Data at Rest Encryption - Addressing Modern Attacks Beyond the Basics
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Syllabus
Intro
What will they talk about? • Quick primer on cryptography, encryption, and key management • Issues with current at-rest data encryption approaches
A02:2021 - Cryptographic Failures
Cryptography Cryptography was practiced for millennia before the Invention of computers One of the original and fundamental mechanisms for computer security
Cryptographic Attacks . Modern cryptography is exceptionally strong against direct attacks
Problem - Keys
Two Predominant Use Cases for Encryption
The Central Implicit Trust Model
So, what's the problem with that?
Two Real-world Examples Security Incident
Better Approach
Example - Medical Records System Only a subset of data values and attachments are to be protected
Column-Level Encryption
Application-Level Encryption (ALE)
Parting Words of Crypto Advice
Taught by
OWASP Foundation
Related Courses
Asymmetric Cryptography and Key ManagementUniversity of Colorado System via Coursera Introduction to Applied Cryptography
University of Colorado System via Coursera Applied Cryptography
University of Colorado System via Coursera Designing for Advanced Security within AWS
Pluralsight Creating Security Baselines in Microsoft Azure
Pluralsight