Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Application Intrusion Detection
Search
Kim Carter
July 03, 2021
Technology
0
480
Application Intrusion Detection
Kim Carter
July 03, 2021
Tweet
Share
More Decks by Kim Carter
See All by Kim Carter
owaspnz-chch-meetup-2021-workshop-planning-and-covid
binarymist
0
530
Security Regression Testing on OWASP Zap Node API
binarymist
1
9.8k
Building purpleteam (a Security Regression Testing SaaS) - From PoC to Alpha
binarymist
0
1.3k
OWASP Quiz Night
binarymist
2
1.2k
The Art of Exploitation
binarymist
2
1.1k
Developing a High Performance Security Focussed Agile Team (2 hr workshop)
binarymist
1
780
OWASP NZ Day 2016
binarymist
0
180
Infectious Media with Rubber Ducky
binarymist
1
570
0wn1ng The Web at www.wdcnz.com
binarymist
2
1.8k
Other Decks in Technology
See All in Technology
What's new in OpenShift 4.19
redhatlivestreaming
1
240
Grafana MCP serverでなんかし隊 / Try Grafana MCP server
kohbis
0
350
「実体」で築く共通認識: 開発現場のコミュニケーション最適化 / Let's Get on the Same Page with Concrete Artifacts: Optimization of Communication in dev teams
kazizi55
0
140
Digitization部 紹介資料
sansan33
PRO
1
4.2k
AWS と定理証明 〜ポリシー言語 Cedar 開発の舞台裏〜 #fp_matsuri / FP Matsuri 2025
ytaka23
9
2.5k
キャディでのApache Iceberg, Trino採用事例 -Apache Iceberg and Trino Usecase in CADDi--
caddi_eng
0
140
2025/6/21 日本学術会議公開シンポジウム発表資料
keisuke198619
2
330
Devin(Deep) Wiki/Searchの活用で変わる開発の世界観/devin-wiki-search-impact
tomoki10
0
320
AIエージェントの継続的改善のためオブザーバビリティ
pharma_x_tech
6
1.2k
Workflows から Agents へ ~ 生成 AI アプリの成長過程とアプローチ~
belongadmin
3
160
DenoとJSRで実現する最速MCPサーバー開発記 / Building MCP Servers at Lightning Speed with Deno and JSR
yamanoku
1
100
「規約、知識、オペレーション」から考える中規模以上の開発組織のCursorルールの 考え方・育て方 / Cursor Rules for Coding Styles, Domain Knowledges and Operations
yuitosato
6
1.8k
Featured
See All Featured
Git: the NoSQL Database
bkeepers
PRO
430
65k
How to train your dragon (web standard)
notwaldorf
92
6.1k
Code Review Best Practice
trishagee
68
18k
Java REST API Framework Comparison - PWX 2021
mraible
31
8.6k
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
657
60k
The Cost Of JavaScript in 2023
addyosmani
50
8.4k
How STYLIGHT went responsive
nonsquared
100
5.6k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
32
2.3k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
47
2.8k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
357
30k
Into the Great Unknown - MozCon
thekraken
39
1.8k
Being A Developer After 40
akosma
90
590k
Transcript
COMMUNITY TOPICS Welcome InfoSecNZ Slack, OWASP Slack Anything else people
want to mention? Tonights talk (Chris - Incident Response), (Me - Application Intrusion Detection)
APPLICATION INTRUSION DETECTION
HIDS, NIDS, AIDS?
1. Asset Identification 2. Identify Risks 3. Countermeasures 4. Risks
that Solution Causes 5. Costs and Trade-offs
1. SSM Asset Identification
2. SSM Identify Risks
Lack of Visibility Insufficient Logging (->) & Monitoring (<-) Covered
in for OWASP Top 10 Insufficient Attack Protection Book -> Holistic Info-Sec for Web Developers No. 10 Lack of Active Automated Prevention
3. SSM Countermeasures
Lack of Visibility ... Detection works where prevention fails and
detection is of no use without response Bruce Schneier
Lack of Visibility OWASP Top 10 - Insufficient Logging Insufficient
Monitoring A10 Kim's book
WAF App Intrusion Detection & Response Active Automated Prevention Insufficient
Attack Protection
App Intrusion Detection->Prevention is reactive
By being proactive -> SAST, DAST
It's been 8 years now in alpha and releases being
published regularly purpleteam It's time to let someone else take over Pete Nicholls is taking over from me Next Meetup Last Wed of Sep - Pete & Toni - Ask anything panel