Transcript: The security of software is threatened at various points throughout its life cycle, both by inadvertent and intentional choices and actions taken by “insiders”—individuals closely affiliated with the organization that is producing, deploying, operating, or maintaining the software, and thus trusted by that organization—and by “outsiders” who have no affiliation with the organization. The goal of software security engineering is to build better, defect-free software. Software-intensive systems that are constructed using more securely developed software are better able to continue operating correctly in the presence of most attacks by either resisting the exploitation of weaknesses in the software by attackers or tolerating the failures that result from such exploits The objective of secure software development is to design, implement, configure, and sustain software systems in which security is a necessary property from the beginning of the system’s life cycle to its end . Experience has taught that the most effective way to achieve secure software is for its development life cycle processes to rigorously conform to secure development, deployment, and sustainment principles and practices. Organizations that have adopted a secure software development life cycle (SDLC) process have found almost immediately upon doing so that they have begun finding many more and weaknesses in their software early enough in the SDLC that they are able to eradicate those problems at an acceptable cost. Moreover, as such secure practices become second nature over time, these same developers start to notice that they seldom introduce such vulnerabilities and weaknesses into their software in the first place. 1) Finding Vulnerabilities .. 6W4 .. REFERENCE that mean Resilient software is software that is resilient enough to: (1) either resist (i.e., protect itself against) or tolerate (i.e., continue operating dependably in spite of) most known attacks plus as many novel attacks as possible (2) recover as quickly as possible, and with as little damage as possible, from those attacks that it can neither resist nor tolerate. Trustworthiness it's when can I say the software is secure , secure software is software that is engineered “so that it continues to function correctly under malicious attack” and is able to recognize, resist, tolerate, and recover from events that intentionally threaten its dependability. Resilience Dependability The problem of non-secure software when we compared between the good goal and bad goal we find the goal is good if goals when are “SMART” that is Specific, Measurable, Attainable, Realistic, Traceable and Appropriate, and we find the goal is bad if the goals justify the means to obtain the goals Approaches To Application Security Software Engineering security (cc) photo by Franco Folini on Flickr 1)Software Security Engineering: A Guide for Project Manag Julia H. Allen,Sean Barnum,Robert J. Ellison 2)Introduction to Software Security. Karen Mercedes Goertzel, Updated 2009-01-09 https://buildsecurityin.us-cert.gov/bsi/547-BSI.html 3) http://www.slideshare.net/marco_morana/rochester-security-summit-presentation The software security threatened that mean Trustworthy software contains few if any weaknesses that can be intentionally exploited to subvert or sabotage the software’s dependability. In addition, to be considered trustworthy, the software must contain no malicious logic that causes it to behave in a malicious manner the development process by and large is not controlled to minimize the vulnerabilities that attackers exploit. vulnerable software can be invaded and modified to cause damage to previously healthy software, and infected software can replicate itself and be carried across networks to cause damage in other systems. these damaging processes may be invisible to the lay person even though experts recognize that their threat is growing. And as in cancer, both preventive actions and research are critical, the former to minimize damage today and the latter to establish a foundation of knowledge and capabilities that will assist the cyber security professionals of tomorrow reduce risk and minimize damage for the long term. 3 important properties to know software is secure or not 2) Manage Software Risks that mean Dependable software executes predictably and operates correctly under all conditions, including hostile conditions, including when the software comes under attack or runs on a malicious host The Goal of Software Security Engineering software security metrics goals (cc) photo by Metro Centric on Flickr The objective of secure software development Asma Alswayed Aljawharah alkhnini Bayan al rubaie Nora Alslamah defines secure software
Transcript: Presented by: Eran Nafusi Thank You! Development opertunities we expect 2 people to Join the team in 2017 POC's SandBlast for 365 Sandblast Agent Vsec -- > CloudGuard TEX SandBlast 365 SandBlast agent Vsec Scada Appliances MTP PTC Educational plans for 2017 Wins - Soda stream , PTC , Tehila , Teva , El-Al Lose - Varonis ,Solar edge , Gigya. Postponed - wiezmann , Payoneer , clalit Joined In 2016 Education Security Checkup 40 Appliances The SE team preformed 52 Checkup's in 2016 In 2016 we preformed : 6 - SWB - 90 people 21 - 700 Training - 273 3 - Partners training for Sandblast - 60 people Total of - 423 people Dozens of roand tables Lets have a great 2017 Camelbak Tours Emerging Products Security Engineering 2016 7 - SWB Training for R80 21 - SMB Training - 700 4 - Partners training for Sandblast portfolio 4 - Partners training for Vsec 30 Wins Emerging Products Education Where is My new SE ISRAMAN
Transcript: What is Impersonation? Target What makes this tool different Manipulation of targets Common Roles Warning Signs of an Attack Suggestions 80% attribute human error to the lack of security knowledge, a lack of training or a failure to follow security procedures Citations Violation of Security Summary of our Presentation Preventative Measures Skimmers Personal Thought Software Piracy Social Engineering(Security) Phishing Lawrence, Anne T. Weber, James. Business and Society. 14th ed. New York: McGraw-Hill, 1963. Print. "Leran How To Avoid Fraud and Stay Safe Online." Learn How To Avoid Fraud and Stay Safe Online. N.P.,2013. WEb. 20 Nov. 2013 <http://mysecurityawareness.com/>. "Phishing & Social Engineering." Phishing & Social Engineering. Stanford University, 17 Jan. 2011. Web. 20 Nov. 2013. <http://www.stanford.edu/grup/security/securecomputing/phishing.html> "RReal World Social Engineering Example: Phishing." The Official Social Engineering Framework-, N.p., 20 June 2011. Web. 20 Nov. 2013. <http://www.social-engineer.org/framework/Real_World_Social_Engineering_Examples:_Phishing>. Key Points Impersonation Phishing Cyber-Security and Threats Software Piracy Conclusion Software Piracy Raven Salazar Theresa Yeager Khaewta Santirulepong Kiana Vigil Introduction Impersonation What is phishing? Protection Types of phishing Examples UPS Call Spoofing Email 419 scam Digital Millennium Copyright -1998 3 Strike System- French Government U.S. Motion Pictures Zombie Virus Trojan Virus Hacktivist Business Response to Security Breaching Statistics Software Piracy- The illegal copying of copyrighted software Different areas of piracy: Computer based software Musical Recordings Video movie productions & lately electronic versions Raven Salazar Kristin Anderson
Transcript: Go on Exchange present your country abroad Work with different mentalities Diversity Explore different cultures Be a Member Develop your skills Have an impact Enrich your knowledge AIESEC Be a Leader Lead your team Achieve your vision Coach others Be a mentor EXPERIENCE YOUR AIESEC JOURNEY Gives you a great experience
Transcript: 14th Week Consulting interns can be expensive Time and Money Personal Experience Preliminary Design Stage NFPA 101 and NFPA 13 New and Existing Education, Business, and Mercantile Definition of Project This app would be used to provide interns and recent graduates with an outline of guidelines for how to design and review designs of specific occupancies. With the given time frame, I will be writing the information that will go into the app Begin parametric study: Speak with my mentor and Jason to understand more about what critical variables I could concentrate on for this app. Choose those parameters and begin my study Gather information from NFPA 101 and NFPA 13 for new and existing education, business, and mercantile occupancies. By: Breanne Thompson Next Steps (Continued) Finish preparing for Draft of Analysis Pull together and discuss results of project Draw my conclusions and state future work needed Turn in Final Paper! 10th and 11th Week Turn in my parametric study Begin draft of analysis Map out the process of the app for the key elements 15th Week References Next Steps 7th Week Prepare for Final Presentation Summarize my draft of analysis into presentation Work on how to incorporate a live demonstration for my presentation App Development Background Information 8th-9th Week Continuous Process Objective-C for Apple products Java for Android products 6 months of studying Places to Learn: Codecademy, iOS Dev Center, Android Developers Training Hire App Developer will cost thousands Prepare Final Paper Dive into Shark Tank! 1. http://lifehacker.com/5401954/programmer-101-teach-yourself-how-to-code 2. http://www.bluecloudsolutions.com/blog/cost-develop-app/ 6th Week Background Presentation 12th-13th Week
Transcript: Real action and accountability Amnesty International Non-state actors/ Rebel Groups?? ...and what about men?? ignoring male rape victims? would rape exist without a man? Weapons of War: Rape UN as an Arena - NGO's - Discussion and dialogue Arena Instrument Actor Critical Thinking Weapons of War: Rape UN as an instrument UNSC Resolution 1820 (2008) UN as an Actor - UN Action Against Sexual Violence in Conflict Weapons of War: Rape Problems with 1820 "Roles and Functions of International Organizations" "Sexual violence, when used as a tactic of war in order to deliberately target civilians or as a part of a widespread or systematic attack against civilian populations, can significantly exacerbate situations of armed conflict and may impede the restoration of international peace and security… effective steps to prevent and respond to such acts of sexual violence can significantly contribute to the maintenance of international peace and security" (UNSC Resolution 1820, p. 2)" http://www.stoprapenow.org/uploads/advocacyresources/1282164625.pdf Background Presentation- Kristin Mann Weapons of War: Rape Brief Insight - used to manipulate social control - destabilize communities - weaken ethnic groups and identities Examples: - Sudanese Militia - Rwanda Genocide - DRC Critical Thinking http://www.womenundersiegeproject.org/blog/entry/the-need-for-numbers-on-rape-in-warand-why-theyre-nearly-impossible-to-get Critical Thinking Increased Data Collection by international organizations - determine humanitarian responses - ensures justice and reparation - provides recognition and dignity
Transcript: Greece ΡRethymno, Crete 4 C I T I E S ? - Religion & Political Theory - Theories of Democracy - Social Theory: K. Marx - M. WeberΣοψι - Plato's Republic - State & Regulation - State & Public Policies - Urban & Regional Policies 6-month voluntary teaching of Greek language to migrant kids (primary school) Constantinos Kogiomtzis Background Presentation Magouliana, Arcadia Vienna ΑλεχανδροθπολισAlexandroupolis, Thrace Customs broker Political Science - Political Theory - Public Policy - Political Economy (Thesis: "Debate between structural and instrumental Marxism on the State: Miliband vs. Poulantzas") Transport company department of exports & customs clearance Thank you for your attention!!! Istanbul Istanbul - a city with rich heritage and diverse population - currently under rapid transformation - large-scale projects (gated communities, business centres, malls, touristic developments) # environmental threats, segregation, gentrification of inner-city - motivations/socioeconomic consequences of grassroots resistance movements to the new urban regime. Property transfer and displacement. Physical upgrading or improvement of the inhabitants' living conditions?
Description: If you work in education, make your next report visually interesting and easy to navigate. The line-drawn illustrations in this edu report presentation template encourage curiosity and discovery.
Description: Rise way above the stacks and stacks of two-dimensional paper resumes on the hiring manager’s desk with a Prezi resume template. Simply personalize this Prezi presentation template to create your very own “Prezume” and impress them with your dynamism, originality, and cool.
Description: When you need to clearly spell out your message, this creative Prezi template is the way to go. As with all Prezi education templates and Prezi nonprofit templates, this one is easy to customize to let you zoom in on your ideas or pull back to show the big picture.
Description: For grant requests, program proposals, or any other nonprofit or education presentation, this globe-themed creative Prezi template is the way to generate interest and momentum. Like all Prezi education templates and Prezi nonprofit templates, it’s easy to customize.
Now you can make any subject more engaging and memorable