Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Application Intrusion Detection

Kim Carter
July 03, 2021
Technology
0
250

Application Intrusion Detection

Kim Carter

July 03, 2021
Tweet

More Decks by Kim Carter

See All by Kim Carter
owaspnz-chch-meetup-2021-workshop-planning-and-covid
binarymist
0
260
Security Regression Testing on OWASP Zap Node API
binarymist
1
6.7k
Building purpleteam (a Security Regression Testing SaaS) - From PoC to Alpha
binarymist
0
740
OWASP Quiz Night
binarymist
2
870
The Art of Exploitation
binarymist
1
830
Developing a High Performance Security Focussed Agile Team (2 hr workshop)
binarymist
1
530
OWASP NZ Day 2016
binarymist
0
97
Infectious Media with Rubber Ducky
binarymist
1
250
0wn1ng The Web at www.wdcnz.com
binarymist
2
1.2k

Other Decks in Technology

See All in Technology
PHPのimmutable arrayとは
hnw
1
150
plotlyで動くグラフを作る
kosshi
0
750
PCL (Point Cloud Library)の基本となぜ点群処理か_2023年_第2版.pdf
cvmlexpertguide
0
150
エアドロップ for オープンソースプロジェクト
epicsdao
0
360
DNS権威サーバのクラウドサービス向けに行われた攻撃および対策 / DNS Pseudo-Random Subdomain Attack and mitigations
kazeburo
5
1.2k
2年で10→70人へ! スタートアップの 情報セキュリティ課題と施策
miekobayashi
1
290
230125 モニターマウントLT ITガジェット翁(Ryu.Cyber)さん
comucal
PRO
0
4.5k
データ分析基盤の要件分析の話(202201_JEDAI)
yabooun
0
220
OpenShiftでスポットVMを使おう.pdf
jpishikawa
1
260
CUEとKubernetesカスタムオペレータを用いた新しいネットワークコントローラをつくってみた
hrk091
1
270
Pentesting Password Reset Functionality
anugrahsr
0
400
ChatGPT for Hacking
anugrahsr
0
4k

Featured

See All Featured
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
13
1.1k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
500
130k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
44
14k
Debugging Ruby Performance
tmm1
67
11k
A Modern Web Designer's Workflow
chriscoyier
689
180k
Stop Working from a Prison Cell
hatefulcrawdad
263
18k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
31
20k
A designer walks into a library…
pauljervisheath
199
16k
Automating Front-end Workflow
addyosmani
1351
200k
Testing 201, or: Great Expectations
jmmastey
25
5.7k
Designing for humans not robots
tammielis
245
24k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
22
1.7k

Transcript

  1. COMMUNITY TOPICS Welcome InfoSecNZ Slack, OWASP Slack Anything else people

    want to mention? Tonights talk (Chris - Incident Response), (Me - Application Intrusion Detection) 

  2. APPLICATION INTRUSION DETECTION 

  3. HIDS, NIDS, AIDS? 

  4. 1. Asset Identification 2. Identify Risks 3. Countermeasures 4. Risks

    that Solution Causes 5. Costs and Trade-offs 

  5. 1. SSM Asset Identification 

  6. 2. SSM Identify Risks 

  7. Lack of Visibility Insufficient Logging (->) & Monitoring (<-) Covered

    in for OWASP Top 10 Insufficient Attack Protection Book -> Holistic Info-Sec for Web Developers No. 10 Lack of Active Automated Prevention 

  8. 3. SSM Countermeasures 

  9. Lack of Visibility ... Detection works where prevention fails and

    detection is of no use without response Bruce Schneier 

  10. Lack of Visibility OWASP Top 10 - Insufficient Logging Insufficient

    Monitoring A10 Kim's book 

  11. WAF App Intrusion Detection & Response Active Automated Prevention Insufficient

    Attack Protection 

  12. App Intrusion Detection->Prevention is reactive 

  13. By being proactive -> SAST, DAST 

  14. It's been 8 years now in alpha and releases being

    published regularly purpleteam It's time to let someone else take over Pete Nicholls is taking over from me Next Meetup Last Wed of Sep - Pete & Toni - Ask anything panel 