sec intro1
TRANSCRIPT
![Page 1: Sec intro1](https://reader030.vdocuments.site/reader030/viewer/2022021422/58ee7cd31a28abc0398b46df/html5/thumbnails/1.jpg)
Security intro.
Mahmoud El-NaggarSenior Information Security Engineer
![Page 2: Sec intro1](https://reader030.vdocuments.site/reader030/viewer/2022021422/58ee7cd31a28abc0398b46df/html5/thumbnails/2.jpg)
Agenda• Files Concept.
• Files Requirements.
• Now! Files = $$$
• Operation Triangle.
• Attacker vs Defender.
• Defense Tech. [Kill Chain].
• Security Layers Standard
![Page 3: Sec intro1](https://reader030.vdocuments.site/reader030/viewer/2022021422/58ee7cd31a28abc0398b46df/html5/thumbnails/3.jpg)
Data Files
• Don’t be confused and consider any type of data as a file.
• Originally any file type (.exe, .png, .c, … , etc.) was a text file and got some processing operation.
• ex, this presentation(txt pptx).
![Page 4: Sec intro1](https://reader030.vdocuments.site/reader030/viewer/2022021422/58ee7cd31a28abc0398b46df/html5/thumbnails/4.jpg)
Files Requirements• Files needs some HW to store,
process and operate.
• Files needs also some SW to manage, organize, edit, and present.
![Page 5: Sec intro1](https://reader030.vdocuments.site/reader030/viewer/2022021422/58ee7cd31a28abc0398b46df/html5/thumbnails/5.jpg)
Now! Files = $$$• Credit cards, Banking files,
Password files, Source codes, Military designs and plans, all and more must be secured.
• Security must be established on firm bases.
![Page 6: Sec intro1](https://reader030.vdocuments.site/reader030/viewer/2022021422/58ee7cd31a28abc0398b46df/html5/thumbnails/6.jpg)
Operation Triangle
• Security vs. functionality vs. Ease of use.
• Any system must has a value in the 3 variables.
• Optimize your needs, Think for security.
![Page 7: Sec intro1](https://reader030.vdocuments.site/reader030/viewer/2022021422/58ee7cd31a28abc0398b46df/html5/thumbnails/7.jpg)
Attacker vs. Defender
- Attacker acting with OR concept. - Defender must act with AND concept.
- Now, Attacks is targeted and advanced. - Defenders must think as Attackers
![Page 8: Sec intro1](https://reader030.vdocuments.site/reader030/viewer/2022021422/58ee7cd31a28abc0398b46df/html5/thumbnails/8.jpg)
“AND” & “OR” Meanings- The Attacker thinking as “OR” function, a “1/True” in the equation is
enough, as information he gathered about the target as the variety of attacking vector he can exploit.
- Variety of attacking vectors seems like Swiss knife in hand of the attacker which he can use any of it’s tools to successful the attack
- The Defender must think as “AND” function, which all variables must be “1/True”, only one “0/False” is enough to successes the attack.
- So, the Defender must raise all shields in front of the Attackers, and keep monitor the Attackers manipulation.
![Page 9: Sec intro1](https://reader030.vdocuments.site/reader030/viewer/2022021422/58ee7cd31a28abc0398b46df/html5/thumbnails/9.jpg)
Kill Chain
![Page 10: Sec intro1](https://reader030.vdocuments.site/reader030/viewer/2022021422/58ee7cd31a28abc0398b46df/html5/thumbnails/10.jpg)
• Kill Chain, is a known steps/chain that Advanced Threats may pass.
• Understanding this chain for each attack, will help to protect against the attack, and also in remediation.
• Some attacks pass all the chain, some pass only some steps, but the protection approach must have the ability to cut/kill the chain in any step.
• Protection approach also must have a clear strategy for detectpassed/ more advanced attacks ( failed to defend against), and give a detailed information about, which will help to take a fast- correct decision and defeat the advanced attacks with minimum impacts.
![Page 11: Sec intro1](https://reader030.vdocuments.site/reader030/viewer/2022021422/58ee7cd31a28abc0398b46df/html5/thumbnails/11.jpg)
![Page 12: Sec intro1](https://reader030.vdocuments.site/reader030/viewer/2022021422/58ee7cd31a28abc0398b46df/html5/thumbnails/12.jpg)
• Any critical Subjects, like Information Security, Military and Defense, Aviation, etc., is very wide and difficult to specialize in all it’s divisions.
• Easier, Divide this critical subject into main layers and each layer to main topics, then cover each topic with variety of technologies.
• Then, Well integrate between each part to make a full security solution in defense, detection, defeating, testing and monitoring.
![Page 13: Sec intro1](https://reader030.vdocuments.site/reader030/viewer/2022021422/58ee7cd31a28abc0398b46df/html5/thumbnails/13.jpg)