Cyber Security and Application Defence

October 2010 is the (US) National Cybersecurity Awareness Month but cyber security is also a topical subject in the current news coverage about data theft overtaking physical property losses, identity fraud in the UK and spending priorities in the UK's defence budget and the National Security Strategy: A Strong Britain in an Age of Uncertainty released yesterday by the Cabinet Office.

Intrusion detection and prevention systems are an important complementary aspect to secure development processes. As previously mentioned, in a couple of weeks time I will be speaking about how to implement application attack detection and response using OWASP AppSensor at AppSec Washington DC 2010. When I presented an introduction to AppSensor at the June event of OWASP Leeds/North in Newcastle-upon-Tyne, the subject of how to choose detection points, implement them in an application and configure responses was asked. In Washington, I will be providing a methodology and tools to assist with these tasks.

AppSensor's techniques are useful tools in the armoury for the protection of software and data assets, and have the advantage over conventional network and host intrusion detection systems of having full knowledge about the business logic and an extremely low false positive rate. AppSensor aims to protect the application, the users and user & business data. AppSensor doesn't care about the identity of who is attacking, when they are going to attack or where they are coming from. It is an impartial guard waiting to act.

Building defences into applications in this manner makes sense for systems relating to critical national infrastructure and for business applications organisations which are crucial to operational processes.