Users have admin access by default

Users only have access necessary to perform their job

All users share the same access rights

Privileges are inherited from their manager

Offensive hackers simulating real-world attacks

Developers integrating security into software

Defensive team that monitors and responds to incidents

Team that performs vulnerability scanning

Plain text

Base64 encoding

Hashing with salt

Encrypting with a static key

FTP

TFTP

SFTP

SCP

Delays in email delivery

Unauthorized zone transfers

Weak encryption of web traffic

Increased bandwidth usage

SQL Injection

Brute-force login attacks

Session hijacking

Buffer overflow

DoS

MITM (Man-in-the-Middle)

Spoofing

Replay