background image

Application Attack Detection & Response – A Hands-on Planning Workshop

Trainer: Colin Watson (Watson Hall Ltd)

Audience Background: Either of Management, Technical, Operations

Skill Level Required: intermediate and/or advanced

Duration: 1 Day – July 10, 2012

Training Summary: A hands-on day-long workshop where participants will learn how to define, select and specify application-specific intrusion detection and protection (IDP). The training course uses a problem-centered approach where participants are encouraged to use their own knowledge and experience to apply the techniques learned in example paper-based lab projects. Most of the day will be spent working in small teams creating strategies and implementation plans, which could subsequently be used in development. The course does not involve any coding and is language/ framework agnostic. It is based on the concepts in the OWASP AppSensor Project. Full printed handouts are provided together with materials for all the exercises, so participants can take these away and apply the ideas within their own organizations. Previous delegates said “Good course content. Good exercises to work as a team.”, “Content was excellent. Can take this back to the office and apply immediately.” and “This course was worth the money”. Participants are encouraged to watch the following video presentation about AppSensor in advance of the training course: Automated Application Defenses to Thwart Advanced Attackers

 

Attendee takeaways and key learning objectives:On completion of the course, participants should be able to:

  • assess the business and user impacts of application IDP
  • define application IDP strategies based on an assessment of risk
  • create application IDP specifications

The following printed materials will be given to each participant to take back to their place of work:

  • step-by-step planning guide
  • course notes
  • course exercises (notes and example solutions)

Course Outline:

  • Â Course Introduction
  • Preliminary Requirements
  • Application Logging Practices
  • Standard Detection Points
  • Â Custom Detection Points
  • Â Model Creation
  • Â Model Optimization
  • Â Attack Analysis
  • Â Response Actions
  • Response Threshold Specification
  • Â Implementation Plan

Optional Course Assessment Test Exercises will be undertaken in small teams of between 4 and 6 people. Each exercise during the day will be the continuation of the previous one, so the teams build up a complete IDP plan for their example project.

This site was build using Wordpress The theme was based on the Royal-Blue theme

Security Bug Disclosure Policy: Let us know privately if you find something, and we'll work with you to get it fixed. Please don't abuse the site to find bugs, though, as that runs up our hosting fees.