Difference between revisions of "Attack Detection and Prevention with OWASP AppSensor"

Revision as of 15:40, 17 September 2010 (view source) Mark.bristow (talk | contribs) (Created page with '== The presentation == rightOWASP AppSensor defines a conceptual framework, methodology and guidance to implement intrusion detection and automa…')		Latest revision as of 11:02, 1 November 2010 (view source) Clerkendweller (talk | contribs) (Slight change of emphasis)
(5 intermediate revisions by 3 users not shown)
Line 1:		Line 1:
		+	[[Image:468x60-banner-2010.gif|link=http://www.owasp.org/index.php?title=OWASP_AppSec_DC_2010]]
		+
		+	[https://guest.cvent.com/EVENTS/Register/IdentityConfirmation.aspx?e=d52c6f5f-d568-4e16-b8e0-b5e2bf87ab3a Registration] | [https://resweb.passkey.com/Resweb.do?mode=welcome_gi_new&groupID=2766908 Hotel] | [http://www.dcconvention.com/ Walter E. Washington Convention Center]
		+	<br>
	== The presentation  ==		== The presentation  ==
−	[[Image:Owasp_logo_normal.jpg|right]]OWASP AppSensor defines a conceptual framework, methodology and guidance to implement intrusion detection and automated response into an existing application.  Over 50 detection points have been described together with a number of response actions.  A methodology will be presented to develop an AppSensor implementation strategy which includes sensor selection and positioning, and determination of the appropriate type of response to block or mitigate attacks based on an analysis of business risk. A lightweight implementation will also be described for organisations wishing to pilot AppSensor in their applications.	+	[[Image:Colin-watson-web.jpg|right]]OWASP AppSensor defines a conceptual framework, methodology and guidance to implement intrusion detection and automated response into an existing application.  Over 50 detection points have been described together with a number of response actions.  A methodology will be presented to plan AppSensor implementations.  The planning stage includes sensor selection and positioning, and determination of the appropriate type of response to block or mitigate attacks based on an analysis of business risk and other factors. A lightweight implementation will also be described for organisations wishing to pilot AppSensor in their applications.
		+
		+	== Colin Watson ==
		+
		+	Colin Watson is a consultant and co-founder of Watson Hall Ltd.
		+
		+	Colin has a production and process engineering background, but has worked in information systems for fourteen years, concentrating exclusively on web application development, security and compliance.  His work involves the management of application risk, building security and privacy into systems development and keeping abreast of relevant international legislation and standards.  He has a particular interest in creating user trust in web systems and the relationships between security and usability.
−	== The speaker ==	+	Colin has spoken at several OWASP chapter meetings and conferences on topics including web content accessibility guidelines, the Open Software Assurance Maturity Model and AppSensor. He contributes to a number of OWASP projects and is a member of the OWASP Global Industry Committee, having been its chair for the last year.  He writes  a blog about web security, usability and design under the pseudonym Clerkendweller.
−	Speaker bio will be posted shortly.	+	He holds a BSc in Chemical Engineering, and an MSc in Computation from the University of Oxford.
	[[Category:AppSec_DC_2010_Presentations]] [[Category:OWASP_Conference_Presentations]]		[[Category:AppSec_DC_2010_Presentations]] [[Category:OWASP_Conference_Presentations]]

---

Latest revision as of 11:02, 1 November 2010

Registration | Hotel | Walter E. Washington Convention Center

The presentation

OWASP AppSensor defines a conceptual framework, methodology and guidance to implement intrusion detection and automated response into an existing application. Over 50 detection points have been described together with a number of response actions. A methodology will be presented to plan AppSensor implementations. The planning stage includes sensor selection and positioning, and determination of the appropriate type of response to block or mitigate attacks based on an analysis of business risk and other factors. A lightweight implementation will also be described for organisations wishing to pilot AppSensor in their applications.

Colin Watson

Colin Watson is a consultant and co-founder of Watson Hall Ltd.

Colin has a production and process engineering background, but has worked in information systems for fourteen years, concentrating exclusively on web application development, security and compliance. His work involves the management of application risk, building security and privacy into systems development and keeping abreast of relevant international legislation and standards. He has a particular interest in creating user trust in web systems and the relationships between security and usability.

Colin has spoken at several OWASP chapter meetings and conferences on topics including web content accessibility guidelines, the Open Software Assurance Maturity Model and AppSensor. He contributes to a number of OWASP projects and is a member of the OWASP Global Industry Committee, having been its chair for the last year. He writes a blog about web security, usability and design under the pseudonym Clerkendweller.

He holds a BSc in Chemical Engineering, and an MSc in Computation from the University of Oxford.