Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Application Intrusion Detection
Search
Kim Carter
July 03, 2021
Technology
0
350
Application Intrusion Detection
Kim Carter
July 03, 2021
Tweet
Share
More Decks by Kim Carter
See All by Kim Carter
owaspnz-chch-meetup-2021-workshop-planning-and-covid
binarymist
0
380
Security Regression Testing on OWASP Zap Node API
binarymist
1
8.7k
Building purpleteam (a Security Regression Testing SaaS) - From PoC to Alpha
binarymist
0
1k
OWASP Quiz Night
binarymist
2
1k
The Art of Exploitation
binarymist
1
980
Developing a High Performance Security Focussed Agile Team (2 hr workshop)
binarymist
1
650
OWASP NZ Day 2016
binarymist
0
130
Infectious Media with Rubber Ducky
binarymist
1
390
0wn1ng The Web at www.wdcnz.com
binarymist
2
1.5k
Other Decks in Technology
See All in Technology
オーナーシップを持つ領域を明確にする
konifar
11
2.2k
SREとその組織類型
tatsuo48
8
1.5k
Databricks におけるデータエンジニアリング
databricksjapan
0
370
プロトタイピングによる不確実性の低減 / Reducing Uncertainty through Prototyping
ohbarye
3
230
オブザーバビリティの Primary Signals
onk
PRO
0
540
AWS を使う上で知っておきたいオンプレミス知識/aws-on-premise-essentials
emiki
1
4.2k
長期運用プロジェクトでのMySQLからTiDB移行の検証
colopl
2
650
Discord とビルダー&チャットボットの使い方 / How to use Discord and Builder & Chatbots
ks91
PRO
0
130
A (short) History of AI
harishpillay
0
110
「共通基盤」を超えよ! 今、Platform Engineeringに取り組むべき理由
jacopen
25
5.8k
Postman v10リリース後を振り返る
nagix
0
130
PHPカンファレンス小田原2024
ysknsid25
3
660
Featured
See All Featured
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
9
8.3k
5 minutes of I Can Smell Your CMS
philhawksworth
199
19k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
20
1.6k
How To Stay Up To Date on Web Technology
chriscoyier
782
250k
Thoughts on Productivity
jonyablonski
57
3.8k
Agile that works and the tools we love
rasmusluckow
324
20k
Being A Developer After 40
akosma
56
580k
ParisWeb 2013: Learning to Love: Crash Course in Emotional UX Design
dotmariusz
104
6.6k
Keith and Marios Guide to Fast Websites
keithpitt
408
22k
Building Adaptive Systems
keathley
30
1.8k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
18
1.7k
GraphQLの誤解/rethinking-graphql
sonatard
50
9.2k
Transcript
COMMUNITY TOPICS Welcome InfoSecNZ Slack, OWASP Slack Anything else people
want to mention? Tonights talk (Chris - Incident Response), (Me - Application Intrusion Detection)
APPLICATION INTRUSION DETECTION
HIDS, NIDS, AIDS?
1. Asset Identification 2. Identify Risks 3. Countermeasures 4. Risks
that Solution Causes 5. Costs and Trade-offs
1. SSM Asset Identification
2. SSM Identify Risks
Lack of Visibility Insufficient Logging (->) & Monitoring (<-) Covered
in for OWASP Top 10 Insufficient Attack Protection Book -> Holistic Info-Sec for Web Developers No. 10 Lack of Active Automated Prevention
3. SSM Countermeasures
Lack of Visibility ... Detection works where prevention fails and
detection is of no use without response Bruce Schneier
Lack of Visibility OWASP Top 10 - Insufficient Logging Insufficient
Monitoring A10 Kim's book
WAF App Intrusion Detection & Response Active Automated Prevention Insufficient
Attack Protection
App Intrusion Detection->Prevention is reactive
By being proactive -> SAST, DAST
It's been 8 years now in alpha and releases being
published regularly purpleteam It's time to let someone else take over Pete Nicholls is taking over from me Next Meetup Last Wed of Sep - Pete & Toni - Ask anything panel