Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Application Intrusion Detection
Search
Kim Carter
July 03, 2021
Technology
0
530
Application Intrusion Detection
Kim Carter
July 03, 2021
Tweet
Share
More Decks by Kim Carter
See All by Kim Carter
owaspnz-chch-meetup-2021-workshop-planning-and-covid
binarymist
0
570
Security Regression Testing on OWASP Zap Node API
binarymist
1
10k
Building purpleteam (a Security Regression Testing SaaS) - From PoC to Alpha
binarymist
0
1.4k
OWASP Quiz Night
binarymist
2
1.3k
The Art of Exploitation
binarymist
2
1.2k
Developing a High Performance Security Focussed Agile Team (2 hr workshop)
binarymist
1
820
OWASP NZ Day 2016
binarymist
0
200
Infectious Media with Rubber Ducky
binarymist
1
610
0wn1ng The Web at www.wdcnz.com
binarymist
2
1.9k
Other Decks in Technology
See All in Technology
2026-02-25 Tokyo dbt meetup プロダクトと融合したCI/CD で実現する、堅牢なデータパイプラインの作り方
y_ken
0
150
フルカイテン株式会社 エンジニア向け採用資料
fullkaiten
0
10k
Agentic Codingの実践とチームで導入するための工夫
lycorptech_jp
PRO
0
200
OCI技術資料 : 外部接続 VPN接続 詳細
ocise
1
10k
【Developers Summit 2026】Memory Is All You Need:コンテキストの「最適化」から「継続性」へ ~RAGを進化させるメモリエンジニアリングの最前線~
shisyu_gaku
5
830
Introduction to Bill One Development Engineer
sansan33
PRO
0
380
primeNumber DATA MANAGEMENT CAMP #2:
masatoshi0205
1
630
AI Agentにおける評価指標とAgent GPA
tsho
1
240
Contract One Engineering Unit 紹介資料
sansan33
PRO
0
14k
LY Tableauでの Tableau x AIの実践 (at Tableau Now! - 2026-02-26)
yoshitakaarakawa
0
960
なぜAIは組織を速くしないのか 令和の腑分け
sugino
80
50k
インシデント対応入門
grimoh
7
5.5k
Featured
See All Featured
How to Align SEO within the Product Triangle To Get Buy-In & Support - #RIMC
aleyda
1
1.4k
What the history of the web can teach us about the future of AI
inesmontani
PRO
1
450
Fireside Chat
paigeccino
41
3.8k
How to build a perfect <img>
jonoalderson
1
5.2k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
231
22k
The State of eCommerce SEO: How to Win in Today's Products SERPs - #SEOweek
aleyda
2
9.7k
Everyday Curiosity
cassininazir
0
150
職位にかかわらず全員がリーダーシップを発揮するチーム作り / Building a team where everyone can demonstrate leadership regardless of position
madoxten
59
50k
Ecommerce SEO: The Keys for Success Now & Beyond - #SERPConf2024
aleyda
1
1.8k
The Hidden Cost of Media on the Web [PixelPalooza 2025]
tammyeverts
2
230
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
122
21k
How STYLIGHT went responsive
nonsquared
100
6k
Transcript
COMMUNITY TOPICS Welcome InfoSecNZ Slack, OWASP Slack Anything else people
want to mention? Tonights talk (Chris - Incident Response), (Me - Application Intrusion Detection)
APPLICATION INTRUSION DETECTION
HIDS, NIDS, AIDS?
1. Asset Identification 2. Identify Risks 3. Countermeasures 4. Risks
that Solution Causes 5. Costs and Trade-offs
1. SSM Asset Identification
2. SSM Identify Risks
Lack of Visibility Insufficient Logging (->) & Monitoring (<-) Covered
in for OWASP Top 10 Insufficient Attack Protection Book -> Holistic Info-Sec for Web Developers No. 10 Lack of Active Automated Prevention
3. SSM Countermeasures
Lack of Visibility ... Detection works where prevention fails and
detection is of no use without response Bruce Schneier
Lack of Visibility OWASP Top 10 - Insufficient Logging Insufficient
Monitoring A10 Kim's book
WAF App Intrusion Detection & Response Active Automated Prevention Insufficient
Attack Protection
App Intrusion Detection->Prevention is reactive
By being proactive -> SAST, DAST
It's been 8 years now in alpha and releases being
published regularly purpleteam It's time to let someone else take over Pete Nicholls is taking over from me Next Meetup Last Wed of Sep - Pete & Toni - Ask anything panel
binarymist
y_ken
fullkaiten
lycorptech_jp
ocise
shisyu_gaku
sansan33
masatoshi0205
tsho
yoshitakaarakawa
sugino
grimoh
aleyda
inesmontani
paigeccino
jonoalderson
danielanewman
cassininazir
madoxten
tammyeverts
panda_program
nonsquared
