Back to All Events

OWASP Suffolk Chapter - Patching and Backing-up

The Talk:

Every day we hear more and more about computers being compromised by malicious actors or malware. Ransomware is on the rise, WordPress and other CMS sites are constantly being hit as this or that plug-in is exploited. What can we as individuals or small businesses do to protect our computers, web sites and data?

In this talk we will discuss patching and backing-up shown from both the perspective of the individual / small business owner and that of a malicious actor.

From the perspective of the individual or small business we will suggest best practices around patching and backing-up. Covering both open-source and commercial solutions we will show you ways to improve your security position by keeping your software fully patched employing techniques taken from OS hardening and the splitting of backing-up into data back-ups and system imaging.

From the perspective of the malicious actor we will show you how your computers can be scanned for weaknesses and then exploited with little effort using tools such as nmap, Nikto, WPscan, MetaSploit and SearchSploit covering the ExploitDB and the lifecycle of a CVE.

This talk will cover the following:

  • Patching and backing-up strategies for the individual and small business owner

  • Employing OS hardening techniques to reduce attack vectors and to speed-up backing-up

  • Open-source and Commerical backup solutions for Windows, Linux, Mac and popular website CMS such as WordPress, Drupal and Joomla!

  • Demonstration of how malicious actors can scan your computers for known vulnerabilities and easily exploit unpatched software that you are running

  • The lifecycle of a CVE

  • Limiting the risks of Ransomware

Agenda:

  • OWASP updates

  • Patching and Backing-up

  • Q&A

Disclaimer: As always our events are designed to educate. Any tools and techniques demonstrated are for informative purposes only. We do not endorse their use for malicious purposes.

Previous
Previous
21 June

OWASP Suffolk Chapter - June 2022 Fight Club

Next
Next
5 July

OWASP Suffolk Chapter - Using OWASP Nettacker for Recon and Vulnerability Scanning