Application Intrusion Detection

Kim Carter

July 03, 2021

More Decks by Kim Carter

See All by Kim Carter

owaspnz-chch-meetup-2021-workshop-planning-and-covid

0

590

Security Regression Testing on OWASP Zap Node API

1

10k

Building purpleteam (a Security Regression Testing SaaS) - From PoC to Alpha

0

1.4k

OWASP Quiz Night

2

1.3k

The Art of Exploitation

2

1.2k

Developing a High Performance Security Focussed Agile Team (2 hr workshop)

1

840

OWASP NZ Day 2016

0

210

Infectious Media with Rubber Ducky

1

630

0wn1ng The Web at www.wdcnz.com

2

1.9k

Other Decks in Technology

See All in Technology

知ってた？JavaScriptの"正しさ"を検証するテストが5万以上もあること(Test262)

1

140

「QA＝テスト」「シフトレフト＝スクラムイベントの参加者の一員」の呪縛を解く。アジャイルな開発を止めないために、10Xで挑んだ「右側のしわ寄せ」解消記 #scrumniigata

PRO

3

810

Scovilleモバイルエンジニア募集中.pdf

0

150

Modernizing Your HCL Connections Experience: Visual Report to chain, Profile Enhancements, and AI Integration

0

280

EMから幅を広げるために最近挑戦していること / Recent challenges I'm undertaking to expand my horizons beyond EM

1

180

サービスの信頼性を高めるため、形骸化した「プロダクションミーティング」を立て直すまでの取り組み

1

230

毎日の作業を Claude Code 経由にしたら、ノウハウがコードになった

0

220

需要創出(Chatwork)×供給(BPaaS) フライホイールとMoat 実行能力の最適配置とAI戦略

0

2k

AIが盛んな時代に技術記事を書き始めて起きた私の中での小さな変化

0

350

MySQL 9.7がやってきた～これまでのあらすじと基本情報～ @ 日本MySQLユーザ会会2026年04月 / mysql97-yattekita

0

170

【技術書典20】OpenFOAM（自宅で深める流体解析）流れと熱移動（２）

0

370

Agents CLI と Gemini Enterprise Agent Platform でマルチエージェント開発が楽しくなる！

0

240

Featured

See All Featured

DevOps and Value Stream Thinking: Enabling flow, efficiency and business value

1

180

How To Stay Up To Date on Web Technology

790

250k

SEOcharity - Dark patterns in SEO and UX: How to avoid them and build a more ethical web

0

180

Into the Great Unknown - MozCon

41

2.4k

Gemini Prompt Engineering: Practical Techniques for Tangible AI Outcomes

2

380

Rebuilding a faster, lazier Slack

85

9.5k

How to make the Groovebox

2

2.2k

The browser strikes back

0

1k

Agile Actions for Facilitating Distributed Teams - ADO2019

0

180

No one is an island. Learnings from fostering a developers community.

21

3.7k

実際に使うSQLの書き方徹底解説 / pgcon21j-tutorial

PRO

199

73k

The Straight Up "How To Draw Better" Workshop

239

140k

Transcript

COMMUNITY TOPICS Welcome InfoSecNZ Slack, OWASP Slack Anything else people
want to mention? Tonights talk (Chris - Incident Response), (Me - Application Intrusion Detection) 
APPLICATION INTRUSION DETECTION 
HIDS, NIDS, AIDS? 
1. Asset Identification 2. Identify Risks 3. Countermeasures 4. Risks
that Solution Causes 5. Costs and Trade-offs 
1. SSM Asset Identification 
2. SSM Identify Risks 
Lack of Visibility Insufficient Logging (->) & Monitoring (<-) Covered
in for OWASP Top 10 Insufficient Attack Protection Book -> Holistic Info-Sec for Web Developers No. 10 Lack of Active Automated Prevention 
3. SSM Countermeasures 
Lack of Visibility ... Detection works where prevention fails and
detection is of no use without response Bruce Schneier 
Lack of Visibility OWASP Top 10 - Insufficient Logging Insufficient
Monitoring A10 Kim's book 
WAF App Intrusion Detection & Response Active Automated Prevention Insufficient
Attack Protection 
App Intrusion Detection->Prevention is reactive 
By being proactive -> SAST, DAST 
It's been 8 years now in alpha and releases being
published regularly purpleteam It's time to let someone else take over Pete Nicholls is taking over from me Next Meetup Last Wed of Sep - Pete & Toni - Ask anything panel 