1 of 16

Slide Notes

DownloadGo Live

Web Application Security

Published on Nov 18, 2015

@Excellium event

View Outline

MORE DECKS TO EXPLORE

To Be Curious

25879 views

7 Strategies to Write a Speech with Ease

84569 views

10 ways

45147 views

TXLA Wrap-up 2015

9447 views

What is Creativity

67816 views

What is Media Literacy Today?

25798 views

PRESENTATION OUTLINE

1.

WEB APPLICATION SECURITY

Photo by geezaweezer
2.

THREAT LANDSCAPE

Photo by keeva999
3.

Key figures

4.

By sector (%)

5.

Motivations

6.

CASE STUDY

Photo by vancouverfilmschool
7.

infected wordpress

Photo by bionicteaching
8.

context

  • anonymous report
  • anonymous report
  • 2500+ compromised websites
  • 1400+ backdoors
  • 40+ countries (including LU)
  • 40+ countries (including LU)
  • one month of cleaning activity
  • one month of cleaning activity
Photo by СмdяСояd
9.

CLEANUP PROCESS

10.

RECOMMENDATIONS

  • check your extensions and plugins
  • thoroughly protect the admin panel
  • do logging and do it right
  • backup, backup, backup
  • adopt securing coding pratices
11.

there are no small incidents

  • minor incidents can escalate fast
  • minor incidents can escalate fast
  • exploitation is still too easy
  • exploitation is still too easy (weakest link)
  • multicompromises are used and abused
  • multicompromises are used and abused
  • everything-to-everything connectivity
  • everything-to-everything connectivity
  • attacks don't stop at boarders/perimeters
  • attacks don't stop at boarders
Photo by JD Hancock
12.

don't suffer in silence

Photo by Tree Leaf Clover
13.

focus on
HUMAN
BEHAVIOUR

14.

focus on
ORGANISATIONAL ASPECTS

15.

focus on
INCIDENT MANAGMENT

16.

PASCAL STEICHEN

THANK YOU FOR YOUR ATTENTION

Pascal Steichen

https://lhc.lu/