Transcript: The security of software is threatened at various points throughout its life cycle, both by inadvertent and intentional choices and actions taken by “insiders”—individuals closely affiliated with the organization that is producing, deploying, operating, or maintaining the software, and thus trusted by that organization—and by “outsiders” who have no affiliation with the organization. The goal of software security engineering is to build better, defect-free software. Software-intensive systems that are constructed using more securely developed software are better able to continue operating correctly in the presence of most attacks by either resisting the exploitation of weaknesses in the software by attackers or tolerating the failures that result from such exploits The objective of secure software development is to design, implement, configure, and sustain software systems in which security is a necessary property from the beginning of the system’s life cycle to its end . Experience has taught that the most effective way to achieve secure software is for its development life cycle processes to rigorously conform to secure development, deployment, and sustainment principles and practices. Organizations that have adopted a secure software development life cycle (SDLC) process have found almost immediately upon doing so that they have begun finding many more and weaknesses in their software early enough in the SDLC that they are able to eradicate those problems at an acceptable cost. Moreover, as such secure practices become second nature over time, these same developers start to notice that they seldom introduce such vulnerabilities and weaknesses into their software in the first place. 1) Finding Vulnerabilities .. 6W4 .. REFERENCE that mean Resilient software is software that is resilient enough to: (1) either resist (i.e., protect itself against) or tolerate (i.e., continue operating dependably in spite of) most known attacks plus as many novel attacks as possible (2) recover as quickly as possible, and with as little damage as possible, from those attacks that it can neither resist nor tolerate. Trustworthiness it's when can I say the software is secure , secure software is software that is engineered “so that it continues to function correctly under malicious attack” and is able to recognize, resist, tolerate, and recover from events that intentionally threaten its dependability. Resilience Dependability The problem of non-secure software when we compared between the good goal and bad goal we find the goal is good if goals when are “SMART” that is Specific, Measurable, Attainable, Realistic, Traceable and Appropriate, and we find the goal is bad if the goals justify the means to obtain the goals Approaches To Application Security Software Engineering security (cc) photo by Franco Folini on Flickr 1)Software Security Engineering: A Guide for Project Manag Julia H. Allen,Sean Barnum,Robert J. Ellison 2)Introduction to Software Security. Karen Mercedes Goertzel, Updated 2009-01-09 https://buildsecurityin.us-cert.gov/bsi/547-BSI.html 3) http://www.slideshare.net/marco_morana/rochester-security-summit-presentation The software security threatened that mean Trustworthy software contains few if any weaknesses that can be intentionally exploited to subvert or sabotage the software’s dependability. In addition, to be considered trustworthy, the software must contain no malicious logic that causes it to behave in a malicious manner the development process by and large is not controlled to minimize the vulnerabilities that attackers exploit. vulnerable software can be invaded and modified to cause damage to previously healthy software, and infected software can replicate itself and be carried across networks to cause damage in other systems. these damaging processes may be invisible to the lay person even though experts recognize that their threat is growing. And as in cancer, both preventive actions and research are critical, the former to minimize damage today and the latter to establish a foundation of knowledge and capabilities that will assist the cyber security professionals of tomorrow reduce risk and minimize damage for the long term. 3 important properties to know software is secure or not 2) Manage Software Risks that mean Dependable software executes predictably and operates correctly under all conditions, including hostile conditions, including when the software comes under attack or runs on a malicious host The Goal of Software Security Engineering software security metrics goals (cc) photo by Metro Centric on Flickr The objective of secure software development Asma Alswayed Aljawharah alkhnini Bayan al rubaie Nora Alslamah defines secure software
Transcript: Presented by: Eran Nafusi Thank You! Development opertunities we expect 2 people to Join the team in 2017 POC's SandBlast for 365 Sandblast Agent Vsec -- > CloudGuard TEX SandBlast 365 SandBlast agent Vsec Scada Appliances MTP PTC Educational plans for 2017 Wins - Soda stream , PTC , Tehila , Teva , El-Al Lose - Varonis ,Solar edge , Gigya. Postponed - wiezmann , Payoneer , clalit Joined In 2016 Education Security Checkup 40 Appliances The SE team preformed 52 Checkup's in 2016 In 2016 we preformed : 6 - SWB - 90 people 21 - 700 Training - 273 3 - Partners training for Sandblast - 60 people Total of - 423 people Dozens of roand tables Lets have a great 2017 Camelbak Tours Emerging Products Security Engineering 2016 7 - SWB Training for R80 21 - SMB Training - 700 4 - Partners training for Sandblast portfolio 4 - Partners training for Vsec 30 Wins Emerging Products Education Where is My new SE ISRAMAN
Transcript: What is Impersonation? Target What makes this tool different Manipulation of targets Common Roles Warning Signs of an Attack Suggestions 80% attribute human error to the lack of security knowledge, a lack of training or a failure to follow security procedures Citations Violation of Security Summary of our Presentation Preventative Measures Skimmers Personal Thought Software Piracy Social Engineering(Security) Phishing Lawrence, Anne T. Weber, James. Business and Society. 14th ed. New York: McGraw-Hill, 1963. Print. "Leran How To Avoid Fraud and Stay Safe Online." Learn How To Avoid Fraud and Stay Safe Online. N.P.,2013. WEb. 20 Nov. 2013 <http://mysecurityawareness.com/>. "Phishing & Social Engineering." Phishing & Social Engineering. Stanford University, 17 Jan. 2011. Web. 20 Nov. 2013. <http://www.stanford.edu/grup/security/securecomputing/phishing.html> "RReal World Social Engineering Example: Phishing." The Official Social Engineering Framework-, N.p., 20 June 2011. Web. 20 Nov. 2013. <http://www.social-engineer.org/framework/Real_World_Social_Engineering_Examples:_Phishing>. Key Points Impersonation Phishing Cyber-Security and Threats Software Piracy Conclusion Software Piracy Raven Salazar Theresa Yeager Khaewta Santirulepong Kiana Vigil Introduction Impersonation What is phishing? Protection Types of phishing Examples UPS Call Spoofing Email 419 scam Digital Millennium Copyright -1998 3 Strike System- French Government U.S. Motion Pictures Zombie Virus Trojan Virus Hacktivist Business Response to Security Breaching Statistics Software Piracy- The illegal copying of copyrighted software Different areas of piracy: Computer based software Musical Recordings Video movie productions & lately electronic versions Raven Salazar Kristin Anderson
Transcript: Go on Exchange present your country abroad Work with different mentalities Diversity Explore different cultures Be a Member Develop your skills Have an impact Enrich your knowledge AIESEC Be a Leader Lead your team Achieve your vision Coach others Be a mentor EXPERIENCE YOUR AIESEC JOURNEY Gives you a great experience
Transcript: 14th Week Consulting interns can be expensive Time and Money Personal Experience Preliminary Design Stage NFPA 101 and NFPA 13 New and Existing Education, Business, and Mercantile Definition of Project This app would be used to provide interns and recent graduates with an outline of guidelines for how to design and review designs of specific occupancies. With the given time frame, I will be writing the information that will go into the app Begin parametric study: Speak with my mentor and Jason to understand more about what critical variables I could concentrate on for this app. Choose those parameters and begin my study Gather information from NFPA 101 and NFPA 13 for new and existing education, business, and mercantile occupancies. By: Breanne Thompson Next Steps (Continued) Finish preparing for Draft of Analysis Pull together and discuss results of project Draw my conclusions and state future work needed Turn in Final Paper! 10th and 11th Week Turn in my parametric study Begin draft of analysis Map out the process of the app for the key elements 15th Week References Next Steps 7th Week Prepare for Final Presentation Summarize my draft of analysis into presentation Work on how to incorporate a live demonstration for my presentation App Development Background Information 8th-9th Week Continuous Process Objective-C for Apple products Java for Android products 6 months of studying Places to Learn: Codecademy, iOS Dev Center, Android Developers Training Hire App Developer will cost thousands Prepare Final Paper Dive into Shark Tank! 1. http://lifehacker.com/5401954/programmer-101-teach-yourself-how-to-code 2. http://www.bluecloudsolutions.com/blog/cost-develop-app/ 6th Week Background Presentation 12th-13th Week
Transcript: Real action and accountability Amnesty International Non-state actors/ Rebel Groups?? ...and what about men?? ignoring male rape victims? would rape exist without a man? Weapons of War: Rape UN as an Arena - NGO's - Discussion and dialogue Arena Instrument Actor Critical Thinking Weapons of War: Rape UN as an instrument UNSC Resolution 1820 (2008) UN as an Actor - UN Action Against Sexual Violence in Conflict Weapons of War: Rape Problems with 1820 "Roles and Functions of International Organizations" "Sexual violence, when used as a tactic of war in order to deliberately target civilians or as a part of a widespread or systematic attack against civilian populations, can significantly exacerbate situations of armed conflict and may impede the restoration of international peace and security… effective steps to prevent and respond to such acts of sexual violence can significantly contribute to the maintenance of international peace and security" (UNSC Resolution 1820, p. 2)" http://www.stoprapenow.org/uploads/advocacyresources/1282164625.pdf Background Presentation- Kristin Mann Weapons of War: Rape Brief Insight - used to manipulate social control - destabilize communities - weaken ethnic groups and identities Examples: - Sudanese Militia - Rwanda Genocide - DRC Critical Thinking http://www.womenundersiegeproject.org/blog/entry/the-need-for-numbers-on-rape-in-warand-why-theyre-nearly-impossible-to-get Critical Thinking Increased Data Collection by international organizations - determine humanitarian responses - ensures justice and reparation - provides recognition and dignity
Transcript: Death rate 2012: 12.84 deaths/1,000 population (World ranking: 22) Infant (Child Mortality) Total: 79.02 deaths/1,000 live births (world ranking: 10) HIV/AIDS (2) Appropriate Technology Landlocked country Great African Rift Valley system: East – Lake Malawi South – mountains, tropical palm-lined beaches Mainly a large plateau, with some hills Lake Malawi (Lake Nyasa) Almost 1 million people have AIDS 60% of these are female Declining in urban areas, Rising in rural areas Leading cause of death amongst adults Contributes to the low life expectancy: 54.2 years 209th ranking (One of the lowest) 500,000 children have been orphaned due to AIDs Micro-finance Policy Framework and Strategies (Health SWAp) increasing the availability and accessibility of antenatal services; utilization of skilled health personnel during pregnancy, childbirth and postnatal period at all levels of the health system; strengthening the capacity of individuals and institutions to improve maternal and neonatal health; increasing the number of skilled health personnel; constructing and upgrading health facilities to offer essential health services particularly focusing on rural and underserved areas; and provision of ARVs and micronutrients during pregnancy. Geography of Malawi CCST 9004 Appropriate Technology for the Developing World Indicator 3: Literacy Rate of 15 – 24 year-olds According to the World Bank, microfinance is defined as: Microfinance is the provision of financial services to the entrepreneurial poor.This definition has two important features:it emphasizes a range of financial services—not just credit— and it emphasizes the entrepreneurial poor. Goal 2: Achieve Universal Primary Education Appropriate Technology: SIRDAMAIZE 113 Population: 16,777,547 (estimated in July 2013) Population growth rate: 2.758% (2012 est.) (World ranking: 18) Age structure Children: 50% of total population HIV/AIDS Human Resources Education Poverty Food Insecurity Erratic Rainfall Patterns/Droughts Corruption Lack of Foreign Investment Languages Indicator 5: Proportion of seats held by women in National Parliaments Central Region: 1-9 (Yellow) *Capital: Lilongwe Northern Region: 10-15 (Red) Southern Region: 16-27 (Green) Lake Malawi (Blue) Land surface area 45,747 square miles Challenges: · shortage of qualified primary school teachers; · inadequate physical infrastructure; · poor retention of girls mainly from standard five to eight; · high disease burden due to HIV and AIDS consequently leadinto absenteeism, especially among girls who take care of the sick · Poverty levels are high in rural areas. Malawi – Climate/Agriculture Trading partners: South Africa, Zambia, China, US Challenges: · shortage of qualified primary school teachers; · inadequate physical infrastructure; · poor retention of girls mainly from standard five to eight; · high disease burden due to HIV and AIDS consequently leading to absenteeism especially among girls who take care of the sick; and · poor participation of school committees and their communities in school management. · Poverty levels are high in rural areas. 1 Doctor per 50,000 people Hinders the ability to deliver medical services to people in need Reason: Emigration Lack of access to education Aggravated by AIDS > 4 nurses are lost each month This also affects other sectors: Government Business Farmers Human Resources HIV/AIDS - Contemporary GDP: US $14.58 billion (2012 est.) (World ranking: 142) Labor force: agriculture: 90%; industry and services: 10% (2003 est.) Countries main income Agriculture Main crops: maize, tobacco, tea, sugar cane, groundnuts, cotton, wheat, coffee, and rice Industry: tobacco, tea, sugar, sawmill products, cement, consumer goods Challenges: limited capacity in terms of human and material resources to facilitate adult literacy and continuing education; early marriages perpetuated by socioeconomic factors; socio–cultural factors that make people believe that men should be leaders while women are followers; and, poor learning environment which affects girls in primary and secondary schools e.g. sanitary facilities, long distances to education facilities, extra burden from domestic chores especially for adolescent girls resulting into high dropout rate. 1964: Independent from Britain Indicator 1: Maternal Mortality Ratio Malawi Demographics Problems - Outline Indicator 4: Share of Women in Wage Employment in the Non- Agriculture Sector measure of employment opportunities ( i.e equal proportions of men and women in formal employment) Yet, more women participate in the agriculture sector than in the formal wage employment especially in jobs that require professional qualifications. Due to: literacy levels, gender disparity and cultural values. Facts About the Product: Drought tolerant maize variant Able to mature under limited rainfall Suitable for marginal rainfall areas 136 days to mature Normally: 150 – 180 days Able to mature under limited rainfall Suitable for marginal rainfall areas
Transcript: DPIM mutations' background the lab's mutational strategy data from literature alpha fold predictions What is Y2H? Yeast two-hybrid screening system is a molecular biology technique used to discover and analyze protein-protein interactions and protein-DNA interactions by testing for physical interactions (ex.: binding) between two proteins or between a protein and a DNA molecule, respectively. The mutations (Pol32 permutations for Y2H assays X Pol1) we are interested in are as following: Pol32:AlphaFold predictions: predicted aligned error plot DPIM area: DED GY: confidence level of the residues according to AlphaFold: D -> A CONFIDENT E -> A CONFIDENT D -> A VERY HIGH G -> A CONFIDENT Y -> A CONFIDENT
Description: Impactful presentations need stunning visuals and a meaningful metaphor to show high-level concepts and the smaller details. This customizable presentation template uses a classic world map visual to help you navigate complex information while staying grounded in your presentation’s core message.
Description: Rise way above the stacks and stacks of two-dimensional paper resumes on the hiring manager’s desk with a Prezi resume template. Simply personalize this Prezi presentation template to create your very own “Prezume” and impress them with your dynamism, originality, and cool.
Description: Stand far above the stacks and stacks of flat, boring resumes on any hiring manager’s desk with a Prezi resume template. Just customize this Prezi presentation template to create your very own “Prezume” and impress them with your dynamism, coolness, and originality.
Description: A well-organized lesson plan is the difference between getting things done and things getting out of hand. This vibrant, customizable, easy-to-use Prezi presentation template features a sticky note theme, so you'll be able to keep track of topics, assignments, exams, and more without missing a beat.
Now you can make any subject more engaging and memorable