Segurinfo2014 Santiago Cavanna

40 %
60 %
Information about Segurinfo2014 Santiago Cavanna
Technology

Published on March 16, 2014

Author: cavsa01

Source: slideshare.net

Description

Presentacion realizada en Argentina y Paraguay Durante Marzo 2014.
En Argentina por Faustino Sanchez. En Paraguay por Santiago Cavanna.
Trata sobre el problema de la presencia de vulnerabilidades en aplicaciones, el impacto que tiene en las organizaciones y la forma que se encuentra disponible para descubrirlas en forma temprana y facilitar su remediacion

Santiago Cavanna IBM Security Systems Argentina-Uruguay-Paraguay Marzo 2014 cavanna@ar.ibm.com El costo oculto de las aplicaciones … Vulnerables

The Traditional Approach is Changing…. Security is no longer controlled and enforced through the network perimeter Trusted  Intranet   Online  Banking   Applica5on   Employee  Applica5on   DMZ   Untrusted  Internet  

…. With Mobile and Cloud There Is No Perimeter Security must be centered on applications and transactions Online  Banking   Applica5on   Investment   API  Services   Employee  Applica5on   Deliver  Mobile  App   Consume  Apps  and  Services   Leverage  Public  Clouds   Trusted  Intranet   DMZ   Untrusted  Internet  

media.kaspersky.com/en/business-security/Kaspersky_Global_IT_Security_Risks_Survey_report_Eng_final.pdf In the past 12 months, 91% of the companies surveyed had at least one external IT security incident and 85% reported internal incidents.

Threats increase along with old and new targets ??????????????????????  Web  Apps  Targeted   Mobile  Devices  Targeted   Escala9ng  Threats   ??????????????????????  Mobile  Malware  Increasing   31%     of  new  aAacks  in   1H  2013  targeted     Web  app   vulnerabili9es   50%  +     of  Web  app   vulnerabili9es   are  cross-­‐site   scrip9ng   Mobile  devices  are   twice  as  appealing   hackers  can  obtain   personal  and   business  data   Source: Juniper Networks Third Annual Mobile Threats Report: 3/12 – 3/13 Source:  IBM  X-­‐Force  2013  Mid-­‐Year  Trend  and  Risk  Report    Source:  IBM  X-­‐Force  2013  Mid-­‐Year  Trend  and  Risk  Report    

83% of enterprises have difficulty finding the security skills they need tools from vendors 85 45 IBM client example 70% of security exec’s are concerned about cloud and mobile security Mobile malware grew 614% from March 2012 to March 2013 in one year A New Security Reality Is Here 61% Data theft and cybercrime are the greatest threats to their reputation of organizations say Average U.S. breach cost $7million+ 2013 Cost of Cyber Crime Study Ponemon Institute 2013 Juniper Mobile Threat Report 2012 IBM Global Reputational Risk & IT Study 2013 IBM CISO Survey 2012 ESG Research

A new security reality is here Sophisticated attackers break through conventional safeguards every day. Organized criminals, hacktivists, governments and adversaries are compelled by financial gain, politics and notoriety to attack your most valuable assets. Their operations are well-funded and business-like ‒ attackers patiently evaluate targets based on potential effort and reward. Their methods are extremely targeted ‒ they use social media and other entry points to track down people with access, take advantage of trust, and exploit them as vulnerabilities. Meanwhile, negligent employees inadvertently put the business at risk via human error. Even worse, security investments of the past fail to protect against these new classes of attacks. The result is more severe security breaches more often. In fact, 61% of organizations say data theft and cybercrime are the greatest threats to their reputation.1 And the costs are staggering. By one estimate, the average cost of a breach is over $7million.2 Sources: (1) 2012 Global Reputational Risk & IT Study, IBM; (2) 2013 Cost of Cyber Crime Study, Ponemon Institute <MOUSE CLICK> Cloud, mobile, social and big data drive unprecedented change. Businesses are adopting mobile, social, big data and cloud to analyze and share information at unprecedented rates. This influx of new innovation, technologies, and end-points push more and more business transactions outside company walls and completely transform enterprise security as we know it. As the traditional network perimeter permanently dissolves, it is more difficult to defend company data from the increasing gaps in security, and to verify that users accessing data are protected. In one study, 70% of security executives expressed concern about cloud and mobile security.3 Theft or loss of mobile devices, privacy concerns associated with cloud, and accidental sharing of sensitive data are some of the key fears. Without dynamic protection, an organization may spend more time recovering from attacks than it does preventing them. And those who do not prepare for change are leaving their companies dangerously exposed. Sources: (3) 2013 CISO Survey, IBM; 2013 Juniper Mobile Threat Report <MOUSE CLICK> Yesterday’s security practices are not sustainable Up to now, organizations have responded to security concerns by deploying a new tool to address each new risk. Now they have to install, configure, manage, patch, upgrade, and pay for dozens of non-integrated solutions with limited views of the landscape. Costly and complex, these fragmented security capabilities do not provide the visibility and coordination needed to stop today’s sophisticated attacks. Moreover, the skills and expertise needed to keep up with a constant stream of new threats is not always available. 83% of enterprises report having difficulty finding the security skills they need.4 And as new risks emerge, the environment will grow more complex and the skills gap wider. 49% of IT executives say that they are challenged by an inability to measure the effectiveness of their current security efforts5 and 31% of IT professionals have no risk strategy at all6. Many security teams are simply operating in the dark. Sources: (4) 2012 ESG Research; (5) Security Intelligence Can Deliver Value Beyond Expectations And Needs To Be Prioritized, Forrester; (6) 2013 Global Reputational Risk & IT Study, IBM

Agenda •  IBM as Security Solution Provider •  IBM Security Framework •  X-Force, Security Reports and SecurityIntelligence.com •  Standards and regulations (NIST) •  Challenges for Security team at Application Security. •  Application Security Framework. •  Vulnerability at different SDLC Stage. –  Dynamic and static analysis. •  Self-assessment and recommendations.

IBM Security Investment •  6,000+ IBM Security experts worldwide •  3,000+ IBM security patents •  4,000+ IBM managed security services clients worldwide •  25 IBM Security labs worldwide IBM Security: Market-changing milestones Mainframe and Server Security SOA Management and Security Network Intrusion Prevention Database Monitoring Access Management Application Security Compliance Management 1976   Resource Access Control Facility (RACF) is created, eliminating the need for each application to imbed security 1999   Dascom is acquired for access management capabilities 2006   Internet Security Systems, Inc. is acquired for security research and network protection capabilities 2007   Watchfire is acquired for security and compliance capabilities Consul is acquired for risk management capabilities Princeton Softech is acquired for data management capabilities 2008   Encentuate is acquired for enterprise single-sign-on capabilities 2009   Ounce Labs is acquired for application security capabilities Guardium is acquired for enterprise database monitoring and protection capabilities 2010   Big Fix is acquired for endpoint security management capabilities NISC is acquired for information and analytics management capabilities2005   DataPower is acquired for SOA management and security capabilities 2013   Intent to acquire Trusteer for mobile and application security, counter-fraud and malware detection 2002   Access360 is acquired for identity management capabilities MetaMerge is acquired for directory integration capabilities Identity Management Advanced Fraud Protection Security Analytics Security Intelligence IBM Security Systems division is created 2011   Q1 Labs is acquired for security intelligence capabilities 2012  

IBM Security Framework hAp://www.redbooks.ibm.com/abstracts/sg248100.html  

X-Force Threat Intelligence: The IBM Differentiator IBM  Confiden9al   URL/Web  Filtering   •  Provides  access  to  one  of  the  world’s  largest  URL  filter  databases  containing  more  than  20  billion   evaluated  Web  pages  and  images   An5-­‐Spam   •  Detect  spam  using  known  signatures,  discover  new  spam  types  automa9cally,  99.9%  accurate,  near  0%   overblocking   IP  Reputa5on   •  Categorize  malicious  websites  via  their  IP  address  into  different  threat  segments,  including  malware  hosts,   spam  sources,  and  anonymous  proxies Web  Applica5on  Control   •  Iden9fying  and  providing  ac9ons  for  applica9on  traffic,  both  web-­‐based,     such  as  Gmail,  and  client  based,  such  as  Skype The mission of X-Force is to: §  Monitor and evaluate the rapidly changing threat landscape §  Research new attack techniques and develop protection for tomorrow’s security challenges §  Educate our customers and the general public Advanced Security and Threat Research

Security  Intelligence hAp://www-­‐03.ibm.com/security/xforce/   hAp://securityintelligence.com/  

Safeguard  pa9ent  data   Secure  the  credit  card  environment   Protect  self-­‐service  DMV  portal   Protect  cri9cal  infrastructure   for  the  smart  grid   Reduce  online  banking  fraud     Secure  data  exchange  among  insurance  providers   Control  access  to  auto  designs     and  intellectual  property   Security  func9onality  examples  

Standards and Regulations hAp://securityintelligence.com/nist-­‐cybersecurity-­‐framework-­‐applica9on-­‐security-­‐risk-­‐management/   v1.0  of  the  NIST  Framework  for  Improving   Cri9cal  Infrastructure  Cybersecurity.     Execu9ve  Order  13636  from  President  Obama   was  issued  on  February  12th  2014   Sogware  Risk  and  the  Framework     SoRware  security  is  a  cri5cal  component  of   cybersecurity.  If  the  apps  you’re  running  can  be  exploited,  the   services  they’re  running  are  at  risk.  And  though  there  isn’t  a  special   sec9on  devoted  to  applica9ons  or  building  sogware  in  the  NIST   Framework,  sogware  is  men9oned  a  number  of  9mes  and  should  be   addressed  as  part  of  the  broader  cybersecurity  program.  

Security team challenges 16 1000s  of  apps     A  small  team     What  is  our  applica5on  security  status?   Which  are  our  most  important  applica1ons?   How  many    of  them  have  we  assessed?   Which  ones  present  the  highest  risk?   Which  vulnerabili1es  should  we  fix  first?   What  are  the  most  common  mistakes  developers  make?  

Applications Reducing  the  costs  of  developing  secure  applica9ons  and  assuring   the  privacy  and  integrity  of  trusted  informa9on   Portfolio Overview AppScan Enterprise Edition • Enterprise-class solution for implementing and managing an application security program, includes high-level dashboards, test policies, scan templates and issue management capabilities • Multi-user solution providing simultaneous security scanning and centralized reporting AppScan Standard Edition • Desktop solution to automate web application security testing for IT Security, auditors, and penetration testers AppScan Source Edition •  Static application security testing to identify vulnerabilities at the line of code. Enables early detection within the development life cycle.

Application Security Framework Test       Scan    &  Remediate   Security  Intelligence,  Policy  and  Governance   Ac9vity  monitoring,  context,    risk  assessment,  compliance  repor9ng         Development           eLearning   Correla5on   Vuln  Disclosure   Integra5ons   Integra5ons   Deployment           White/Black  Lists   Big  Data  Analy5cs   Procurement   Protect       Block  &  Prevent   Web  Applica9on  Firewall   Intrusion  Preven9on   Database  Ac9vity  Monitoring   Containeriza9on  /  Sandbox     Dynamic  Scanning  (light)     Assure       Rank  &  Validate   Applica9on  Reputa9on   Vendor  Rankings   Compliance  Scanning   Research  Updates…   Sta9c,  Dynamic,  Binary  of  Manifest   tes9ng  based  on  access   Sta9c  Source   Dynamic  Pre-­‐Launch   Sta9c  Binary   Dynamic  Produc9on   Applica9on  Tes9ng  Services  from  the  Cloud   Full  managed  service  –  easy  to  start  and  easy  to  test  third  party  apps   Mobile  Applica9on  Tes9ng   Mobile  Applica9on  Reputa9on  Services                                  Integrated  Solu9ons  –  From  Development  to  Deployment                                Risk  Management  and  Visibility   Key  Trends  

The Old Story – Still Valid But There’s More…. Find  during  Development   $80/defect   Find  during  Build   $240/defect   Find  during  QA/Test   $960/defect   Find  in  Produc9on   $7,600  /  defect   80%  of  development  costs  are   spent  iden4fying  and   correc4ng  defects!*    **  Source:  Ponemon  Ins9tute  2009-­‐10    *  Source:  Na9onal  Ins9tute  of  Standards  and  Technology   Average  Cost  of  a  Data  Breach   $7.2M**  from  law  suits,  loss  of  customer   trust,  damage  to  brand  

Application Security: Helping to protect against the threat of attacks and data breaches

Finding more vulnerabilities using advanced techniques Sta9c  Analysis   -  Analyze  Source  Code   -  Use  during  development   -  Uses  Taint  Analysis  /   PaAern  Matching   Dynamic  Analysis   -  Correlate  Dynamic  and  Sta9c   results   -  Assists  remedia9on  by   iden9fica9on  of  line  of  code   Hybrid  Analysis   21 -  Analyze  Live  Web  Applica9on   -  Use  during  tes9ng   -  Uses  HTTP  tampering   Client-­‐Side  Analysis   -  Analyze  downloaded  Javascript   code  which  runs  in  client   -  Unique  in  the  industry   Run-­‐Time  Analysis   -  Combines  Dynamic  Analysis  with   run-­‐9me  agent   -  More  results,  beAer  accuracy   Total  Poten9al   Security  Issues   Applica9ons  

No single automated analysis technique can find all possible vulnerabilities. Each technique has its own strengths and blind spots, which is why a single point tool can leave you exposed. To find the most vulnerabilities, you should employ all the analysis techniques available today. IBM has combined a leading Static Analysis solution (developed by Ounce Labs) with a leading Dynamic Analysis solution (developed by Watchfire). IBM has combined these two established technologies, and has since added Hybrid analysis to combine and correlate their results. In 2011, IBM added new techniques for client-side analysis (aka Javascript Analyzer) and most recently run-time analysis (aka Glassbox). Static Analysis examines the source code for potential vulnerabilities. Static analysis can be used earlier in the development cycle, because you don’t need a running application. Static analysis can also produce a large volume of results, which can overwhelm development teams. Also, developers may question whether an identified vulnerability can be exploited (i.e. the “issue” could be mitigated somewhere else in the code, so it may not manifest itself as a true vulnerability). Dynamic Analysis tests a running application, by probing it in similar ways to what a hacker would use. With Dynamic Analysis results, it is easier to connect the vulnerability and a potential exploit. Dynamic Analysis is reliant on an ability to automatically traverse an application and test possible inputs. With Dynamic Analysis, the auditor is always asking “did I get proper test coverage”. Because Dynamic Analysis requires a running application, it typically cannot be used until an application is ready for functional testing (i.e. later in the development cycle). Hybrid Analysis brings together Dynamic and Static to correlate and verify the results. Issues identified using dynamic analysis can be traced to the offending line of code. Issues identified in static analysis can be validated with an external test. Client-side Analysis (aka JSA) analyzes code which is downloaded to the client. As more functionality is performed client-side, the prospect of client-side vulnerabilities and exploits increases. This capability, new in 2011, is unique in the market. Run-time Analysis (aka Glassbox) places a run-time agent on the application machine, and analyzes the application as it is being tested. This combines the aspects of Dynamic and Static analysis at run-time, finding more vulnerabilities with greater accuracy. Glassbox analysis was introduced in the most recent release of AppScan, at the end of 2011.

Important Questions to Consider Do the applications contain sensitive data? §  Is the data protected? §  How do you know if it’s protected? Do  you  outsource  your   mobile  applica5on   development?   How  do  you  keep  pace   with  the  constant  mobile   updates?   §  How  do  you  determine  risk?   §  Do  you  have  mobile  specific  security   exper9se?   §  Do  you  have  acceptance  criteria?   §  Do  you  check  applica9on  security  every   release?   §  Do  you  have  a  way  to  automate  tes9ng?  

What is application security testing? Just got breached, how do we prevent this? How  do  we   protect  our   mobile   apps?   Application Security Awareness From “Do Nothing” to “Reactive” to Proactive”! Where  are  you  on   this  spectrum?  

www.ibm.com/security © Copyright IBM Corporation 2014. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.

http://www.slideshare.net/ibmsecurity/cloud-security-what-you-need-to-know-about-ibm-smartcloud-security

http://web.nvd.nist.gov/view/vuln/search-results?query=vmware&search_type=all&cves=on http://www.cve.mitre.org/cgi-bin/cvekey.cgi?keyword=vmware http://search.iss.net/Search.do?keyword=vmware&searchType=keywd&x=0&y=0

https://downloads.cloudsecurityalliance.org/initiatives/guidance/csaguide.v3.0.pdf https://cloudsecurityalliance.org/wp-content/uploads/2011/11/virtualization-security.pdf Security Cloud Vs Virtual …

http://www.slideshare.net/ibmsecurity/cloud-security-what-you-need-to-know-about-ibm-smartcloud-security

http://www-935.ibm.com/services/image/cybersecurity_infographic.jpg

Guide to implementing a secure cloud The following security measures represent general best practice implementations for cloud security. •  Implement and maintain a security program. •  Build and maintain a secure cloud infrastructure. •  Ensure confidential data protection. •  Implement strong access and identity management. •  Establish application and environment provisioning. •  Implement a governance and audit management program. •  Implement a vulnerability and intrusion management program. •  Maintain environment testing and validation. Build and maintain a secure cloud infrastructure 4. Protect administrative access. 4.3. Maintain am audit trail of administrative actions. 4.4. The cloud host should develop and publish configuration management guidelines. 4.5. Implement an Asset Discovery Mechanism to identify resources in use in the target environment. 4.6. Regularly review Asset Maps to understand assets in the cloud environment. 4.7. Maintain a Configuration Data Store to enable auditability and general security understanding. 5. Ensure patch management. 5.1. The cloud host should develop and publish a patch and change management program. 5.2. Develop a pre-production patch management system to enable business resiliency. 5.3. Ensure logging is enabled for all patch processes, and develop the appropriate documentation. 5.4. Ensure that all systems, and applications are running the latest vendor supplied patches, and updates within the specified period as specified in the patch and change management program. Ensure that an appropriate time frame is established. 5.5. Establish a process or utilize a third-party vendor to maintain awareness of the latest security vulnerabilities.

http://www.redbooks.ibm.com/abstracts/redp4614.html http://www.redbooks.ibm.com/abstracts/redp4893.html http://publib-b.boulder.ibm.com/abstracts/sg247928.html

https://downloads.cloudsecurityalliance.org/initiatives/top_threats/The_Notorious_Nine_Cloud_Computing_Top_Threats_in_2013.pdf https://downloads.cloudsecurityalliance.org/initiatives/guidance/csaguide.v3.0.pdf http://public.dhe.ibm.com/common/ssi/ecm/en/wgl03045usen/WGL03045USEN.PDF

www.ibm.com/security © Copyright IBM Corporation 2014. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.

Slide 04 media.kaspersky.com/en/business-security/Kaspersky_Global_IT_Security_Risks_Survey_report_Eng_final.pdf Slide 05 http://www.slideshare.net/junipernetworks/third-annual-mobile-threats-report http://www.juniper.net/us/en/forms/mobile-threats-report/ http://www-935.ibm.com/services/us/gbs/bus/html/risk_study.html http://www-935.ibm.com/services/us/gbs/bus/html/reputational-risk-resolution-for-2013.html http://www.ibm.com/developerworks/library/se-global/ http://www.ponemon.org/data-security http://www.esg-global.com/blogs/more-on-the-security-skills-shortage-issue/ http://www.esg-global.com/blogs/the-security-skills-shortage-is-worse-than-you-think/ http://www.esg-global.com/blogs/what-cisos-can-do-about-the-cybersecurity-skills-shortage/ http://www.slideshare.net/IBMGovernmentCA/reputational-risk-16787581 Slide 10 http://www.redbooks.ibm.com/abstracts/sg248100.html Slide 12 http://securityintelligence.com/ http://www-03.ibm.com/security/xforce/ Slide 15 http://securityintelligence.com/nist-cybersecurity-framework-application-security-risk-management/

Slide 27 http://www.slideshare.net/ibmsecurity/cloud-security-what-you-need-to-know-about-ibm-smartcloud-security Slide 28http://search.iss.net/Search.do?keyword=vmware&searchType=keywd&x=0&y=0 http://www.cve.mitre.org/cgi-bin/cvekey.cgi?keyword=vmware http://web.nvd.nist.gov/view/vuln/search-results?query=vmware&search_type=all&cves=on Slide 29 https://downloads.cloudsecurityalliance.org/initiatives/guidance/csaguide.v3.0.pdf https://cloudsecurityalliance.org/wp-content/uploads/2011/11/virtualization-security.pdf Slide 30 http://www.slideshare.net/ibmsecurity/cloud-security-what-you-need-to-know-about-ibm-smartcloud-security Slide 31 http://www-935.ibm.com/services/image/cybersecurity_infographic.jpg Slide 35 http://www.redbooks.ibm.com/abstracts/redp4614.html http://publib-b.boulder.ibm.com/abstracts/sg247928.html http://www.redbooks.ibm.com/abstracts/redp4893.html Slide 35 http://public.dhe.ibm.com/common/ssi/ecm/en/wgl03045usen/WGL03045USEN.PDF https://downloads.cloudsecurityalliance.org/initiatives/guidance/csaguide.v3.0.pdf https:// downloads.cloudsecurityalliance.org/initiatives/top_threats/ The_Notorious_Nine_Cloud_Computing_Top_Threats_in_2013.pdf

Add a comment

Related presentations

Related pages

2014 | Santiago CavannaSantiago Cavanna

Segurinfo2014 Santiago Cavanna from Santiago Cavanna. Segurinfo2014_SantiagoCavanna. Listado completo de Links de la presentacion. Links: Slide 04.
Read more

Santiago Cavanna | Strategy – Information Security ...

Segurinfo2014 Santiago Cavanna from Santiago Cavanna. Segurinfo2014_SantiagoCavanna. Listado completo de Links de la presentacion. Links: Slide 04.
Read more

Agenda - SEGURINFO Argentina 2014

Santiago Cavanna -Security Sales Specialist, IBM (Ver presentación) Prevención y detención del fraude Bert Milan - VP de Ventas para América Latina ...
Read more

Programa SEGURINFO Paraguay 2014

Santiago Cavanna - Security Especialist, IBM: 16:45: DDOS y Malware. La Nueva Generación (La conferencia será desarrollada en idioma inglés)
Read more