Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Application Intrusion Detection
Search
Kim Carter
July 03, 2021
Technology
0
440
Application Intrusion Detection
Kim Carter
July 03, 2021
Tweet
Share
More Decks by Kim Carter
See All by Kim Carter
owaspnz-chch-meetup-2021-workshop-planning-and-covid
binarymist
0
490
Security Regression Testing on OWASP Zap Node API
binarymist
1
9.6k
Building purpleteam (a Security Regression Testing SaaS) - From PoC to Alpha
binarymist
0
1.2k
OWASP Quiz Night
binarymist
2
1.2k
The Art of Exploitation
binarymist
2
1.1k
Developing a High Performance Security Focussed Agile Team (2 hr workshop)
binarymist
1
750
OWASP NZ Day 2016
binarymist
0
160
Infectious Media with Rubber Ducky
binarymist
1
530
0wn1ng The Web at www.wdcnz.com
binarymist
2
1.8k
Other Decks in Technology
See All in Technology
[2025-02-07]生成AIで変える問い合わせの未来 〜チームグローバル化の香りを添えて〜
tosite
1
180
プロダクト価値を引き上げる、「課題の再定義」という習慣
moeka__c
0
220
Next Step: Play Time!
trishagee
2
120
地方企業がクラウドを活用するヒント
miu_crescent
PRO
1
120
Active Directory の保護
eurekaberry
6
3.4k
個人開発発表 LT - Shinjuku.rb #97
kozy4324
0
110
教師なし学習の基礎
kanojikajino
4
380
SCSAから学ぶセキュリティ管理
masakamayama
0
130
もし今からGraphQLを採用するなら
kazukihayase
9
4.5k
マルチデータプロダクト開発・運用に耐えるためのデータ組織・アーキテクチャの遷移
mtpooh
1
370
High Performance PHP
cmuench
0
120
[JAWS-UG栃木]地方だからできたクラウドネイティブ事例大公開! / jawsug_tochigi_tachibana
biatunky
0
200
Featured
See All Featured
The Pragmatic Product Professional
lauravandoore
32
6.4k
The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024
eileencodes
20
2.4k
How to Think Like a Performance Engineer
csswizardry
22
1.3k
Art, The Web, and Tiny UX
lynnandtonic
298
20k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
27
1.5k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
47
5.2k
Code Reviewing Like a Champion
maltzj
521
39k
How to train your dragon (web standard)
notwaldorf
90
5.8k
How to Ace a Technical Interview
jacobian
276
23k
Building Adaptive Systems
keathley
39
2.4k
We Have a Design System, Now What?
morganepeng
51
7.4k
Navigating Team Friction
lara
183
15k
Transcript
COMMUNITY TOPICS Welcome InfoSecNZ Slack, OWASP Slack Anything else people
want to mention? Tonights talk (Chris - Incident Response), (Me - Application Intrusion Detection)
APPLICATION INTRUSION DETECTION
HIDS, NIDS, AIDS?
1. Asset Identification 2. Identify Risks 3. Countermeasures 4. Risks
that Solution Causes 5. Costs and Trade-offs
1. SSM Asset Identification
2. SSM Identify Risks
Lack of Visibility Insufficient Logging (->) & Monitoring (<-) Covered
in for OWASP Top 10 Insufficient Attack Protection Book -> Holistic Info-Sec for Web Developers No. 10 Lack of Active Automated Prevention
3. SSM Countermeasures
Lack of Visibility ... Detection works where prevention fails and
detection is of no use without response Bruce Schneier
Lack of Visibility OWASP Top 10 - Insufficient Logging Insufficient
Monitoring A10 Kim's book
WAF App Intrusion Detection & Response Active Automated Prevention Insufficient
Attack Protection
App Intrusion Detection->Prevention is reactive
By being proactive -> SAST, DAST
It's been 8 years now in alpha and releases being
published regularly purpleteam It's time to let someone else take over Pete Nicholls is taking over from me Next Meetup Last Wed of Sep - Pete & Toni - Ask anything panel