# CyberSecurity Overview --- ## Agenda * Hackers Explained using Wizards * The OSI Model (The 7-layer bean dip of cybersecurity) * OWASP (a wasp that helps fight crime) * CVE (the government is useful for once) --- **White Hat** Lawful Good. Usually holds CEH. **Grey Hat** Chaotic Good. Does not use hacking powers for crime. **Black Hat** Chaotic Evil. Hacks for crime or destruction. **State Sponsored Hacker** Lawful Evil. Active soldier in ongoing cyberwar. Works for a government. **Advanced Persistent Threat** A team of black hat hackers or state sponsored hackers **Blue Team** Team employed in the defense of a system **Red Team** Team employed in the defense of a system by exposing it's vulnerabilities --- The [**Open Systems Interconnection Model**](https://hackmd.io/yzAoOpx4QPWq7ZDUAinoeg) describes applications from the perspective of the (blue, aka defensive) security team. --- [It is not how black hat hackers model your application.](https://threatmap.checkpoint.com/) Like any herd predator, they go after the easiest targets, the most exposed, the most defenseless. --- # [Let's look at the reality of the situation](https://www.kali.org/) --- ## [We're working together in what can only be described as a collaborative arms race](https://cve.mitre.org/index.html) --- ## It's going to be ok if we work together - [There is some effort to standardize](https://cwe.mitre.org/) - [There are community projects](https://owasp.org/www-project-top-ten/) - We still need you to help stand against the edge of the jungle and hold it back. --- ### What this does in a game theory sense is make clear to attackers what the most probable targets are. ### This makes it absolutely vital that you do not expose yourself to these weaknesses. ---  --- ### btw mobile devices aren't safer anymore - https://www.cvedetails.com/product/15556/Apple-Iphone-Os.html?vendor_id=49 - https://www.cvedetails.com/product/19997/Google-Android.html?vendor_id=1224