06 May 2011

Active Defences for Applications

I seem to have arranged quite a few upcoming presentations and training sessions relating to the concepts in OWASP AppSensor during May and June, across Europe (and further afield).

Russian cannon recovered during the Crimean War, mounted on the fortifications around the coastal town of Berwick-upon-Tweed, Northumberland

Following my previous speaking enagements at events in Newcastle-upon-Tyne and London, and the release of an implementation guide at AppSec DC last year, I was approached to talk about this subject in one of the training slots at the OWASP Ireland Training Day in Dublin in March.

But coming up, I seem to have ended up doing a mini European tour. Here are the dates and what's being presented about AppSensor:

  • 12th May, ISSA UK application security training day at National Codes and Cipher Centre, Bletchley Park, UK — a high-level overview of application defence with a focus on how this can contribute to a reduction in operational risk (free to ISSA members, registration required).
  • 19th May, 2nd International Secure Systems Development Conference, London, UK — an introduction to OWASP AppSensor (chargeable).
  • 25th May, OWASP Greece chapter Training Day, Athens, Greece — introduction and walk-through on how to identify and select attacker detection points (free to OWASP members, registration required). I will also be presenting Software Assurance Maturity Model at this event.
  • 9th June, AppSec EU 2011, Dublin, Ireland — an update on the OWASP AppSensor project including how to build the concepts into your own software projects (chargeable, discount to OWASP members, registration required).
  • 16th June, OWASP Belgium chapter meeting, Brussels, Belgium — a repeat of the AppSec EU presentation (free, registration required).

I am also providing a full day course "Application Attack Detection & Response — A Hands-on Planning Workshop", based on the concepts in the OWASP AppSensor Project, at AppSec USA in Minneapolis on 20th September 2011.

The training course is a practical hands-on day-long workshop where participants will learn how to define, select and specify application-layer intrusion detection and protection (IDP). The training course uses a problem-centered approach where participants are encouraged to use their own knowledge and experience to apply the techniques learned in example lab projects. Most of the day will be spent working in small teams creating strategies and implementation plans, which could subsequently be used in development. The course does not involve any coding and is language/ framework agnostic. Full printed handouts are provided together with materials for all the exercises, so participants can take these away and apply the ideas within their own organizations.

The course will be of direct use by anyone interested in building attack-aware applications or in constructing defensive measures directly into applications. The development lifecycle for application-specific intrusion detection and protection (IDP) spans analysis, planning, implementation and operation. This training course covers the first two of these — analysis and planning.

The processes and templates provided during the course may be of most use in larger development teams, but more advanced individual designers, architects & developers will gain knowledge which they can apply themselves directly in their own projects. The course is also a useful introduction to the attack-aware application concepts, and therefore may be of interest to those involved with specification, verification practices such as testing & audit, and operational processes such as deployment and incident handling. The examples used will be repeatedly linked back to business objectives throughout the day. The course outline is:

  1. Course Introduction
  2. Preliminary Requirements
  3. Application Logging Practices
  4. Standard Detection Points
  5. Custom Detection Points
  6. Model Creation
  7. Model Optimization
  8. Attack Analysis
  9. Response Actions
  10. Response Threshold Specification
  11. Implementation Plan
  12. Optional Course Assessment Test

Exercises will be undertaken in small teams of between 4 and 6 people, depending upon the number of participants on the course. Each exercise during the day will be the continuation of the previous one, so the teams build up a complete IDP plan for their example project.

Registration is now open. Please book early to ensure a place. Discounts are available for group bookings.

Posted on: 06 May 2011 at 09:13 hrs

Comments Comments (0) | Permalink | Send Send | Post to Twitter


Comments are filtered automatically and should appear shortly after they been checked.

Post a comment
Confirm acceptance and understanding of the terms of use
New posts to this thread will be sent to your email address
Active Defences for Applications
ISO/IEC 18004:2006 QR code for https://clerkendweller.uk

Page https://www.clerkendweller.uk/2011/5/6/Active-Defences-for-Applications
Requested by on Monday, 30 November 2015 at 18:44 hrs (London date/time)

Please read our terms of use and obtain professional advice before undertaking any actions based on the opinions, suggestions and generic guidance presented here. Your organisation's situation will be unique and all practices and controls need to be assessed with consideration of your own business context.

Terms of use https://www.clerkendweller.uk/page/terms
Privacy statement https://www.clerkendweller.uk/page/privacy
© 2011-2015 clerkendweller.uk