> Join up in a tour of various scenarios identifying the basic concepts about Application Security, learning about some of the most recent vulnerabilities and data breaches, as well as examples of how easy it can be to hack you. **Application Security** not only consists in the use of software, hardware, and procedural methods to protect applications from external threats, it **is more than technology**, is a path not a destination, it is about risk management and implementing effective countermeasures to identify potential threats and understand that each threat presents a degree of risk. Once an afterthought in software design, security **is becoming an increasingly important concern** during development as applications become more frequently accessible over networks and are, as a result, vulnerable to a wide variety of threats. Security measures built into applications and a sound application security routine minimize the likelihood that unauthorized code will be able to manipulate applications to access, steal, modify, or delete sensitive data. * * * ### CONTENTS 1. APP SECURITY FOUNDATIONS • _Are we secure, or not?_ This is a common misconception and it depends on the threat • _Brief history of App Security._ Some of the highlights and reactions dating back to the late ‘80s; how attackers have evolved from individuals to organized groups of cyber criminals; attackers improve their tactics and new vulnerability disclosures continue to trend upward; mobile applications vulnerabilities or automotive Cyber threats are exploited nowadays • _The life of a Cyberthreat._ Ever wonder how cyberattacks and malware are created, and how they get into your system to steal your data? • _Cybersec awareness: Malware._ What is the difference between virus, worm, trojan horse, ... malware programs? • _Hacker and Cracker differences._ Why do those dedicated bother them so much when the terms are confused? 2. SECURING APPLICATIONS • _How it works: Cybersecurity, Cloud and Mobile Security._ Having the proper response plan in place in case of a security breach can stop it from becoming a major disaster; Data is shifting rapidly to the cloud and hackers are constantly looking to breach these valuable data sources; as mobile technology becomes more advanced, so do the security attacks of those who want to exploit mobile technology, creating a multitude of troubling scenarios • _Build a Secure application._ Identify layers in which to apply security to design and build secure applications • _Security main elements._ Security relies on Authentication, Authorization, Auditing elements; Security also relies on the Confidentiality, Integrity, Availability elements described below • _Core Security principles._ Recommendations applied regardless of implementation technology or app scenario 3. HACKING SCENARIOS • _How Social Engineering hack you._ Simple Social Engineering trick with a phone call and crying baby • _Should we fear hijacking?_ Hackers remotely (and easily) kill a Jeep on a highway 4. REFERENCES
> Join up in a tour of various scenarios identifying the basic concepts about Application Security, learning about some of the most recent vulnerabilities and data breaches, as well as examples of how easy it can be to hack you. **Application Security** not only consists in the use of software, hardware, and procedural methods to protect applications from external threats, it **is more than technology**, is a path not a destination, it is about risk management and implementing effective countermeasures to identify potential threats and understand that each threat presents a degree of risk. Once an afterthought in software design, security **is becoming an increasingly important concern** during development as applications become more frequently accessible over networks and are, as a result, vulnerable to a wide variety of threats. Security measures built into applications and a sound application security routine minimize the likelihood that unauthorized code will be able to manipulate applications to access, steal, modify, or delete sensitive data. * * * ### CONTENTS 1. APP SECURITY FOUNDATIONS • _Are we secure, or not?_ This is a common misconception and it depends on the threat • _Brief history of App Security._ Some of the highlights and reactions dating back to the late ‘80s; how attackers have evolved from individuals to organized groups of cyber criminals; attackers improve their tactics and new vulnerability disclosures continue to trend upward; mobile applications vulnerabilities or automotive Cyber threats are exploited nowadays • _The life of a Cyberthreat._ Ever wonder how cyberattacks and malware are created, and how they get into your system to steal your data? • _Cybersec awareness: Malware._ What is the difference between virus, worm, trojan horse, ... malware programs? • _Hacker and Cracker differences._ Why do those dedicated bother them so much when the terms are confused? 2. SECURING APPLICATIONS • _How it works: Cybersecurity, Cloud and Mobile Security._ Having the proper response plan in place in case of a security breach can stop it from becoming a major disaster; Data is shifting rapidly to the cloud and hackers are constantly looking to breach these valuable data sources; as mobile technology becomes more advanced, so do the security attacks of those who want to exploit mobile technology, creating a multitude of troubling scenarios • _Build a Secure application._ Identify layers in which to apply security to design and build secure applications • _Security main elements._ Security relies on Authentication, Authorization, Auditing elements; Security also relies on the Confidentiality, Integrity, Availability elements described below • _Core Security principles._ Recommendations applied regardless of implementation technology or app scenario 3. HACKING SCENARIOS • _How Social Engineering hack you._ Simple Social Engineering trick with a phone call and crying baby • _Should we fear hijacking?_ Hackers remotely (and easily) kill a Jeep on a highway 4. REFERENCES
Speakers: Ángel Gómez Romero