Application Intrusion Detection
Fed up with false positives when trying to detect malicious users with network intrusion detection systems (IDS)? Application intrusion detection is the way to go.
Like an advanced robot, applications can build in security protection, detection and response.
Next Thursday 15th July 2010, I will be presenting "Real Time Application Attack Detection and Response" at the next OWASP meeting in London. Like all OWASP chapter meetings, the event is free but prior registration is required.
I will talk about how advanced attackers probe and try to exploit applications, how some common defences against these attacks are of no use, and why we need to use protection that:
- understands the application
- understands normal vs. suspicious use
- can identify and shut down attackers in real time.
Is this possible? Yes. AppSensor specifies how application-based detection points can be used to stop attackers. I will also describe how project leader Michael Coates has demonstrated how real web sites can deploy such measures in practice to protect an application against automated scanners, advanced attackers and build in protection against application worms.
Arrive from 17:30 hrs since the talks start promptly at 18:00. Hope to see you there.
Posted on: 09 July 2010 at 10:50 hrs
Comments are filtered automatically and should appear shortly after they been checked.