell curve Anomaly
Let’s take a look at some examples
104,338 tweets in 1 day from 1 IP address Bot exfiltrating data from bank… 140 characters at a time
An employee uploads Employee leaving organization 4.5 GB of files to Kanbox Risky Service : No compliance certifications Terms & Conditions: Collects and shares data with third parties Location: Hosted in China
Single authenticated user at retail company tries to connect to GoToMyPC… 11,101,872 times in a week. User device infected with malware !
Single IP address at energy company attempts to connect to Facebook, which was blocked... 3.8 million times. Malware attempting to connect to its command and control site
Manufacturing employee has 188 uploads totaling 48.7 GBs in 1 day to Ryu Share Data sent to a Drop Zone outside of company’s jurisdictional location.
Except as otherwise expressly permitted by these Terms, any Code submitted to SourceForge.net must be licensed to Slashdot Media and other licensees under a license that is: compliant with the Open Source Initiative (“OSI”)’s Open Source Definition (http://www.opensource.org/ docs/osd) or certified as an “OSI-Approved L i c e n s e ” ( h t t p : / / o p e n s o u r c e . o r g / licenses).” 65 KB upload to open source code repository Loss of Proprietary IP
The definitive guide to the top cloud services and usage trends Brought to you by ! DOWNLOAD NOW Cloud Adoption & Risk Report

Recommended

Jitter Bugslec
Jitter BugslecJitter Bugslec
Jitter Bugslecscottdp3
 
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Alisha Deboer
 
Open Source Insight: Apache Struts Exploits, Cloudera IPO Risks & the Next Cy...
Open Source Insight: Apache Struts Exploits, Cloudera IPO Risks & the Next Cy...Open Source Insight: Apache Struts Exploits, Cloudera IPO Risks & the Next Cy...
Open Source Insight: Apache Struts Exploits, Cloudera IPO Risks & the Next Cy...Black Duck by Synopsys
 
It’s time to boost VoIP network security
It’s time to boost VoIP network securityIt’s time to boost VoIP network security
It’s time to boost VoIP network securityBev Robb
 
Data breaches - Is Your Law Firm in Danger
Data breaches - Is Your Law Firm in DangerData breaches - Is Your Law Firm in Danger
Data breaches - Is Your Law Firm in DangerZitaAdlTrk
 
Mitigating Malware Presentation Jkd 11 10 08 Aitp
Mitigating Malware Presentation Jkd 11 10 08 AitpMitigating Malware Presentation Jkd 11 10 08 Aitp
Mitigating Malware Presentation Jkd 11 10 08 AitpJoann Davis
 
Data breach
Data breachData breach
Data breachBurhan Ahmed
 
Lessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackLessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackImperva
 

Recommended

Jitter Bugslec
Jitter BugslecJitter Bugslec
Jitter Bugslecscottdp3
 
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Alisha Deboer
 
Open Source Insight: Apache Struts Exploits, Cloudera IPO Risks & the Next Cy...
Open Source Insight: Apache Struts Exploits, Cloudera IPO Risks & the Next Cy...Open Source Insight: Apache Struts Exploits, Cloudera IPO Risks & the Next Cy...
Open Source Insight: Apache Struts Exploits, Cloudera IPO Risks & the Next Cy...Black Duck by Synopsys
 
It’s time to boost VoIP network security
It’s time to boost VoIP network securityIt’s time to boost VoIP network security
It’s time to boost VoIP network securityBev Robb
 
Data breaches - Is Your Law Firm in Danger
Data breaches - Is Your Law Firm in DangerData breaches - Is Your Law Firm in Danger
Data breaches - Is Your Law Firm in DangerZitaAdlTrk
 
Mitigating Malware Presentation Jkd 11 10 08 Aitp
Mitigating Malware Presentation Jkd 11 10 08 AitpMitigating Malware Presentation Jkd 11 10 08 Aitp
Mitigating Malware Presentation Jkd 11 10 08 AitpJoann Davis
 
Data breach
Data breachData breach
Data breachBurhan Ahmed
 
Lessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackLessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackImperva
 
Hacker Defense: How to Make Your Law Firm a Harder Target
Hacker Defense: How to Make Your Law Firm a Harder TargetHacker Defense: How to Make Your Law Firm a Harder Target
Hacker Defense: How to Make Your Law Firm a Harder TargetLexisNexis
 
Study of Directory Traversal Attack and Tools Used for Attack
Study of Directory Traversal Attack and Tools Used for AttackStudy of Directory Traversal Attack and Tools Used for Attack
Study of Directory Traversal Attack and Tools Used for Attackijtsrd
 
Analyst sample Presentation
Analyst sample PresentationAnalyst sample Presentation
Analyst sample PresentationRichard Smiraldi
 
Cyber threats sample
Cyber threats sampleCyber threats sample
Cyber threats sampleRichard Smiraldi
 
Cyber Threats Presentation Sample
Cyber Threats Presentation SampleCyber Threats Presentation Sample
Cyber Threats Presentation SampleRichard Smiraldi
 
A Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.comA Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.comBusiness.com
 
Vz scrubbed sample_2
Vz scrubbed sample_2Vz scrubbed sample_2
Vz scrubbed sample_2Richard Smiraldi
 
Lan & Wan
Lan & WanLan & Wan
Lan & WanLan & Wan Solutions
 
Insider theft detection
Insider theft detection Insider theft detection
Insider theft detection SumanthKommineni
 
2015 Labris SOC Annual Report
2015 Labris SOC Annual Report2015 Labris SOC Annual Report
2015 Labris SOC Annual ReportLabris Networks
 
Webinar mobile apps sec
Webinar mobile apps secWebinar mobile apps sec
Webinar mobile apps secIndra Zulkarnain
 
AI for CyberSecurity
AI for CyberSecurityAI for CyberSecurity
AI for CyberSecuritySatnam Singh
 
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron ShrabergCODE BLUE
 
[CB20] It is a World Wide Web, but All Politics is Local: Planning to Survive...
[CB20] It is a World Wide Web, but All Politics is Local: Planning to Survive...[CB20] It is a World Wide Web, but All Politics is Local: Planning to Survive...
[CB20] It is a World Wide Web, but All Politics is Local: Planning to Survive...CODE BLUE
 
Easy security presentation 1
Easy security presentation 1Easy security presentation 1
Easy security presentation 1Michael Buschmann
 
Forensic3e ppt ch07
Forensic3e ppt ch07Forensic3e ppt ch07
Forensic3e ppt ch07Skillspire LLC
 
InfoSec Deep Learning in Action
InfoSec Deep Learning in ActionInfoSec Deep Learning in Action
InfoSec Deep Learning in ActionSatnam Singh
 
UK Cyber Vulnerability Index 2013
UK Cyber Vulnerability Index 2013UK Cyber Vulnerability Index 2013
UK Cyber Vulnerability Index 2013Martin Jordan
 
[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...
[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...
[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...CODE BLUE
 
KPMG Publish and Be Damned Cyber Vulnerability Index 2012
KPMG Publish and Be Damned Cyber Vulnerability Index 2012KPMG Publish and Be Damned Cyber Vulnerability Index 2012
KPMG Publish and Be Damned Cyber Vulnerability Index 2012Charmaine Servado
 
The Dark Side of the Web
The Dark Side of the WebThe Dark Side of the Web
The Dark Side of the WebSkyhigh Networks
 
The Cloud Economy: 11 Essential Trends About How Companies Connect to Each Ot...
The Cloud Economy: 11 Essential Trends About How Companies Connect to Each Ot...The Cloud Economy: 11 Essential Trends About How Companies Connect to Each Ot...
The Cloud Economy: 11 Essential Trends About How Companies Connect to Each Ot...Skyhigh Networks
 

More Related Content

What's hot

Hacker Defense: How to Make Your Law Firm a Harder Target
Hacker Defense: How to Make Your Law Firm a Harder TargetHacker Defense: How to Make Your Law Firm a Harder Target
Hacker Defense: How to Make Your Law Firm a Harder TargetLexisNexis
 
Study of Directory Traversal Attack and Tools Used for Attack
Study of Directory Traversal Attack and Tools Used for AttackStudy of Directory Traversal Attack and Tools Used for Attack
Study of Directory Traversal Attack and Tools Used for Attackijtsrd
 
Analyst sample Presentation
Analyst sample PresentationAnalyst sample Presentation
Analyst sample PresentationRichard Smiraldi
 
Cyber Threats Presentation Sample
Cyber Threats Presentation SampleCyber Threats Presentation Sample
Cyber Threats Presentation SampleRichard Smiraldi
 
A Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.comA Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.comBusiness.com
 
2015 Labris SOC Annual Report
2015 Labris SOC Annual Report2015 Labris SOC Annual Report
2015 Labris SOC Annual ReportLabris Networks
 
AI for CyberSecurity
AI for CyberSecurityAI for CyberSecurity
AI for CyberSecuritySatnam Singh
 
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron ShrabergCODE BLUE
 
[CB20] It is a World Wide Web, but All Politics is Local: Planning to Survive...
[CB20] It is a World Wide Web, but All Politics is Local: Planning to Survive...[CB20] It is a World Wide Web, but All Politics is Local: Planning to Survive...
[CB20] It is a World Wide Web, but All Politics is Local: Planning to Survive...CODE BLUE
 
Easy security presentation 1
Easy security presentation 1Easy security presentation 1
Easy security presentation 1Michael Buschmann
 
InfoSec Deep Learning in Action
InfoSec Deep Learning in ActionInfoSec Deep Learning in Action
InfoSec Deep Learning in ActionSatnam Singh
 
UK Cyber Vulnerability Index 2013
UK Cyber Vulnerability Index 2013UK Cyber Vulnerability Index 2013
UK Cyber Vulnerability Index 2013Martin Jordan
 
[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...
[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...
[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...CODE BLUE
 
KPMG Publish and Be Damned Cyber Vulnerability Index 2012
KPMG Publish and Be Damned Cyber Vulnerability Index 2012KPMG Publish and Be Damned Cyber Vulnerability Index 2012
KPMG Publish and Be Damned Cyber Vulnerability Index 2012Charmaine Servado
 

What's hot (20)

Hacker Defense: How to Make Your Law Firm a Harder Target
Hacker Defense: How to Make Your Law Firm a Harder TargetHacker Defense: How to Make Your Law Firm a Harder Target
Hacker Defense: How to Make Your Law Firm a Harder Target
 
Study of Directory Traversal Attack and Tools Used for Attack
Study of Directory Traversal Attack and Tools Used for AttackStudy of Directory Traversal Attack and Tools Used for Attack
Study of Directory Traversal Attack and Tools Used for Attack
 
Analyst sample Presentation
Analyst sample PresentationAnalyst sample Presentation
Analyst sample Presentation
 
Cyber threats sample
Cyber threats sampleCyber threats sample
Cyber threats sample
 
Cyber Threats Presentation Sample
Cyber Threats Presentation SampleCyber Threats Presentation Sample
Cyber Threats Presentation Sample
 
A Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.comA Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.com
 
Vz scrubbed sample_2
Vz scrubbed sample_2Vz scrubbed sample_2
Vz scrubbed sample_2
 
Lan & Wan
Lan & WanLan & Wan
Lan & Wan
 
Insider theft detection
Insider theft detection Insider theft detection
Insider theft detection
 
2015 Labris SOC Annual Report
2015 Labris SOC Annual Report2015 Labris SOC Annual Report
2015 Labris SOC Annual Report
 
Webinar mobile apps sec
Webinar mobile apps secWebinar mobile apps sec
Webinar mobile apps sec
 
AI for CyberSecurity
AI for CyberSecurityAI for CyberSecurity
AI for CyberSecurity
 
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
 
[CB20] It is a World Wide Web, but All Politics is Local: Planning to Survive...
[CB20] It is a World Wide Web, but All Politics is Local: Planning to Survive...[CB20] It is a World Wide Web, but All Politics is Local: Planning to Survive...
[CB20] It is a World Wide Web, but All Politics is Local: Planning to Survive...
 
Easy security presentation 1
Easy security presentation 1Easy security presentation 1
Easy security presentation 1
 
Forensic3e ppt ch07
Forensic3e ppt ch07Forensic3e ppt ch07
Forensic3e ppt ch07
 
InfoSec Deep Learning in Action
InfoSec Deep Learning in ActionInfoSec Deep Learning in Action
InfoSec Deep Learning in Action
 
UK Cyber Vulnerability Index 2013
UK Cyber Vulnerability Index 2013UK Cyber Vulnerability Index 2013
UK Cyber Vulnerability Index 2013
 
[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...
[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...
[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...
 
KPMG Publish and Be Damned Cyber Vulnerability Index 2012
KPMG Publish and Be Damned Cyber Vulnerability Index 2012KPMG Publish and Be Damned Cyber Vulnerability Index 2012
KPMG Publish and Be Damned Cyber Vulnerability Index 2012
 

Viewers also liked

The Cloud Economy: 11 Essential Trends About How Companies Connect to Each Ot...
The Cloud Economy: 11 Essential Trends About How Companies Connect to Each Ot...The Cloud Economy: 11 Essential Trends About How Companies Connect to Each Ot...
The Cloud Economy: 11 Essential Trends About How Companies Connect to Each Ot...Skyhigh Networks
 
The Quiet Revolution: 12 Must-Know Statistics on Cloud Usage in the Enterprise
The Quiet Revolution: 12 Must-Know Statistics on Cloud Usage in the EnterpriseThe Quiet Revolution: 12 Must-Know Statistics on Cloud Usage in the Enterprise
The Quiet Revolution: 12 Must-Know Statistics on Cloud Usage in the EnterpriseSkyhigh Networks
 
The 80-20 Rule for Data in the Cloud
The 80-20 Rule for Data in the CloudThe 80-20 Rule for Data in the Cloud
The 80-20 Rule for Data in the CloudSkyhigh Networks
 
State of the Cloud in 2015
State of the Cloud in 2015State of the Cloud in 2015
State of the Cloud in 2015Skyhigh Networks
 
11 European Privacy Regulations That Could Cost You €1 Million in Fines
11 European Privacy Regulations That Could Cost You €1 Million in Fines 11 European Privacy Regulations That Could Cost You €1 Million in Fines
11 European Privacy Regulations That Could Cost You €1 Million in Fines Skyhigh Networks
 
2014: The Year of the Data Breach
2014: The Year of the Data Breach2014: The Year of the Data Breach
2014: The Year of the Data BreachSkyhigh Networks
 
The Cloud in 2015: Predictions from Greylock and Sequoia
The Cloud in 2015: Predictions from Greylock and SequoiaThe Cloud in 2015: Predictions from Greylock and Sequoia
The Cloud in 2015: Predictions from Greylock and SequoiaSkyhigh Networks
 
Internet of Things - October 2013 - Chandna
Internet of Things - October 2013 - ChandnaInternet of Things - October 2013 - Chandna
Internet of Things - October 2013 - ChandnaAsheem Chandna
 
Csa about-threats-june-2010-ibm
Csa about-threats-june-2010-ibmCsa about-threats-june-2010-ibm
Csa about-threats-june-2010-ibmSergio Loureiro
 
Internet of things - Frantic
Internet of things - FranticInternet of things - Frantic
Internet of things - FranticMiika Puputti
 
16 Inspirational Quotes From the Late, Great Steve Jobs
16 Inspirational Quotes From the Late, Great Steve Jobs16 Inspirational Quotes From the Late, Great Steve Jobs
16 Inspirational Quotes From the Late, Great Steve JobsHubSpot
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architectureVladimir Jirasek
 
Searching Encrypted Cloud Data: Academia and Industry Done Right
Searching Encrypted Cloud Data: Academia and Industry Done RightSearching Encrypted Cloud Data: Academia and Industry Done Right
Searching Encrypted Cloud Data: Academia and Industry Done RightSkyhigh Networks
 
Welcome to the world of hacking
Welcome to the world of hackingWelcome to the world of hacking
Welcome to the world of hackingTjylen Veselyj
 

Viewers also liked (16)

The Dark Side of the Web
The Dark Side of the WebThe Dark Side of the Web
The Dark Side of the Web
 
The Cloud Economy: 11 Essential Trends About How Companies Connect to Each Ot...
The Cloud Economy: 11 Essential Trends About How Companies Connect to Each Ot...The Cloud Economy: 11 Essential Trends About How Companies Connect to Each Ot...
The Cloud Economy: 11 Essential Trends About How Companies Connect to Each Ot...
 
The Quiet Revolution: 12 Must-Know Statistics on Cloud Usage in the Enterprise
The Quiet Revolution: 12 Must-Know Statistics on Cloud Usage in the EnterpriseThe Quiet Revolution: 12 Must-Know Statistics on Cloud Usage in the Enterprise
The Quiet Revolution: 12 Must-Know Statistics on Cloud Usage in the Enterprise
 
The 80-20 Rule for Data in the Cloud
The 80-20 Rule for Data in the CloudThe 80-20 Rule for Data in the Cloud
The 80-20 Rule for Data in the Cloud
 
State of the Cloud in 2015
State of the Cloud in 2015State of the Cloud in 2015
State of the Cloud in 2015
 
11 European Privacy Regulations That Could Cost You €1 Million in Fines
11 European Privacy Regulations That Could Cost You €1 Million in Fines 11 European Privacy Regulations That Could Cost You €1 Million in Fines
11 European Privacy Regulations That Could Cost You €1 Million in Fines
 
2014: The Year of the Data Breach
2014: The Year of the Data Breach2014: The Year of the Data Breach
2014: The Year of the Data Breach
 
The Cloud in 2015: Predictions from Greylock and Sequoia
The Cloud in 2015: Predictions from Greylock and SequoiaThe Cloud in 2015: Predictions from Greylock and Sequoia
The Cloud in 2015: Predictions from Greylock and Sequoia
 
Internet of Things - October 2013 - Chandna
Internet of Things - October 2013 - ChandnaInternet of Things - October 2013 - Chandna
Internet of Things - October 2013 - Chandna
 
Csa about-threats-june-2010-ibm
Csa about-threats-june-2010-ibmCsa about-threats-june-2010-ibm
Csa about-threats-june-2010-ibm
 
Cloud Security Alliance - Guidance
Cloud Security Alliance - GuidanceCloud Security Alliance - Guidance
Cloud Security Alliance - Guidance
 
Internet of things - Frantic
Internet of things - FranticInternet of things - Frantic
Internet of things - Frantic
 
16 Inspirational Quotes From the Late, Great Steve Jobs
16 Inspirational Quotes From the Late, Great Steve Jobs16 Inspirational Quotes From the Late, Great Steve Jobs
16 Inspirational Quotes From the Late, Great Steve Jobs
 
Cloud security and security architecture
Cloud security and security architectureCloud security and security architecture
Cloud security and security architecture
 
Searching Encrypted Cloud Data: Academia and Industry Done Right
Searching Encrypted Cloud Data: Academia and Industry Done RightSearching Encrypted Cloud Data: Academia and Industry Done Right
Searching Encrypted Cloud Data: Academia and Industry Done Right
 
Welcome to the world of hacking
Welcome to the world of hackingWelcome to the world of hacking
Welcome to the world of hacking
 

Similar to How to Find Security Breaches Before They Sink You

Stopping zero day threats
Stopping zero day threatsStopping zero day threats
Stopping zero day threatsZscaler
 
Open Source Insight: Happy Birthday Open Source and Application Security for ...
Open Source Insight: Happy Birthday Open Source and Application Security for ...Open Source Insight: Happy Birthday Open Source and Application Security for ...
Open Source Insight: Happy Birthday Open Source and Application Security for ...Black Duck by Synopsys
 
Hacking and Cyber Security.
Hacking and Cyber Security.Hacking and Cyber Security.
Hacking and Cyber Security.Kalpesh Doru
 
Module 20 (buffer overflows)
Module 20 (buffer overflows)Module 20 (buffer overflows)
Module 20 (buffer overflows)Wail Hassan
 
Open Source Insight: Security Breaches and Cryptocurrency Dominating News
Open Source Insight: Security Breaches and Cryptocurrency Dominating NewsOpen Source Insight: Security Breaches and Cryptocurrency Dominating News
Open Source Insight: Security Breaches and Cryptocurrency Dominating NewsBlack Duck by Synopsys
 
Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Securitybelsis
 
Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...
Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...
Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...Black Duck by Synopsys
 
Review of the Jamaican Cybercrime Act of 2010
Review of the Jamaican Cybercrime Act of 2010Review of the Jamaican Cybercrime Act of 2010
Review of the Jamaican Cybercrime Act of 2010Tyrone Grandison
 
Open Source Governance in Highly Regulated Companies
Open Source Governance in Highly Regulated CompaniesOpen Source Governance in Highly Regulated Companies
Open Source Governance in Highly Regulated Companiesiasaglobal
 
Based on the below and using the 12 categories of threats identify 3 .pdf
Based on the below and using the 12 categories of threats identify 3 .pdfBased on the below and using the 12 categories of threats identify 3 .pdf
Based on the below and using the 12 categories of threats identify 3 .pdfarri2009av
 
Fundamental of ethical hacking
Fundamental of ethical hackingFundamental of ethical hacking
Fundamental of ethical hackingWaseem Rauf
 
Cyber security awareness for end users
Cyber security awareness for end usersCyber security awareness for end users
Cyber security awareness for end usersNetWatcher
 
Are you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security ChecklistAre you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security ChecklistAPNIC
 
Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...Barry Greene
 
Computer_Hacking_for_Beginners_Kevin_James_complex.pdf
Computer_Hacking_for_Beginners_Kevin_James_complex.pdfComputer_Hacking_for_Beginners_Kevin_James_complex.pdf
Computer_Hacking_for_Beginners_Kevin_James_complex.pdfxererenhosdominaram
 
The Internet of Things: We've Got to Chat
The Internet of Things: We've Got to ChatThe Internet of Things: We've Got to Chat
The Internet of Things: We've Got to ChatDuo Security
 

Similar to How to Find Security Breaches Before They Sink You (20)

Stopping zero day threats
Stopping zero day threatsStopping zero day threats
Stopping zero day threats
 
Open Source Insight: Happy Birthday Open Source and Application Security for ...
Open Source Insight: Happy Birthday Open Source and Application Security for ...Open Source Insight: Happy Birthday Open Source and Application Security for ...
Open Source Insight: Happy Birthday Open Source and Application Security for ...
 
Hacking and Cyber Security.
Hacking and Cyber Security.Hacking and Cyber Security.
Hacking and Cyber Security.
 
Module 20 (buffer overflows)
Module 20 (buffer overflows)Module 20 (buffer overflows)
Module 20 (buffer overflows)
 
Open Source Insight: Security Breaches and Cryptocurrency Dominating News
Open Source Insight: Security Breaches and Cryptocurrency Dominating NewsOpen Source Insight: Security Breaches and Cryptocurrency Dominating News
Open Source Insight: Security Breaches and Cryptocurrency Dominating News
 
Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Security
 
Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...
Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...
Open Source Insight: AI for Open Source Management, IoT Time Bombs, Ready for...
 
Review of the Jamaican Cybercrime Act of 2010
Review of the Jamaican Cybercrime Act of 2010Review of the Jamaican Cybercrime Act of 2010
Review of the Jamaican Cybercrime Act of 2010
 
Ch01
Ch01Ch01
Ch01
 
Ch01
Ch01Ch01
Ch01
 
hacking
hackinghacking
hacking
 
Open Source Governance in Highly Regulated Companies
Open Source Governance in Highly Regulated CompaniesOpen Source Governance in Highly Regulated Companies
Open Source Governance in Highly Regulated Companies
 
Based on the below and using the 12 categories of threats identify 3 .pdf
Based on the below and using the 12 categories of threats identify 3 .pdfBased on the below and using the 12 categories of threats identify 3 .pdf
Based on the below and using the 12 categories of threats identify 3 .pdf
 
Fundamental of ethical hacking
Fundamental of ethical hackingFundamental of ethical hacking
Fundamental of ethical hacking
 
Cyber security awareness for end users
Cyber security awareness for end usersCyber security awareness for end users
Cyber security awareness for end users
 
Are you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security ChecklistAre you ready for the next attack? Reviewing the SP Security Checklist
Are you ready for the next attack? Reviewing the SP Security Checklist
 
Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...Are you ready for the next attack? reviewing the sp security checklist (apnic...
Are you ready for the next attack? reviewing the sp security checklist (apnic...
 
Computer_Hacking_for_Beginners_Kevin_James_complex.pdf
Computer_Hacking_for_Beginners_Kevin_James_complex.pdfComputer_Hacking_for_Beginners_Kevin_James_complex.pdf
Computer_Hacking_for_Beginners_Kevin_James_complex.pdf
 
Puna 2015
Puna 2015Puna 2015
Puna 2015
 
The Internet of Things: We've Got to Chat
The Internet of Things: We've Got to ChatThe Internet of Things: We've Got to Chat
The Internet of Things: We've Got to Chat
 

Recently uploaded

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 

Recently uploaded (20)

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 

How to Find Security Breaches Before They Sink You

  • 1. Brought to you by ! How to Find Security Breaches Before they Sink Your Business
  • 2. Security breaches can put your company on the front page
  • 3. That’s why you need to find them early To stop the breach and minimize exposure But how do you tell if it’s normal behavior or something to be worried about?
  • 4. Breaches create outliers. In mathematical terms, they are several standard deviations outside of normal activity
  • 5. You can think of them as being at the very edge of the bell curve Anomaly
  • 6. Let’s take a look at some examples
  • 7. 104,338 tweets in 1 day from 1 IP address Bot exfiltrating data from bank… 140 characters at a time
  • 8. An employee uploads Employee leaving organization 4.5 GB of files to Kanbox Risky Service : No compliance certifications Terms & Conditions: Collects and shares data with third parties Location: Hosted in China
  • 9. Single authenticated user at retail company tries to connect to GoToMyPC… 11,101,872 times in a week. User device infected with malware !
  • 10. Single IP address at energy company attempts to connect to Facebook, which was blocked... 3.8 million times. Malware attempting to connect to its command and control site
  • 11. Manufacturing employee has 188 uploads totaling 48.7 GBs in 1 day to Ryu Share Data sent to a Drop Zone outside of company’s jurisdictional location.
  • 12. Except as otherwise expressly permitted by these Terms, any Code submitted to SourceForge.net must be licensed to Slashdot Media and other licensees under a license that is: compliant with the Open Source Initiative (“OSI”)’s Open Source Definition (http://www.opensource.org/ docs/osd) or certified as an “OSI-Approved L i c e n s e ” ( h t t p : / / o p e n s o u r c e . o r g / licenses).” 65 KB upload to open source code repository Loss of Proprietary IP
  • 13. The definitive guide to the top cloud services and usage trends Brought to you by ! DOWNLOAD NOW Cloud Adoption & Risk Report