Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Application Intrusion Detection
Search
Kim Carter
July 03, 2021
Technology
0
480
Application Intrusion Detection
Kim Carter
July 03, 2021
Tweet
Share
More Decks by Kim Carter
See All by Kim Carter
owaspnz-chch-meetup-2021-workshop-planning-and-covid
binarymist
0
530
Security Regression Testing on OWASP Zap Node API
binarymist
1
9.8k
Building purpleteam (a Security Regression Testing SaaS) - From PoC to Alpha
binarymist
0
1.3k
OWASP Quiz Night
binarymist
2
1.2k
The Art of Exploitation
binarymist
2
1.1k
Developing a High Performance Security Focussed Agile Team (2 hr workshop)
binarymist
1
790
OWASP NZ Day 2016
binarymist
0
180
Infectious Media with Rubber Ducky
binarymist
1
570
0wn1ng The Web at www.wdcnz.com
binarymist
2
1.8k
Other Decks in Technology
See All in Technology
KiCadでPad on Viaの基板作ってみた
iotengineer22
0
180
Witchcraft for Memory
pocke
1
670
ドメイン特化なCLIPモデルとデータセットの紹介
tattaka
2
530
AWS Summit Japan 2025 Community Stage - App workflow automation by AWS Step Functions
matsuihidetoshi
1
310
解析の定理証明実践@Lean 4
dec9ue
1
210
無意味な開発生産性の議論から抜け出すための予兆検知とお金とAI
i35_267
2
3.1k
MUITにおける開発プロセスモダナイズの取り組みと開発生産性可視化の取り組みについて / Modernize the Development Process and Visualize Development Productivity at MUIT
muit
1
2.5k
OpenHands🤲にContributeしてみた
kotauchisunsun
1
500
KubeCon + CloudNativeCon Japan 2025 Recap Opening & Choose Your Own Adventureシリーズまとめ
mmmatsuda
0
240
Node-REDのFunctionノードでMCPサーバーの実装を試してみた / Node-RED × MCP 勉強会 vol.1
you
PRO
0
130
さくらのIaaS基盤のモニタリングとOpenTelemetry/OSC Hokkaido 2025
fujiwara3
2
270
Yamla: Rustでつくるリアルタイム性を追求した機械学習基盤 / Yamla: A Rust-Based Machine Learning Platform Pursuing Real-Time Capabilities
lycorptech_jp
PRO
4
180
Featured
See All Featured
How STYLIGHT went responsive
nonsquared
100
5.6k
Automating Front-end Workflow
addyosmani
1370
200k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
331
22k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
124
52k
Balancing Empowerment & Direction
lara
1
400
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
657
60k
Why You Should Never Use an ORM
jnunemaker
PRO
58
9.4k
Fantastic passwords and where to find them - at NoRuKo
philnash
51
3.3k
Testing 201, or: Great Expectations
jmmastey
42
7.6k
The Illustrated Children's Guide to Kubernetes
chrisshort
48
50k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
7
730
Building an army of robots
kneath
306
45k
Transcript
COMMUNITY TOPICS Welcome InfoSecNZ Slack, OWASP Slack Anything else people
want to mention? Tonights talk (Chris - Incident Response), (Me - Application Intrusion Detection)
APPLICATION INTRUSION DETECTION
HIDS, NIDS, AIDS?
1. Asset Identification 2. Identify Risks 3. Countermeasures 4. Risks
that Solution Causes 5. Costs and Trade-offs
1. SSM Asset Identification
2. SSM Identify Risks
Lack of Visibility Insufficient Logging (->) & Monitoring (<-) Covered
in for OWASP Top 10 Insufficient Attack Protection Book -> Holistic Info-Sec for Web Developers No. 10 Lack of Active Automated Prevention
3. SSM Countermeasures
Lack of Visibility ... Detection works where prevention fails and
detection is of no use without response Bruce Schneier
Lack of Visibility OWASP Top 10 - Insufficient Logging Insufficient
Monitoring A10 Kim's book
WAF App Intrusion Detection & Response Active Automated Prevention Insufficient
Attack Protection
App Intrusion Detection->Prevention is reactive
By being proactive -> SAST, DAST
It's been 8 years now in alpha and releases being
published regularly purpleteam It's time to let someone else take over Pete Nicholls is taking over from me Next Meetup Last Wed of Sep - Pete & Toni - Ask anything panel