Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Application Intrusion Detection
Search
Sponsored
·
Your Podcast. Everywhere. Effortlessly.
Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
→
Kim Carter
July 03, 2021
Technology
0
530
Application Intrusion Detection
Kim Carter
July 03, 2021
Tweet
Share
More Decks by Kim Carter
See All by Kim Carter
owaspnz-chch-meetup-2021-workshop-planning-and-covid
binarymist
0
580
Security Regression Testing on OWASP Zap Node API
binarymist
1
10k
Building purpleteam (a Security Regression Testing SaaS) - From PoC to Alpha
binarymist
0
1.4k
OWASP Quiz Night
binarymist
2
1.3k
The Art of Exploitation
binarymist
2
1.2k
Developing a High Performance Security Focussed Agile Team (2 hr workshop)
binarymist
1
820
OWASP NZ Day 2016
binarymist
0
200
Infectious Media with Rubber Ducky
binarymist
1
610
0wn1ng The Web at www.wdcnz.com
binarymist
2
1.9k
Other Decks in Technology
See All in Technology
フロントエンド刷新 4年間の軌跡
yotahada3
0
500
OCHaCafe S11 #2 コンテナ時代の次の一手:Wasm 最前線
oracle4engineer
PRO
2
150
The_Evolution_of_Bits_AI_SRE.pdf
nulabinc
PRO
0
240
Zero Data Loss Autonomous Recovery Service サービス概要
oracle4engineer
PRO
2
13k
AI実装による「レビューボトルネック」を解消する仕様駆動開発(SDD)/ ai-sdd-review-bottleneck
rakus_dev
0
160
VPCエンドポイント意外とお金かかるなぁ。せや、共有したろ!
tommy0124
1
700
Yahoo!ショッピングのレコメンデーション・システムにおけるML実践の一例
lycorptech_jp
PRO
1
230
OpenClaw を Amazon Lightsail で動かす理由
uechishingo
0
200
猫でもわかるKiro CLI(AI 駆動開発への道編)
kentapapa
0
270
Go 1.26 Genericsにおける再帰的型制約 / Recursive Type Constraints in Go 1.26 Generics
ryokotmng
0
130
頼れる Agentic AI を支える Datadog のオブザーバビリティ / Powering Reliable Agentic AI with Datadog Observability
aoto
PRO
0
210
Windows ファイル共有(SMB)を再確認する
murachiakira
PRO
0
180
Featured
See All Featured
Why You Should Never Use an ORM
jnunemaker
PRO
61
9.8k
DBのスキルで生き残る技術 - AI時代におけるテーブル設計の勘所
soudai
PRO
64
52k
Amusing Abliteration
ianozsvald
0
140
GraphQLの誤解/rethinking-graphql
sonatard
75
11k
30 Presentation Tips
portentint
PRO
1
260
Leading Effective Engineering Teams in the AI Era
addyosmani
9
1.7k
The Power of CSS Pseudo Elements
geoffreycrofte
82
6.2k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
333
22k
How to Get Subject Matter Experts Bought In and Actively Contributing to SEO & PR Initiatives.
livdayseo
0
85
SEO in 2025: How to Prepare for the Future of Search
ipullrank
3
3.4k
The Limits of Empathy - UXLibs8
cassininazir
1
270
職位にかかわらず全員がリーダーシップを発揮するチーム作り / Building a team where everyone can demonstrate leadership regardless of position
madoxten
62
52k
Transcript
COMMUNITY TOPICS Welcome InfoSecNZ Slack, OWASP Slack Anything else people
want to mention? Tonights talk (Chris - Incident Response), (Me - Application Intrusion Detection)
APPLICATION INTRUSION DETECTION
HIDS, NIDS, AIDS?
1. Asset Identification 2. Identify Risks 3. Countermeasures 4. Risks
that Solution Causes 5. Costs and Trade-offs
1. SSM Asset Identification
2. SSM Identify Risks
Lack of Visibility Insufficient Logging (->) & Monitoring (<-) Covered
in for OWASP Top 10 Insufficient Attack Protection Book -> Holistic Info-Sec for Web Developers No. 10 Lack of Active Automated Prevention
3. SSM Countermeasures
Lack of Visibility ... Detection works where prevention fails and
detection is of no use without response Bruce Schneier
Lack of Visibility OWASP Top 10 - Insufficient Logging Insufficient
Monitoring A10 Kim's book
WAF App Intrusion Detection & Response Active Automated Prevention Insufficient
Attack Protection
App Intrusion Detection->Prevention is reactive
By being proactive -> SAST, DAST
It's been 8 years now in alpha and releases being
published regularly purpleteam It's time to let someone else take over Pete Nicholls is taking over from me Next Meetup Last Wed of Sep - Pete & Toni - Ask anything panel
binarymist
yotahada3
oracle4engineer
nulabinc
rakus_dev
tommy0124
lycorptech_jp
uechishingo
kentapapa
ryokotmng
aoto
murachiakira
jnunemaker
soudai
ianozsvald
sonatard
portentint
addyosmani
geoffreycrofte
caitiem20
livdayseo
ipullrank
cassininazir
madoxten
