前言PPT列表人的因素(Human Element):DevSecOps 和应用安全(DevSecOps & Application Security):密码学(Cryptography):数字身份(Identity):开源工具(Open Source Tools):创新沙盒(Sandbox):安全杂谈(Security Mashup):学习实验室(Learning Lab):产品安全性(Product Security):云安全和虚拟化(Cloud Security & Virtualization):安全策略与架构(Security Strategy & Architecture):分析、情报和响应(Analytics Intelligence & Response):应用加密和区块链(Applied Crypto & Blockchain):移动和物联网安全(Mobile & IoT Security):基础架构和安全运营(Technology Infrastructure & Operations):其它:
前言
RSAC大会全称为全球信息安全大会,是网络安全行业最有影响力的年度盛会,是整个行业的风向标,会议是在2月份疫情最紧张的时候举办的,所以大家关注比较少,技术趋势方面的详细解读可以参考DJ的《相信技术的力量 - RSAC 2020 (2)》,别的材料都不用看。下次的Asia Pacific & Japan将于7月15-17通过线上会议进行。
既然是风向标,去年是讨论云安全,今年的主题是人的因素,看到初创公司的热点集中在隐私保护、云上数据安全、零信任、提升安全团队效率。有热点必然有凉凉,基本上都认为安全编排、蜜罐、终端安全正走下坡路。结合Gartner的应用安全炒作周期曲线阅读效果更佳:
技术成熟度曲线
下文为大家带来了RSA2020大会全部的PPT供课后学习,那么学习的目的是什么呢?读者们要留意以色列和美国的老牌厂商和创业公司在用户安全,基础设施,各细分领域的创新趋势。
下载方式:关注本公众号后回复“RSAC”即可获取360云盘下载地址。
PPT列表
人的因素(Human Element):
2020_USA20_HUM-R02_01_Privacy By Design Lessons from Beyonce.pdf
2020_USA20_HUM-R07_01_How To Build Engaging Low Cost Awareness Videos.pdf
2020_USA20_HUM-T08_01_Leading Change Building a Security Culture of Protect Detect Respond.pdf
2020_USA20_HUM-W01_01_10 Things I Wish Every Developer Knew about Security.pdf
2020_USA20_HUM-W09_01_I Had My Mom Break into a Prison.Then We Had Pie.pdf
2020_USA20_HUM1-R09_01_Election INfo Ops Stories from the Social Media Frontlines.pdf
DevSecOps 和应用安全(DevSecOps & Application Security):
2020_USA20_DSO-R02_01_Case Files from 20 Years of Business Logic Flaws.pdf
2020_USA20_DSO-R07_01_How to Harness Dev and Their Native Tools to Accelerate DevSecOps.pdf
2020_USA20_DSO-R09_01_How to GRC Your DevOps.pdf
2020_USA20_DSO-T11_01_DevSecOps State of the Union.pdf
2020_USA20_DSO-T12_01_Which Developers and Teams Are More Likely to Write Vulnerable Software.pdf
2020_USA20_DSO-W01_01_Compromising Kubernetes Cluster by Exploiting RBAC Permissions.pdf
密码学(Cryptography):
2020_USA20_CRYP-F01_01_Consensus-from-Signatures-of-Work.pdf
2020_USA20_CRYP-F02_01_Cut-and-Choose-for-Garbled-RAM.pdf
2020_USA20_CRYP-F02_01_Minimal-Assumptions-for-Fiat-Shamir-type-Signatures-and-Advances-in-Garbled-RAM-Secure-Computation.pdf
2020_USA20_CRYP-F03_01_A-Non-Interactive-Shuffle-Argument-With-Low-Trust-Assumptions.pdf
2020_USA20_CRYP-F03_01_Universally-Composable-Accumulators.pdf
2020_USA20_CRYP-R01_01_Better-Bootstrapping-for-Approximate-Homomorphic-Encryption.pdf
2020_USA20_CRYP-R01_01_Faster-homomorphic-encryption-is-not-enough-improved-heuristic-for-multiplicative-depth-minimization-of-Boolean-circuits.pdf
2020_USA20_CRYP-R02_01_Efficient-FPGA-Implementations-of-LowMC-and-Picnic.pdf
2020_USA20_CRYP-R02_01_Improved-Secure-Integer-Comparison-via-Homomorphic-Encryption.pdf
2020_USA20_CRYP-R07_01_Post-Quantum-Provably-Secure-Authentication-and-MAC-from-Mersenne-Primes.pdf
2020_USA20_CRYP-R07_01_Traceable-Ring-Signatures-with-Post-quantum-Security.pdf
2020_USA20_CRYP-T08_01_Generic-Attack-on-Iterated-Tweakable-FX-Constructions.pdf
2020_USA20_CRYP-T08_01_Universal-Forgery-Attack-against-GCM-RUP.pdf
2020_USA20_CRYP-T10_01_Modeling-Memory-Faults-in-Signature-and-Authenticated-Encryption-Schemes.pdf
2020_USA20_CRYP-T10_01_My-Gadget-Just-Cares-For-Me-How-NINA-Can-Prove-Security-Against-Combined Attacks.pdf
2020_USA20_CRYP-W02_01_TMPS-Ticket-Mediated-Password-Strengthening.pdf
2020_USA20_CRYP-W11_01_Consensus-from-Signatures-of-Work.pdf
2020_USA20_CRYP-W11_01_SoK-A-Consensus-Taxonomy-in-the-Blockchain-Era.pdf
数字身份(Identity):
2020_USA20_IDY-F01_01_Crushing-Biases-Why-the-Digital-Identity-Industry-Needs-Diversity.pdf
2020_USA20_IDY-R01_01_Scaling-IAM-Rules-with-ML-Based-Risk-Analytics.pdf
2020_USA20_IDY-W11_01_Managing-Self-Sovereign-Identities-A-Relying-Party-Perspective.pdf
2020_USA20_IDY1-F03_01_How-Generational-Psychology-Impacts-Your-Security-Strategy.pdf
2020_USA20_IDY1-R07_01_Build-Your-Own-IDaaS-Lessons-from-Year-One.pdf
2020_USA20_IDY3-R07_01_The-Value-of-Human-Centered-Research-in-Identity-and-Access-Management.pdf
开源工具(Open Source Tools):
2020_USA20_OST-R02_01_Peel-Back-the-Layers-of-Your-Enterprise-and-Make-Your-Adversaries-Cry.pdf
2020_USA20_OST-T08_01_Open-Source-Promise-Perils-and-the-Path-Ahead.pdf
2020_USA20_OST-T11_01_Open-Source-Tooling-for-Threat-Analysis-and-Attack-Surface-Management.pdf
2020_USA20_OST-W02_01_Abaddon-the-Red-Team-Angel.pdf
创新沙盒(Sandbox):
2020_USA20_SBX1-R5_01_Beyond-the-Ballot-Box-Securing-Americas-Supporting-Election-Technology.pdf
2020_USA20_SBX1-R9_01_Aviation-Cybersecurity-Technology-and-Teamwork.pdf
2020_USA20_SBX1-W4_01_Product-Security-Meets-Human-Life-Inoculating-Medical-Devices.pdf
安全杂谈(Security Mashup):
2020_USA20_MASH-W09_01_Next-Steps-for-the-Cyber-Moonshot.pdf
2020_USA20_MASH1-F03_01_Youll-Be-Shocked-When-You-See-These-10-Tips-from-Former-Industry-Analysts.pdf
2020_USA20_MASH1-T08_01_Imagining-the-Future-of-Security.pdf
2020_USA20_MASH1-W11_01_No-CISSP-No-Problem-Growing-the-Cyber-Talent-Pool.pdf
2020_USA20_MASH2-F02_01_First-Do-No-Harm.pdf
2020_USA20_MASH2-F03_01_Psybersecurity-Mental-Health-Impact-of-Cyberattacks.pdf
学习实验室(Learning Lab):
2020_USA20_LAB1-R02_01_Preplanning-the-Data-Breach-Chess-Board-with-External-Vendors.pdf
2020_USA20_LAB1-R08_01_Only-After-Disaster-Can-We-Be-Resurrected-Field-Lessons-in-Cyber-Incidents.pdf
2020_USA20_LAB1-T11_01_Identity-War-Games-A-Learning-Lab-on-Account-Opening-Fraud.pdf
2020_USA20_LAB2-R08_01_Motivating-Human-Compliance-Mitigating-Passive-Insider-Threat.pdf
2020_USA20_LAB2-T11_01_How-to-Run-a-Cyber-Incident-Response-Exercise-Using-an-Open-Source-Scenario.pdf
2020_USA20_LAB2-W02_01_Put-the-Analysis-Back-in-Your-SOC.pdf
2020_USA20_LAB3-R02_01_Authentication-on-the-Move-Challenges-for-Mobile-Web-Applications.pdf
2020_USA20_LAB3-T11_01_DevSecOps-Workshop-with-GitHub-Actions-and-Azure.pdf
2020_USA20_LAB3-W02_01_Pentesting-ICS-102.pdf
2020_USA20_LAB4-R08_01_Privacy-Engineering-Demystified-You-Too-Can-Be-a-Privacy-Engineer.pdf
2020_USA20_LAB4-W02_01_Everyone-Can-Play-Building-Great-CTFs-for-Non-Security-Folks.pdf
产品安全性(Product Security):
2020_USA20_PS-F01_01_SDLC and 62443 Build it in dont bolt it on.pdf
2020_USA20_PS-F02_01_Integrating Our DevSecOps Product Pipeline with Software Security Standards.pdf
2020_USA20_PS-R01_01_Im Still Standing Says Each Cyber-Resilient Device.pdf
2020_USA20_PS-R07_01_Secure Your Code from Open Source Vulnerabilities.pdf
2020_USA20_PS-R09_01_Test and Learn Securing Connected Products and Services.pdf
2020_USA20_PS-T10_01_The Emerging Role of the CPSO.pdf
2020_USA20_PS-T12_01_Securing the Software Development Life Cycle with Machine Learning.pdf
2020_USA20_PS-W01_01_Safety Implications of Medical Device Cybersecurity.pdf
2020_USA20_PS-W02_01_8 Million Findings in One Year Fresh Look at the State of Software Security.pdf
2020_USA20_PS-W09_01_Humanizing Privacy with Power of User Experience (UX).pdf
2020_USA20_PS-W11_01_A Mapping of GDPR to Common Feature.pdf
云安全和虚拟化(Cloud Security & Virtualization):
2020_USA20_CSV-F02_01_Hacking Your Security Culture for the Cloud.pdf
2020_USA20_CSV-R02_01_Same Thing We Do Every Few Minutes Pinky Try to Take Over All Your Subdomains.pdf
2020_USA20_CSV-R07_01_Using Automation for Proactive Cloud Incident Response.pdf
2020_USA20_CSV-R09_01_Untangling SaaS Security in the Enterprise.pdf
2020_USA20_CSV-T08_01_Break the Top 10 Cloud Attack Killchains.pdf
2020_USA20_CSV-T10_01_Cloud Threat Hunting.pdf
2020_USA20_CSV-T11_01_Continuous Security and Governance in the Cloud Using a Graph-Based CMDB.pdf
2020_USA20_CSV-T12_01_Defending Serverless Infrastructure in the Cloud.pdf
2020_USA20_CSV-W02_01_Kubernetes Practical Attack and Defense.pdf
安全策略与架构(Security Strategy & Architecture):
2020_USA20_STR-F02_01_Capacity-Building-Guidance-for-Small-Organizations.pdf 2020_USA20_STR-T10_01_New-Paradigms-for-the-Next-Era-of-Security.pdf
分析、情报和响应(Analytics Intelligence & Response):
2020_USA20_AIR-T12_01_Enabling-and-Reducing-the-Barriers-for-Collective-Cyber-Defense.pdf
2020_USA20_AIR-W01_01_Intelligent-Threat-Intel-LEAD-Framework.pdf
应用加密和区块链(Applied Crypto & Blockchain):
2020_USA20_ACB-F01_01_the-modus-operandi-of-ev-certificates-fraudsters-findings-from-the-field.pdf
2020_USA20_ACB-F02_01_its-10pm-do-you-know-where-your-certificates-and-keys-are.pdf
2020_USA20_ACB-F03_01-scaling-key-management-thousands-of-clients-trillions-of-operations.pdf
2020_USA20_ACB-R01_01_you-me-and-fips-140-3-a-guide-to-the-new-standard-and-transition.pdf
2020_USA20_ACB-R02_01_blockchain-and-dlt-security-risks-threats-and-vulnerabilities.pdf
2020_USA20_ACB-T10_01_protect-privacy-in-a-data-driven-world-privacy-preserving-machine-learning.pdf
2020_USA20_ACB-T11_01_cryptographic-agility-anticipating-preparing-for-and-executing-change.pdf
2020_USA20_ACB-W01_01_entropy-as-a-service-a-framework-for-delivering-high-quality-entropy.pdf
2020_USA20_ACB-W02_01_understanding-and-explaining-post-quantum-crypto-with-cartoons.pdf
2020_USA20_ACB-W09_01_the-network-is-going-dark-why-decryption-matters-for-seops.pdf
2020_USA20_ACB-W11_01_implications-of-the-global-push-to-ban-end-to-end-encryption.pdf
移动和物联网安全(Mobile & IoT Security):
2020_USA20_MBS-R09_01_Challenges in Android Supply Chain Analysis.pdf
2020_USA20_MBS-W11_01_Demystifying 5G Security through Threat Modeling.pdf
2020_USA20_MBS1-F03_01_API Abuse Through Mobile Apps New Attacks New Defenses.pdf
2020_USA20_MBS2-W02_01_Building a Comprehensive IoT Security Testing Methodology.pdf
基础架构和安全运营(Technology Infrastructure & Operations):
2020_USA20_TECH-T10_01_5G-Trust-Model-Recommendations-and-Best-Practices-for-CSPs.pdf
其它:
2020_USA20_EZCL-R01_01_Maturing-Cyber-Risk-Management-Practices-Framework-and-Next-Steps.pdf
2020_USA20_EZCL-R07_01_The-Attribution-Game-When-Knowing-Your-Adversary-Matters.pdf
2020_USA20_PDAC-W09-01_Nanotechnology-Behavior-and-Supply-Chains-Managing-Risk-at-a-Platform-Level.pdf
本文分享自微信公众号 - 安全乐观主义(gh_d6239d0bb816)。
如有侵权,请联系 support@oschina.cn 删除。
本文参与“OSC源创计划”,欢迎正在阅读的你也加入,一起分享。
