This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Attack Detection and Prevention with OWASP AppSensor"
Mark.bristow (talk | contribs) |
(Slight change of emphasis) |
||
(2 intermediate revisions by the same user not shown) | |||
Line 5: | Line 5: | ||
== The presentation == | == The presentation == | ||
− | [[Image:Colin-watson-web.jpg|right]]OWASP AppSensor defines a conceptual framework, methodology and guidance to implement intrusion detection and automated response into an existing application. Over 50 detection points have been described together with a number of response actions. A methodology will be presented to | + | [[Image:Colin-watson-web.jpg|right]]OWASP AppSensor defines a conceptual framework, methodology and guidance to implement intrusion detection and automated response into an existing application. Over 50 detection points have been described together with a number of response actions. A methodology will be presented to plan AppSensor implementations. The planning stage includes sensor selection and positioning, and determination of the appropriate type of response to block or mitigate attacks based on an analysis of business risk and other factors. A lightweight implementation will also be described for organisations wishing to pilot AppSensor in their applications. |
== Colin Watson == | == Colin Watson == | ||
− | Colin Watson is a consultant and co-founder of Watson Hall Ltd | + | Colin Watson is a consultant and co-founder of Watson Hall Ltd. |
Colin has a production and process engineering background, but has worked in information systems for fourteen years, concentrating exclusively on web application development, security and compliance. His work involves the management of application risk, building security and privacy into systems development and keeping abreast of relevant international legislation and standards. He has a particular interest in creating user trust in web systems and the relationships between security and usability. | Colin has a production and process engineering background, but has worked in information systems for fourteen years, concentrating exclusively on web application development, security and compliance. His work involves the management of application risk, building security and privacy into systems development and keeping abreast of relevant international legislation and standards. He has a particular interest in creating user trust in web systems and the relationships between security and usability. |
Latest revision as of 11:02, 1 November 2010
Registration | Hotel | Walter E. Washington Convention Center
The presentation
OWASP AppSensor defines a conceptual framework, methodology and guidance to implement intrusion detection and automated response into an existing application. Over 50 detection points have been described together with a number of response actions. A methodology will be presented to plan AppSensor implementations. The planning stage includes sensor selection and positioning, and determination of the appropriate type of response to block or mitigate attacks based on an analysis of business risk and other factors. A lightweight implementation will also be described for organisations wishing to pilot AppSensor in their applications.Colin Watson
Colin Watson is a consultant and co-founder of Watson Hall Ltd.
Colin has a production and process engineering background, but has worked in information systems for fourteen years, concentrating exclusively on web application development, security and compliance. His work involves the management of application risk, building security and privacy into systems development and keeping abreast of relevant international legislation and standards. He has a particular interest in creating user trust in web systems and the relationships between security and usability.
Colin has spoken at several OWASP chapter meetings and conferences on topics including web content accessibility guidelines, the Open Software Assurance Maturity Model and AppSensor. He contributes to a number of OWASP projects and is a member of the OWASP Global Industry Committee, having been its chair for the last year. He writes a blog about web security, usability and design under the pseudonym Clerkendweller.
He holds a BSc in Chemical Engineering, and an MSc in Computation from the University of Oxford.