E-Commerce Security

Cyber Security and Information

Security
 Cyber Security is defined as the ability to protect or defend the use of
cyberspace from cyber-attacks.
 Information Security is the protection of information and information
systems from unauthorized access, use, disclosure, disruption,
modification, or destruction in order to provide confidentiality, integrity,
and availability (CIA).
 Trending Issues  APT
 CTI
• https://www.forbes.com/sites/gilpress/  Cyber Crime & Law
2017/11/26/60-cybersecurity-predictio
ns-for-2018/#a2dbd9073ff7  Ethical Hacking
• https://www.gartner.com/smarterwithg
artner/5-trends-in-cybersecurity-for-20  Penetration Testing
17-and-2018/
 Block Chain
• https://www.infosecurity-magazine.co
m/cybercrime/  Internet of Things (IoT)
• https://blog.g2crowd.com/blog/cybers
ecurity/security-trends-2018-top-cyber  Cyber Warfare
security-companies/
 Cloud Security
 Mobile Security
 Digital Forensics
Block Chain

 “The blockchain is an incorruptible digital ledger of economic

transactions that can be programmed to record not just financial
transactions but virtually everything of value.”
-Don & Alex Tapscott,authors Blockchain Revolution (2016)
 Digital and Distributed Database
Things To Consider

 Operating System
 Networking
 Programming
 Certifications
Where to Learn and Earn

 Online  Training & Certifications

 edx  EC-Council
 Future Learn  ISACA
 Udemy  CompTIA
 Cybrary  ISC2
 PECB
 GIAC
 Microsoft
Steps of Hacking
Penetration Testing and Ethical
Hacking
Common Tools and Techniques

 Nmap (Network Mapper)  Maltego

 Burp Suite  Nikto

 Metasploit
 W3af (Web Application Attack and Audit
Framework)
 Wireshark  Netsparker
 Aircrack-ng  Nessus
 John The Ripper  Acunetix
 THC Hydra  Kali Linux
 OWASP Zed  Parrot Security OS
 Vega
COMMON SECURITY THREATS FOR
ECOMMERCE WEBSITES
 PASSWORD BREACHES
 DOS/DDOS ATTACKS
 RANSOMWARE
 DATA DESTRUCTION
 FRAUD
 Bot attacks
 Insufficient Transport Layer Protection
 Online tools and techniques

 https://www.northit.co.uk/email-check
 https://www.ssllabs.com/ssltest/analyze.html
 https://uptimerobot.com/
 https://mxtoolbox.com/dmarc.aspx
 http://housecall.trendmicro.com/uk/
 https://sitecheck.sucuri.net/?clickid=3FD3sVRaV1rewKET-fxuX3VNUkjxI3xpq1NM0Y0
 https://www.scanmyserver.com/
 https://www.netsparker.com/online-web-application-security-scanner/
 https://app.upguard.com/webscan
 https://app.webinspector.com/
 https://panopticlick.eff.org/
 https://www2.open.ac.uk/openlearn/password_check/index.html