This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Project Information:template AppSensor Project"
(2 intermediate revisions by 2 users not shown) | |||
Line 19: | Line 19: | ||
'''Detection''' | '''Detection''' | ||
− | AppSensor defines | + | AppSensor defines over 50 different [http://www.owasp.org/index.php/AppSensor_DetectionPoints detection points] which can be used to identify a malicious attacker. |
'''Response''' | '''Response''' | ||
− | AppSensor provides guidance on how to | + | AppSensor provides guidance on how to respond once a malicious attacker has been identified. Possible actions include: logging out the user, locking the account or notifying an administrator. More than a dozen [http://www.owasp.org/index.php/AppSensor_ResponseActions response actions] are described. |
'''Defending the Application''' | '''Defending the Application''' | ||
Line 32: | Line 32: | ||
| style="width:15%; background:#7B8ABD" align="center"|'''Project key Information''' | | style="width:15%; background:#7B8ABD" align="center"|'''Project key Information''' | ||
| style="width:14%; background:#cccccc" align="center"|Project Leaders: | | style="width:14%; background:#cccccc" align="center"|Project Leaders: | ||
− | [[User:MichaelCoates|'''Michael Coates''']]<br>John Melton<br>Colin Watson | + | [[User:MichaelCoates|'''Michael Coates''']]<br>John Melton<br>Colin Watson<br>Dennis Groves |
| style="width:15%; background:#cccccc" align="center"|Project Contributors: | | style="width:15%; background:#cccccc" align="center"|Project Contributors: | ||
Ryan Barnett | Ryan Barnett | ||
<br>Simon Bennetts | <br>Simon Bennetts | ||
<br>August Detlefsen | <br>August Detlefsen | ||
+ | <br>Dennis Groves | ||
<br>Randy Janida | <br>Randy Janida | ||
<br>Jim Manico | <br>Jim Manico | ||
Line 65: | Line 66: | ||
* '''Live Demo:''' [http://www.youtube.com/watch?v=8ItfuwvLxRk Video] | * '''Live Demo:''' [http://www.youtube.com/watch?v=8ItfuwvLxRk Video] | ||
* '''AppSensor Code:''' [http://code.google.com/p/appsensor/ Google Code] | * '''AppSensor Code:''' [http://code.google.com/p/appsensor/ Google Code] | ||
+ | * '''External References/Links:''' | ||
+ | ** [https://buildsecurityin.us-cert.gov/swa/topics/resilient-software/ DHS Building Resilient Software] | ||
+ | ** [https://buildsecurityin.us-cert.gov/swa/resources DHS Software Assurance Resources] | ||
+ | ** [http://www.crosstalkonline.org/storage/issue-archives/2011/201109/201109-Watson.pdf US Department of Defense Cross Talk Journal Sept, 2011] | ||
| style="width:29%; background:#cccccc" align="center" | | | style="width:29%; background:#cccccc" align="center" | | ||
* [http://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API ESAPI] | * [http://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API ESAPI] | ||
|} | |} | ||
+ | |||
---- | ---- |
Latest revision as of 18:22, 13 August 2013
PROJECT IDENTIFICATION | |||||||
---|---|---|---|---|---|---|---|
Project Name | OWASP AppSensor Project - Detect and Respond to Attacks from Within the Application | ||||||
Short Project Description |
Real Time Application Attack Detection and Response Overview Article on why Application Based Intrusion Detection is a must for critical applications. The AppSensor project defines a conceptual framework and methodology that offers prescriptive guidance to implement intrusion detection and automated response into an existing application. Current efforts are underway to create the AppSensor tool which can be utilized by any existing application interested in adding detection and response capabilities.
Detection AppSensor defines over 50 different detection points which can be used to identify a malicious attacker. Response AppSensor provides guidance on how to respond once a malicious attacker has been identified. Possible actions include: logging out the user, locking the account or notifying an administrator. More than a dozen response actions are described. Defending the Application An attacker often requires numerous probes and attack attempts in order to locate an exploitable vulnerability within the application. By using AppSensor it is possible to identify and eliminate the threat of an attacker before they are able to successfully identify an exploitable flaw. | ||||||
Project key Information | Project Leaders:
Michael Coates |
Project Contributors:
Ryan Barnett
|
Mailing list Subscribe here Use here |
License Creative Commons Attribution Share Alike 3.0 |
Project Type Documentation |
Sponsor OWASP SoC 08 |
Release Status | Main Links | Related Projects |
---|---|---|
|