Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Application Intrusion Detection
Search
Kim Carter
July 03, 2021
Technology
0
380
Application Intrusion Detection
Kim Carter
July 03, 2021
Tweet
Share
More Decks by Kim Carter
See All by Kim Carter
owaspnz-chch-meetup-2021-workshop-planning-and-covid
binarymist
0
420
Security Regression Testing on OWASP Zap Node API
binarymist
1
9k
Building purpleteam (a Security Regression Testing SaaS) - From PoC to Alpha
binarymist
0
1.1k
OWASP Quiz Night
binarymist
2
1.1k
The Art of Exploitation
binarymist
1
1k
Developing a High Performance Security Focussed Agile Team (2 hr workshop)
binarymist
1
700
OWASP NZ Day 2016
binarymist
0
140
Infectious Media with Rubber Ducky
binarymist
1
440
0wn1ng The Web at www.wdcnz.com
binarymist
2
1.6k
Other Decks in Technology
See All in Technology
ペパボのオブザーバビリティ研修2024 説明資料
kesompochy
0
1.1k
大規模ドラレコデータ収集・機械学習基盤を支える AWS CDK 〜導入・運用事例紹介〜
pemugi
0
110
シフトレフトで挑む セキュリティの生産性向上
sekido
PRO
0
270
サービスの持続的な成長と技術負債について
siva_official
PRO
10
4.4k
テストケースの自動生成に生成AIの導入を試みた話と生成AIによる今後の期待
shift_evolve
0
180
データ分析基盤を作ってみよう~設計編~
nrinetcom
PRO
1
110
Azure AI ことはじめ
tsubakimoto_s
0
130
成長期に歩みを止めないための創業期の開発文化形成
mayah
6
420
CEL(Common Expression Language)で書いた条件にマッチしたIAM Policyを見つける / iam-policy-finder
fujiwara3
0
710
What if...? 처음부터 다시 LLM 어플리케이션을 개발한다면
huffon
0
1k
MySQLのロックの種類とその競合
yoku0825
6
1.6k
Luupの開発組織におけるインシデントマネジメントの変遷 ver.RoadtoSRENEXT2024
grimoh
1
270
Featured
See All Featured
BBQ
matthewcrist
82
9k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
78
15k
Gamification - CAS2011
davidbonilla
78
4.9k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
155
14k
Imperfection Machines: The Place of Print at Facebook
scottboms
262
13k
10 Git Anti Patterns You Should be Aware of
lemiorhan
652
58k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
16
1.6k
Building Effective Engineering Teams - LeadDev
addyosmani
47
2.2k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
12
3.8k
Music & Morning Musume
bryan
43
5.9k
Building Better People: How to give real-time feedback that sticks.
wjessup
357
18k
It's Worth the Effort
3n
181
27k
Transcript
COMMUNITY TOPICS Welcome InfoSecNZ Slack, OWASP Slack Anything else people
want to mention? Tonights talk (Chris - Incident Response), (Me - Application Intrusion Detection)
APPLICATION INTRUSION DETECTION
HIDS, NIDS, AIDS?
1. Asset Identification 2. Identify Risks 3. Countermeasures 4. Risks
that Solution Causes 5. Costs and Trade-offs
1. SSM Asset Identification
2. SSM Identify Risks
Lack of Visibility Insufficient Logging (->) & Monitoring (<-) Covered
in for OWASP Top 10 Insufficient Attack Protection Book -> Holistic Info-Sec for Web Developers No. 10 Lack of Active Automated Prevention
3. SSM Countermeasures
Lack of Visibility ... Detection works where prevention fails and
detection is of no use without response Bruce Schneier
Lack of Visibility OWASP Top 10 - Insufficient Logging Insufficient
Monitoring A10 Kim's book
WAF App Intrusion Detection & Response Active Automated Prevention Insufficient
Attack Protection
App Intrusion Detection->Prevention is reactive
By being proactive -> SAST, DAST
It's been 8 years now in alpha and releases being
published regularly purpleteam It's time to let someone else take over Pete Nicholls is taking over from me Next Meetup Last Wed of Sep - Pete & Toni - Ask anything panel