Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Application Intrusion Detection
Search
Kim Carter
July 03, 2021
Technology
0
420
Application Intrusion Detection
Kim Carter
July 03, 2021
Tweet
Share
More Decks by Kim Carter
See All by Kim Carter
owaspnz-chch-meetup-2021-workshop-planning-and-covid
binarymist
0
470
Security Regression Testing on OWASP Zap Node API
binarymist
1
9.5k
Building purpleteam (a Security Regression Testing SaaS) - From PoC to Alpha
binarymist
0
1.2k
OWASP Quiz Night
binarymist
2
1.1k
The Art of Exploitation
binarymist
2
1.1k
Developing a High Performance Security Focussed Agile Team (2 hr workshop)
binarymist
1
740
OWASP NZ Day 2016
binarymist
0
150
Infectious Media with Rubber Ducky
binarymist
1
500
0wn1ng The Web at www.wdcnz.com
binarymist
2
1.7k
Other Decks in Technology
See All in Technology
Lambdaと地方とコミュニティ
miu_crescent
2
370
OCI 運用監視サービス 概要
oracle4engineer
PRO
0
4.8k
Amazon Personalizeの レコメンドシステム構築、実際何するの? 〜大体10分で具体的なイメージをつかむ〜
kniino
1
100
AWS Lambdaと歩んだ“サーバーレス”と今後 #lambda_10years
yoshidashingo
1
170
リンクアンドモチベーション ソフトウェアエンジニア向け紹介資料 / Introduction to Link and Motivation for Software Engineers
lmi
4
300k
スクラムチームを立ち上げる〜チーム開発で得られたもの・得られなかったもの〜
ohnoeight
2
350
社内で最大の技術的負債のリファクタリングに取り組んだお話し
kidooonn
1
550
【令和最新版】AWS Direct Connectと愉快なGWたちのおさらい
minorun365
PRO
5
750
ExaDB-D dbaascli で出来ること
oracle4engineer
PRO
0
3.8k
誰も全体を知らない ~ ロールの垣根を超えて引き上げる開発生産性 / Boosting Development Productivity Across Roles
kakehashi
1
220
Amazon CloudWatch Network Monitor のススメ
yuki_ink
1
200
Shopifyアプリ開発における Shopifyの機能活用
sonatard
4
250
Featured
See All Featured
Keith and Marios Guide to Fast Websites
keithpitt
409
22k
Imperfection Machines: The Place of Print at Facebook
scottboms
265
13k
Why You Should Never Use an ORM
jnunemaker
PRO
54
9.1k
Put a Button on it: Removing Barriers to Going Fast.
kastner
59
3.5k
Producing Creativity
orderedlist
PRO
341
39k
Faster Mobile Websites
deanohume
305
30k
A Tale of Four Properties
chriscoyier
156
23k
Embracing the Ebb and Flow
colly
84
4.5k
Statistics for Hackers
jakevdp
796
220k
Building Your Own Lightsaber
phodgson
103
6.1k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
232
17k
The Straight Up "How To Draw Better" Workshop
denniskardys
232
140k
Transcript
COMMUNITY TOPICS Welcome InfoSecNZ Slack, OWASP Slack Anything else people
want to mention? Tonights talk (Chris - Incident Response), (Me - Application Intrusion Detection)
APPLICATION INTRUSION DETECTION
HIDS, NIDS, AIDS?
1. Asset Identification 2. Identify Risks 3. Countermeasures 4. Risks
that Solution Causes 5. Costs and Trade-offs
1. SSM Asset Identification
2. SSM Identify Risks
Lack of Visibility Insufficient Logging (->) & Monitoring (<-) Covered
in for OWASP Top 10 Insufficient Attack Protection Book -> Holistic Info-Sec for Web Developers No. 10 Lack of Active Automated Prevention
3. SSM Countermeasures
Lack of Visibility ... Detection works where prevention fails and
detection is of no use without response Bruce Schneier
Lack of Visibility OWASP Top 10 - Insufficient Logging Insufficient
Monitoring A10 Kim's book
WAF App Intrusion Detection & Response Active Automated Prevention Insufficient
Attack Protection
App Intrusion Detection->Prevention is reactive
By being proactive -> SAST, DAST
It's been 8 years now in alpha and releases being
published regularly purpleteam It's time to let someone else take over Pete Nicholls is taking over from me Next Meetup Last Wed of Sep - Pete & Toni - Ask anything panel
binarymist
miu_crescent
oracle4engineer
kniino
yoshidashingo
lmi
ohnoeight
kidooonn
minorun365
kakehashi
yuki_ink
sonatard
keithpitt
scottboms
jnunemaker
kastner
orderedlist
deanohume
chriscoyier
colly
jakevdp
phodgson
marcelosomers
denniskardys
