Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Application Intrusion Detection
Search
Kim Carter
July 03, 2021
Technology
0
520
Application Intrusion Detection
Kim Carter
July 03, 2021
Tweet
Share
More Decks by Kim Carter
See All by Kim Carter
owaspnz-chch-meetup-2021-workshop-planning-and-covid
binarymist
0
570
Security Regression Testing on OWASP Zap Node API
binarymist
1
10k
Building purpleteam (a Security Regression Testing SaaS) - From PoC to Alpha
binarymist
0
1.4k
OWASP Quiz Night
binarymist
2
1.2k
The Art of Exploitation
binarymist
2
1.2k
Developing a High Performance Security Focussed Agile Team (2 hr workshop)
binarymist
1
810
OWASP NZ Day 2016
binarymist
0
200
Infectious Media with Rubber Ducky
binarymist
1
600
0wn1ng The Web at www.wdcnz.com
binarymist
2
1.9k
Other Decks in Technology
See All in Technology
自己管理型チームと個人のセルフマネジメント 〜モチベーション編〜
kakehashi
PRO
5
3.1k
ALB「証明書上限問題」からの脱却
nishiokashinji
0
210
Oracle Database@AWS:サービス概要のご紹介
oracle4engineer
PRO
2
920
新米スクラムマスターの4ヶ月 -「スクラムイベントを回しているのに手応えがない」からの脱出 / Four Months as a New Scrum Master — When Scrum Events Were Running, but Nothing Felt Right
owata
0
170
「違う現場で格闘する二人」——社内コミュニティがつないだトヨタ流アジャイルの実践とその先
shinichitakeuchi
0
450
Introduction to Bill One Development Engineer
sansan33
PRO
0
350
kintone開発のプラットフォームエンジニアの紹介
cybozuinsideout
PRO
0
540
歴史から学ぶ、Goのメモリ管理基礎
logica0419
14
2.8k
モノタロウ x クリエーションラインで実現する チームトポロジーにおける プラットフォームチーム・ ストリームアラインドチームの 効果的なコラボレーション
creationline
0
950
Databricks Free Editionで始めるLakeflow SDP
taka_aki
0
120
First-Principles-of-Scrum
hiranabe
4
2.3k
CQRS/ESになぜアクターモデルが必要なのか
j5ik2o
0
1.2k
Featured
See All Featured
JAMstack: Web Apps at Ludicrous Speed - All Things Open 2022
reverentgeek
1
300
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
359
30k
brightonSEO & MeasureFest 2025 - Christian Goodrich - Winning strategies for Black Friday CRO & PPC
cargoodrich
2
81
Documentation Writing (for coders)
carmenintech
77
5.2k
Avoiding the “Bad Training, Faster” Trap in the Age of AI
tmiket
0
52
Evolving SEO for Evolving Search Engines
ryanjones
0
99
Marketing Yourself as an Engineer | Alaka | Gurzu
gurzu
0
110
Collaborative Software Design: How to facilitate domain modelling decisions
baasie
0
120
16th Malabo Montpellier Forum Presentation
akademiya2063
PRO
0
40
Sam Torres - BigQuery for SEOs
techseoconnect
PRO
0
170
Building Adaptive Systems
keathley
44
2.9k
Product Roadmaps are Hard
iamctodd
PRO
55
12k
Transcript
COMMUNITY TOPICS Welcome InfoSecNZ Slack, OWASP Slack Anything else people
want to mention? Tonights talk (Chris - Incident Response), (Me - Application Intrusion Detection)
APPLICATION INTRUSION DETECTION
HIDS, NIDS, AIDS?
1. Asset Identification 2. Identify Risks 3. Countermeasures 4. Risks
that Solution Causes 5. Costs and Trade-offs
1. SSM Asset Identification
2. SSM Identify Risks
Lack of Visibility Insufficient Logging (->) & Monitoring (<-) Covered
in for OWASP Top 10 Insufficient Attack Protection Book -> Holistic Info-Sec for Web Developers No. 10 Lack of Active Automated Prevention
3. SSM Countermeasures
Lack of Visibility ... Detection works where prevention fails and
detection is of no use without response Bruce Schneier
Lack of Visibility OWASP Top 10 - Insufficient Logging Insufficient
Monitoring A10 Kim's book
WAF App Intrusion Detection & Response Active Automated Prevention Insufficient
Attack Protection
App Intrusion Detection->Prevention is reactive
By being proactive -> SAST, DAST
It's been 8 years now in alpha and releases being
published regularly purpleteam It's time to let someone else take over Pete Nicholls is taking over from me Next Meetup Last Wed of Sep - Pete & Toni - Ask anything panel
binarymist
kakehashi
nishiokashinji
oracle4engineer
owata
shinichitakeuchi
sansan33
cybozuinsideout
logica0419
creationline
taka_aki
hiranabe
j5ik2o
reverentgeek
bermonpainter
cargoodrich
carmenintech
tmiket
ryanjones
gurzu
baasie
akademiya2063
techseoconnect
keathley
iamctodd
