Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Application Intrusion Detection
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Kim Carter
July 03, 2021
Technology
560
0
Share
Application Intrusion Detection
Kim Carter
July 03, 2021
More Decks by Kim Carter
See All by Kim Carter
owaspnz-chch-meetup-2021-workshop-planning-and-covid
binarymist
0
590
Security Regression Testing on OWASP Zap Node API
binarymist
1
10k
Building purpleteam (a Security Regression Testing SaaS) - From PoC to Alpha
binarymist
0
1.4k
OWASP Quiz Night
binarymist
2
1.3k
The Art of Exploitation
binarymist
2
1.2k
Developing a High Performance Security Focussed Agile Team (2 hr workshop)
binarymist
1
850
OWASP NZ Day 2016
binarymist
0
210
Infectious Media with Rubber Ducky
binarymist
1
630
0wn1ng The Web at www.wdcnz.com
binarymist
2
1.9k
Other Decks in Technology
See All in Technology
freee-mcpを Local→Remote で出してわかった MCP認可実装のリアル
terara
3
890
JJUG CCC 2026 Spring AI時代の開発こそ標準化を武器に! ― 方式・プロセス・プラットフォームの標準化
s27watanabe
2
540
Javaコミュニティをもっと楽しむための9箇条
takasyou
0
320
エンジニアは生成AIと どのように向き合うべきか? ことばの意味という観点から
verypluming
3
270
「使われるデータ基盤」を目指してデータアナリストとワークショップをやった話
jackojacko_
2
910
Spring AI × MCP 入門〜AIエージェントへのツール公開、境界設計から始める最小構成 〜
yuyamiyamoto
0
150
OpenID Connectによるサービス間連携
takesection
0
130
RubyでRuby拡張を書いたらRubyより35倍速になったってどういうこと??
kazuho
3
660
Sony_KMP_Journey_KotlinConf2026
sony
0
130
Java正規表現エンジン(NFA)の仕組みと パフォーマンスを維持するための最適化手法
takeuchi_132917
0
130
Datadog 認定試験の概要と対策
uechishingo
0
120
layerx-fde-practices
cipepser
6
2.8k
Featured
See All Featured
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
32
3.2k
Prompt Engineering for Job Search
mfonobong
0
320
How to Ace a Technical Interview
jacobian
281
24k
ラッコキーワード サービス紹介資料
rakko
1
3.4M
HU Berlin: Industrial-Strength Natural Language Processing with spaCy and Prodigy
inesmontani
PRO
0
390
Optimizing for Happiness
mojombo
378
71k
How To Stay Up To Date on Web Technology
chriscoyier
790
250k
VelocityConf: Rendering Performance Case Studies
addyosmani
333
25k
Max Prin - Stacking Signals: How International SEO Comes Together (And Falls Apart)
techseoconnect
PRO
0
170
Java REST API Framework Comparison - PWX 2021
mraible
34
9.3k
Docker and Python
trallard
47
3.8k
Why Our Code Smells
bkeepers
PRO
340
58k
Transcript
COMMUNITY TOPICS Welcome InfoSecNZ Slack, OWASP Slack Anything else people
want to mention? Tonights talk (Chris - Incident Response), (Me - Application Intrusion Detection)
APPLICATION INTRUSION DETECTION
HIDS, NIDS, AIDS?
1. Asset Identification 2. Identify Risks 3. Countermeasures 4. Risks
that Solution Causes 5. Costs and Trade-offs
1. SSM Asset Identification
2. SSM Identify Risks
Lack of Visibility Insufficient Logging (->) & Monitoring (<-) Covered
in for OWASP Top 10 Insufficient Attack Protection Book -> Holistic Info-Sec for Web Developers No. 10 Lack of Active Automated Prevention
3. SSM Countermeasures
Lack of Visibility ... Detection works where prevention fails and
detection is of no use without response Bruce Schneier
Lack of Visibility OWASP Top 10 - Insufficient Logging Insufficient
Monitoring A10 Kim's book
WAF App Intrusion Detection & Response Active Automated Prevention Insufficient
Attack Protection
App Intrusion Detection->Prevention is reactive
By being proactive -> SAST, DAST
It's been 8 years now in alpha and releases being
published regularly purpleteam It's time to let someone else take over Pete Nicholls is taking over from me Next Meetup Last Wed of Sep - Pete & Toni - Ask anything panel
binarymist
terara
s27watanabe
takasyou
verypluming
jackojacko_
yuyamiyamoto
takesection
kazuho
sony
takeuchi_132917
uechishingo
cipepser
garrettdimon
mfonobong
jacobian
rakko
inesmontani
mojombo
chriscoyier
addyosmani
techseoconnect
mraible
trallard
bkeepers
