Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Speaker Deck
PRO
Sign in
Sign up for free
Application Intrusion Detection
Kim Carter
July 03, 2021
Technology
0
210
Application Intrusion Detection
Kim Carter
July 03, 2021
Tweet
Share
More Decks by Kim Carter
See All by Kim Carter
owaspnz-chch-meetup-2021-workshop-planning-and-covid
binarymist
0
230
Security Regression Testing on OWASP Zap Node API
binarymist
1
6k
Building purpleteam (a Security Regression Testing SaaS) - From PoC to Alpha
binarymist
0
660
OWASP Quiz Night
binarymist
2
820
The Art of Exploitation
binarymist
1
790
Developing a High Performance Security Focussed Agile Team (2 hr workshop)
binarymist
1
500
OWASP NZ Day 2016
binarymist
0
92
Infectious Media with Rubber Ducky
binarymist
1
210
0wn1ng The Web at www.wdcnz.com
binarymist
2
1.2k
Other Decks in Technology
See All in Technology
A3-1 IBM Championが本音で語る「IBM Cloud」
kolinz
0
310
cobra は便利になっている
nwiizo
0
140
ECS Exec を使った ECS の トラブルシューティング
dohara
0
150
質の良い”カイゼン”の為の質の良い「振り返り」
shirayanagiryuji
0
130
EKS AnywhereとIAM Anywhereを組み合わせてみた
regmarmcem
0
380
〇〇みたいな検索作ってと言われたときに考えること / thinking before developing search system like that one
ryook
5
2.7k
Backlog × RPAでいろいろ捗った話
z_tetsu
0
390
脆弱性スキャナのOWASP ZAPを コードベースで扱ってみる / OWASP ZAP on a code base
task4233
1
250
ロボットの実行すらメンドクサイ!?
kou12092
0
210
Simplify Cloud Native Security with Trivy
knqyf263
0
710
やってみたLT会 Fleet Managerのススメ
yukiiiiikuma
PRO
0
400
聊聊 Cgo 的二三事
david74chou
0
330
Featured
See All Featured
Principles of Awesome APIs and How to Build Them.
keavy
113
15k
Visualization
eitanlees
125
12k
Bash Introduction
62gerente
598
210k
Learning to Love Humans: Emotional Interface Design
aarron
261
37k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
7
1.1k
10 Git Anti Patterns You Should be Aware of
lemiorhan
638
52k
GraphQLとの向き合い方2022年版
quramy
16
8.5k
Designing with Data
zakiwarfel
91
4k
Music & Morning Musume
bryan
35
4.3k
Creatively Recalculating Your Daily Design Routine
revolveconf
207
10k
What's new in Ruby 2.0
geeforr
335
30k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
237
19k
Transcript
COMMUNITY TOPICS Welcome InfoSecNZ Slack, OWASP Slack Anything else people
want to mention? Tonights talk (Chris - Incident Response), (Me - Application Intrusion Detection)
APPLICATION INTRUSION DETECTION
HIDS, NIDS, AIDS?
1. Asset Identification 2. Identify Risks 3. Countermeasures 4. Risks
that Solution Causes 5. Costs and Trade-offs
1. SSM Asset Identification
2. SSM Identify Risks
Lack of Visibility Insufficient Logging (->) & Monitoring (<-) Covered
in for OWASP Top 10 Insufficient Attack Protection Book -> Holistic Info-Sec for Web Developers No. 10 Lack of Active Automated Prevention
3. SSM Countermeasures
Lack of Visibility ... Detection works where prevention fails and
detection is of no use without response Bruce Schneier
Lack of Visibility OWASP Top 10 - Insufficient Logging Insufficient
Monitoring A10 Kim's book
WAF App Intrusion Detection & Response Active Automated Prevention Insufficient
Attack Protection
App Intrusion Detection->Prevention is reactive
By being proactive -> SAST, DAST
It's been 8 years now in alpha and releases being
published regularly purpleteam It's time to let someone else take over Pete Nicholls is taking over from me Next Meetup Last Wed of Sep - Pete & Toni - Ask anything panel