Application Intrusion Detection

July 03, 2021

510

Application Intrusion Detection

Kim Carter

July 03, 2021

Tweet

More Decks by Kim Carter

See All by Kim Carter

owaspnz-chch-meetup-2021-workshop-planning-and-covid

0

550

Security Regression Testing on OWASP Zap Node API

1

10k

Building purpleteam (a Security Regression Testing SaaS) - From PoC to Alpha

0

1.3k

OWASP Quiz Night

2

1.2k

The Art of Exploitation

2

1.2k

Developing a High Performance Security Focussed Agile Team (2 hr workshop)

1

800

OWASP NZ Day 2016

0

190

Infectious Media with Rubber Ducky

1

590

0wn1ng The Web at www.wdcnz.com

2

1.9k

Other Decks in Technology

See All in Technology

セマンティックHTMLによるアクセシビリティ品質向上の基礎

PRO

0

110

Progressive Deliveryで支える！スケールする衛星コンステレーションの地上システム運用 / Ground Station Operation for Scalable Satellite Constellation by Progressive Delivery

1

190

アジャイル社内普及ご近所さんマップを作ろう / Let's create an agile neighborhood map

1

130

持続可能なアクセシビリティ開発

4

200

ステートレスなLLMでステートフルなAI agentを作る - YAPC::Fukuoka 2025

8

1.3k

"おまじない"はもう卒業！デバッガで探るSpring Bootの裏側と「学び方」の学び方

takeuchi_132917

0

180

重厚長大企業で、顧客価値をスケールさせるためのプロダクトづくりとプロダクト開発チームづくりの裏側 / Developers X Summit 2025

0

140

旧から新へ: 大規模ウェブクローラの Perl から Go への移行 / YAPC::Fukuoka 2025

3

970

なぜインフラコードのモジュール化は難しいのか - アプリケーションコードとの本質的な違いから考える

55

18k

Amazon ECS デプロイツール ecspresso の開発を支える「正しい抽象化」の探求 / YAPC::Fukuoka 2025

13

3.8k

[mercari GEARS 2025] なぜメルカリはノーコードを選ばなかったのか？社内問い合わせ工数を60％削減したLLM活用の裏側

PRO

0

130

Quarkusで作るInteractive Stream Application

0

150

Featured

See All Featured

実際に使うSQLの書き方徹底解説 / pgcon21j-tutorial

PRO

192

56k

[RailsConf 2023] Rails as a piece of cake

57

6.1k

Principles of Awesome APIs and How to Build Them.

127

17k

Save Time (by Creating Custom Rails Generators)

PRO

33

1.8k

Code Review Best Practice

72

19k

The Art of Delivering Value - GDevCon NA Keynote

16

1.8k

Docker and Python

46

3.6k

Faster Mobile Websites

310

31k

Design and Strategy: How to Deal with People Who Don’t "Get" Design

132

19k

What's in a price? How to price your products and services

246

12k

Documentation Writing (for coders)

76

5.1k

Chrome DevTools: State of the Union 2024 - Debugging React & Beyond

9

980

Transcript

COMMUNITY TOPICS Welcome InfoSecNZ Slack, OWASP Slack Anything else people
want to mention? Tonights talk (Chris - Incident Response), (Me - Application Intrusion Detection) 
APPLICATION INTRUSION DETECTION 
HIDS, NIDS, AIDS? 
1. Asset Identification 2. Identify Risks 3. Countermeasures 4. Risks
that Solution Causes 5. Costs and Trade-offs 
1. SSM Asset Identification 
2. SSM Identify Risks 
Lack of Visibility Insufficient Logging (->) & Monitoring (<-) Covered
in for OWASP Top 10 Insufficient Attack Protection Book -> Holistic Info-Sec for Web Developers No. 10 Lack of Active Automated Prevention 
3. SSM Countermeasures 
Lack of Visibility ... Detection works where prevention fails and
detection is of no use without response Bruce Schneier 
Lack of Visibility OWASP Top 10 - Insufficient Logging Insufficient
Monitoring A10 Kim's book 
WAF App Intrusion Detection & Response Active Automated Prevention Insufficient
Attack Protection 
App Intrusion Detection->Prevention is reactive 
By being proactive -> SAST, DAST 
It's been 8 years now in alpha and releases being
published regularly purpleteam It's time to let someone else take over Pete Nicholls is taking over from me Next Meetup Last Wed of Sep - Pete & Toni - Ask anything panel 