Application Attack Detection & Response is the title of the one-day hands-on training course I am providing at North America's most important application security conference AppSec USA 2011 in Minneapolis, MN.
I mentioned the course in May and since then have been preparing the course presentations, exercises, team handouts and other supporting materials. This week they are now ready and I have been through a dry-run of the whole day. The course is going to be very participatory. I will be presenting information largely based on the OWASP AppSensor Project, but half of the time will be spent on practical exercises which show how to plan a defensive strategy using application-specific intrusion detection and response.
Through the day the attendees will work in small teams building the specification for application-specific defenses of an example web application, in a tutorial-based approach. The course is technology and programming language-agnostic. In fact there is no code at all, but attendees need to be familiar with web application risks, vulnerabilities and the types of techniques attackers use to identify and exploit weaknesses. The exercises will be paper based but electronic templates will also be provided. The day will culminate in a defense simulation exercise, where the teams will score each other's defensive models against a range of attacks. 12 attacks will be selected at random from a set of pre-built scenarios with the code names:
- Slow Discoverer
- Yadda Yadda Yadda
- Hit & Run
- An Offshore Enquiry
- Scratch 'n' Sniff
- A Visit From A Foreign Gentleman
- Nosey Parker
- Coupon Chaser
- Build Your Own Data Warehouse
- Fraudulent Fingers
- Teen Leaver's Delight
- Blast From The Past
- The Forbidden Scriptures
- Slab Fondler's Folly
- Yet Another Hopeless User
- The Thirteen Problems
- Protect and Survive
You will have to be there to discover what these are all about, but perhaps you can guess some of them?
I believe there are still some places left on the course, so if you want to learn about this topic and leave well-briefed to apply the techniques in your own projects or software specifications, please register as soon as possible. The course begins at 8:30 am. This is the only time this one-day course is being offered in the Americas.
On the following day (21st September), apart from one-day training courses with Robert Zakon and Sumit Siddharth, there will be an AppSensor working session, and ESAPI summit. The conference then runs on the 22nd-23rd September.
Posted on: 23 August 2011 at 07:09 hrs