专栏首页安全乐观主义RSA2020全球信息安全大会PPT下载

RSA2020全球信息安全大会PPT下载

前言PPT列表人的因素(Human Element):DevSecOps 和应用安全(DevSecOps & Application Security):密码学(Cryptography):数字身份(Identity):开源工具(Open Source Tools):创新沙盒(Sandbox):安全杂谈(Security Mashup):学习实验室(Learning Lab):产品安全性(Product Security):云安全和虚拟化(Cloud Security & Virtualization):安全策略与架构(Security Strategy & Architecture):分析、情报和响应(Analytics Intelligence & Response):应用加密和区块链(Applied Crypto & Blockchain):移动和物联网安全(Mobile & IoT Security):基础架构和安全运营(Technology Infrastructure & Operations):其它:

前言

RSAC大会全称为全球信息安全大会,是网络安全行业最有影响力的年度盛会,是整个行业的风向标,会议是在2月份疫情最紧张的时候举办的,所以大家关注比较少,技术趋势方面的详细解读可以参考DJ的《相信技术的力量 - RSAC 2020 (2)》,别的材料都不用看。下次的Asia Pacific & Japan将于7月15-17通过线上会议进行。

既然是风向标,去年是讨论云安全,今年的主题是人的因素,看到初创公司的热点集中在隐私保护、云上数据安全、零信任、提升安全团队效率。有热点必然有凉凉,基本上都认为安全编排、蜜罐、终端安全正走下坡路。结合Gartner的应用安全炒作周期曲线阅读效果更佳:

技术成熟度曲线

下文为大家带来了RSA2020大会全部的PPT供课后学习,那么学习的目的是什么呢?读者们要留意以色列和美国的老牌厂商和创业公司在用户安全,基础设施,各细分领域的创新趋势。

下载方式:关注本公众号后回复“RSAC”即可获取360云盘下载地址。

PPT列表

人的因素(Human Element):

2020_USA20_HUM-R02_01_Privacy By Design Lessons from Beyonce.pdf

2020_USA20_HUM-R07_01_How To Build Engaging Low Cost Awareness Videos.pdf

2020_USA20_HUM-T08_01_Leading Change Building a Security Culture of Protect Detect Respond.pdf

2020_USA20_HUM-W01_01_10 Things I Wish Every Developer Knew about Security.pdf

2020_USA20_HUM-W09_01_I Had My Mom Break into a Prison.Then We Had Pie.pdf

2020_USA20_HUM1-R09_01_Election INfo Ops Stories from the Social Media Frontlines.pdf

DevSecOps 和应用安全(DevSecOps & Application Security):

2020_USA20_DSO-R02_01_Case Files from 20 Years of Business Logic Flaws.pdf

2020_USA20_DSO-R07_01_How to Harness Dev and Their Native Tools to Accelerate DevSecOps.pdf

2020_USA20_DSO-R09_01_How to GRC Your DevOps.pdf

2020_USA20_DSO-T11_01_DevSecOps State of the Union.pdf

2020_USA20_DSO-T12_01_Which Developers and Teams Are More Likely to Write Vulnerable Software.pdf

2020_USA20_DSO-W01_01_Compromising Kubernetes Cluster by Exploiting RBAC Permissions.pdf

密码学(Cryptography):

2020_USA20_CRYP-F01_01_Consensus-from-Signatures-of-Work.pdf

2020_USA20_CRYP-F02_01_Cut-and-Choose-for-Garbled-RAM.pdf

2020_USA20_CRYP-F02_01_Minimal-Assumptions-for-Fiat-Shamir-type-Signatures-and-Advances-in-Garbled-RAM-Secure-Computation.pdf

2020_USA20_CRYP-F03_01_A-Non-Interactive-Shuffle-Argument-With-Low-Trust-Assumptions.pdf

2020_USA20_CRYP-F03_01_Universally-Composable-Accumulators.pdf

2020_USA20_CRYP-R01_01_Better-Bootstrapping-for-Approximate-Homomorphic-Encryption.pdf

2020_USA20_CRYP-R01_01_Faster-homomorphic-encryption-is-not-enough-improved-heuristic-for-multiplicative-depth-minimization-of-Boolean-circuits.pdf

2020_USA20_CRYP-R02_01_Efficient-FPGA-Implementations-of-LowMC-and-Picnic.pdf

2020_USA20_CRYP-R02_01_Improved-Secure-Integer-Comparison-via-Homomorphic-Encryption.pdf

2020_USA20_CRYP-R07_01_Post-Quantum-Provably-Secure-Authentication-and-MAC-from-Mersenne-Primes.pdf

2020_USA20_CRYP-R07_01_Traceable-Ring-Signatures-with-Post-quantum-Security.pdf

2020_USA20_CRYP-T08_01_Generic-Attack-on-Iterated-Tweakable-FX-Constructions.pdf

2020_USA20_CRYP-T08_01_Universal-Forgery-Attack-against-GCM-RUP.pdf

2020_USA20_CRYP-T10_01_Modeling-Memory-Faults-in-Signature-and-Authenticated-Encryption-Schemes.pdf

2020_USA20_CRYP-T10_01_My-Gadget-Just-Cares-For-Me-How-NINA-Can-Prove-Security-Against-Combined Attacks.pdf

2020_USA20_CRYP-W02_01_TMPS-Ticket-Mediated-Password-Strengthening.pdf

2020_USA20_CRYP-W11_01_Consensus-from-Signatures-of-Work.pdf

2020_USA20_CRYP-W11_01_SoK-A-Consensus-Taxonomy-in-the-Blockchain-Era.pdf

数字身份(Identity):

2020_USA20_IDY-F01_01_Crushing-Biases-Why-the-Digital-Identity-Industry-Needs-Diversity.pdf

2020_USA20_IDY-R01_01_Scaling-IAM-Rules-with-ML-Based-Risk-Analytics.pdf

2020_USA20_IDY-W11_01_Managing-Self-Sovereign-Identities-A-Relying-Party-Perspective.pdf

2020_USA20_IDY1-F03_01_How-Generational-Psychology-Impacts-Your-Security-Strategy.pdf

2020_USA20_IDY1-R07_01_Build-Your-Own-IDaaS-Lessons-from-Year-One.pdf

2020_USA20_IDY3-R07_01_The-Value-of-Human-Centered-Research-in-Identity-and-Access-Management.pdf

开源工具(Open Source Tools):

2020_USA20_OST-R02_01_Peel-Back-the-Layers-of-Your-Enterprise-and-Make-Your-Adversaries-Cry.pdf

2020_USA20_OST-T08_01_Open-Source-Promise-Perils-and-the-Path-Ahead.pdf

2020_USA20_OST-T11_01_Open-Source-Tooling-for-Threat-Analysis-and-Attack-Surface-Management.pdf

2020_USA20_OST-W02_01_Abaddon-the-Red-Team-Angel.pdf

创新沙盒(Sandbox):

2020_USA20_SBX1-R5_01_Beyond-the-Ballot-Box-Securing-Americas-Supporting-Election-Technology.pdf

2020_USA20_SBX1-R9_01_Aviation-Cybersecurity-Technology-and-Teamwork.pdf

2020_USA20_SBX1-W4_01_Product-Security-Meets-Human-Life-Inoculating-Medical-Devices.pdf

安全杂谈(Security Mashup):

2020_USA20_MASH-W09_01_Next-Steps-for-the-Cyber-Moonshot.pdf

2020_USA20_MASH1-F03_01_Youll-Be-Shocked-When-You-See-These-10-Tips-from-Former-Industry-Analysts.pdf

2020_USA20_MASH1-T08_01_Imagining-the-Future-of-Security.pdf

2020_USA20_MASH1-W11_01_No-CISSP-No-Problem-Growing-the-Cyber-Talent-Pool.pdf

2020_USA20_MASH2-F02_01_First-Do-No-Harm.pdf

2020_USA20_MASH2-F03_01_Psybersecurity-Mental-Health-Impact-of-Cyberattacks.pdf

学习实验室(Learning Lab):

2020_USA20_LAB1-R02_01_Preplanning-the-Data-Breach-Chess-Board-with-External-Vendors.pdf

2020_USA20_LAB1-R08_01_Only-After-Disaster-Can-We-Be-Resurrected-Field-Lessons-in-Cyber-Incidents.pdf

2020_USA20_LAB1-T11_01_Identity-War-Games-A-Learning-Lab-on-Account-Opening-Fraud.pdf

2020_USA20_LAB2-R08_01_Motivating-Human-Compliance-Mitigating-Passive-Insider-Threat.pdf

2020_USA20_LAB2-T11_01_How-to-Run-a-Cyber-Incident-Response-Exercise-Using-an-Open-Source-Scenario.pdf

2020_USA20_LAB2-W02_01_Put-the-Analysis-Back-in-Your-SOC.pdf

2020_USA20_LAB3-R02_01_Authentication-on-the-Move-Challenges-for-Mobile-Web-Applications.pdf

2020_USA20_LAB3-T11_01_DevSecOps-Workshop-with-GitHub-Actions-and-Azure.pdf

2020_USA20_LAB3-W02_01_Pentesting-ICS-102.pdf

2020_USA20_LAB4-R08_01_Privacy-Engineering-Demystified-You-Too-Can-Be-a-Privacy-Engineer.pdf

2020_USA20_LAB4-W02_01_Everyone-Can-Play-Building-Great-CTFs-for-Non-Security-Folks.pdf

产品安全性(Product Security):

2020_USA20_PS-F01_01_SDLC and 62443 Build it in dont bolt it on.pdf

2020_USA20_PS-F02_01_Integrating Our DevSecOps Product Pipeline with Software Security Standards.pdf

2020_USA20_PS-R01_01_Im Still Standing Says Each Cyber-Resilient Device.pdf

2020_USA20_PS-R07_01_Secure Your Code from Open Source Vulnerabilities.pdf

2020_USA20_PS-R09_01_Test and Learn Securing Connected Products and Services.pdf

2020_USA20_PS-T10_01_The Emerging Role of the CPSO.pdf

2020_USA20_PS-T12_01_Securing the Software Development Life Cycle with Machine Learning.pdf

2020_USA20_PS-W01_01_Safety Implications of Medical Device Cybersecurity.pdf

2020_USA20_PS-W02_01_8 Million Findings in One Year Fresh Look at the State of Software Security.pdf

2020_USA20_PS-W09_01_Humanizing Privacy with Power of User Experience (UX).pdf

2020_USA20_PS-W11_01_A Mapping of GDPR to Common Feature.pdf

云安全和虚拟化(Cloud Security & Virtualization):

2020_USA20_CSV-F02_01_Hacking Your Security Culture for the Cloud.pdf

2020_USA20_CSV-R02_01_Same Thing We Do Every Few Minutes Pinky Try to Take Over All Your Subdomains.pdf

2020_USA20_CSV-R07_01_Using Automation for Proactive Cloud Incident Response.pdf

2020_USA20_CSV-R09_01_Untangling SaaS Security in the Enterprise.pdf

2020_USA20_CSV-T08_01_Break the Top 10 Cloud Attack Killchains.pdf

2020_USA20_CSV-T10_01_Cloud Threat Hunting.pdf

2020_USA20_CSV-T11_01_Continuous Security and Governance in the Cloud Using a Graph-Based CMDB.pdf

2020_USA20_CSV-T12_01_Defending Serverless Infrastructure in the Cloud.pdf

2020_USA20_CSV-W02_01_Kubernetes Practical Attack and Defense.pdf

安全策略与架构(Security Strategy & Architecture):

2020_USA20_STR-F02_01_Capacity-Building-Guidance-for-Small-Organizations.pdf 2020_USA20_STR-T10_01_New-Paradigms-for-the-Next-Era-of-Security.pdf

分析、情报和响应(Analytics Intelligence & Response):

2020_USA20_AIR-T12_01_Enabling-and-Reducing-the-Barriers-for-Collective-Cyber-Defense.pdf

2020_USA20_AIR-W01_01_Intelligent-Threat-Intel-LEAD-Framework.pdf

应用加密和区块链(Applied Crypto & Blockchain):

2020_USA20_ACB-F01_01_the-modus-operandi-of-ev-certificates-fraudsters-findings-from-the-field.pdf

2020_USA20_ACB-F02_01_its-10pm-do-you-know-where-your-certificates-and-keys-are.pdf

2020_USA20_ACB-F03_01-scaling-key-management-thousands-of-clients-trillions-of-operations.pdf

2020_USA20_ACB-R01_01_you-me-and-fips-140-3-a-guide-to-the-new-standard-and-transition.pdf

2020_USA20_ACB-R02_01_blockchain-and-dlt-security-risks-threats-and-vulnerabilities.pdf

2020_USA20_ACB-T10_01_protect-privacy-in-a-data-driven-world-privacy-preserving-machine-learning.pdf

2020_USA20_ACB-T11_01_cryptographic-agility-anticipating-preparing-for-and-executing-change.pdf

2020_USA20_ACB-W01_01_entropy-as-a-service-a-framework-for-delivering-high-quality-entropy.pdf

2020_USA20_ACB-W02_01_understanding-and-explaining-post-quantum-crypto-with-cartoons.pdf

2020_USA20_ACB-W09_01_the-network-is-going-dark-why-decryption-matters-for-seops.pdf

2020_USA20_ACB-W11_01_implications-of-the-global-push-to-ban-end-to-end-encryption.pdf

移动和物联网安全(Mobile & IoT Security):

2020_USA20_MBS-R09_01_Challenges in Android Supply Chain Analysis.pdf

2020_USA20_MBS-W11_01_Demystifying 5G Security through Threat Modeling.pdf

2020_USA20_MBS1-F03_01_API Abuse Through Mobile Apps New Attacks New Defenses.pdf

2020_USA20_MBS2-W02_01_Building a Comprehensive IoT Security Testing Methodology.pdf

基础架构和安全运营(Technology Infrastructure & Operations):

2020_USA20_TECH-T10_01_5G-Trust-Model-Recommendations-and-Best-Practices-for-CSPs.pdf

其它:

2020_USA20_EZCL-R01_01_Maturing-Cyber-Risk-Management-Practices-Framework-and-Next-Steps.pdf

2020_USA20_EZCL-R07_01_The-Attribution-Game-When-Knowing-Your-Adversary-Matters.pdf

2020_USA20_PDAC-W09-01_Nanotechnology-Behavior-and-Supply-Chains-Managing-Risk-at-a-Platform-Level.pdf

本文分享自微信公众号 - 安全乐观主义(gh_d6239d0bb816),作者:Ramos

原文出处及转载信息见文内详细说明,如有侵权,请联系 yunjia_community@tencent.com 删除。

原始发表时间:2020-05-02

本文参与腾讯云自媒体分享计划,欢迎正在阅读的你也加入,一起分享。

我来说两句

0 条评论
登录 后参与评论

相关文章

  • 基于元数据提取的渗透测试案例

    背景MITRE ATT&CK™测试过程元数据提取citrix通道写poc提交漏洞参考资料

    Ramos
  • Fastjson究竟犯了哪些错?

    安全行业的支柱fastjson究竟犯了哪些错?没有cve编号著作权法规问题漏洞奖励的难处开源项目的生意经结语

    Ramos
  • JNI技术绕过rasp防护实现jsp webshell

    想到rasp这类工具是基于java、php运行期的堆栈信息进行分析,可以尝试使用jni技术进行绕过。java技术栈中的jni的原理是使用java调用c、...

    Ramos
  • SGM-Nets:第一个将SGM与深度学习结合的网络

    本文将对2017年的CVPR会议文章《SGM-Nets: Semi-global matching with neural networks》进行简介,该论文作...

    OpenCV学堂
  • 【STM32H7教程】第29章 STM32H7的USART串口基础知识和HAL库API

    完整教程下载地址:http://forum.armfly.com/forum.php?mod=viewthread&tid=86980

    armfly
  • 【STM32H7教程】第65章 STM32H7的低功耗串口LPUART基础知识和HAL库API

    本章节为大家讲解LPUART(Low power universal asynchronous receiver transmitter,低功耗通用异步收发器)...

    armfly
  • hg 使用命令

    hg ci -m "close branch" -- close-branch //关闭某个分支

    solate
  • MySQL在Consul服务中的健康检查逻辑

    MySQL的Consul方向开始要大规模推广的时候,一直感觉健康检查的部分还是不够严谨,虽然感觉是,但是总体逻辑上看也没什么硬伤,就暂时搁置了下来,最近业务...

    jeanron100
  • canvas中普通动效与粒子动效的实现普通时钟粒子动效粒子时钟总结

    canvas用于在网页上绘制图像、动画,可以将其理解为画布,在这个画布上构建想要的效果。

    用户2356368
  • Excel实战技巧43: 将多个PDF文件中指定页面合并成一个PDF文件

    在《Python实战01:合并多个PDF文件》和《Python实战02:分别合并多个相似文件名的PDF文件》中,我们使用Python代码对PDF文件进行操作来合...

    fanjy

扫码关注云+社区

领取腾讯云代金券