Application Attack Detection & Response – A Hands-on Planning Workshop
Trainer: Colin Watson (Watson Hall Ltd) Audience Background: Either of Management, Technical, Operations Skill Level Required: intermediate and/or advanced Duration: 1 Day – July 10, 2012 |
Training Summary: A hands-on day-long workshop where participants will learn how to define, select and specify application-specific intrusion detection and protection (IDP). The training course uses a problem-centered approach where participants are encouraged to use their own knowledge and experience to apply the techniques learned in example paper-based lab projects. Most of the day will be spent working in small teams creating strategies and implementation plans, which could subsequently be used in development. The course does not involve any coding and is language/ framework agnostic. It is based on the concepts in the OWASP AppSensor Project. Full printed handouts are provided together with materials for all the exercises, so participants can take these away and apply the ideas within their own organizations. Previous delegates said “Good course content. Good exercises to work as a team.â€, “Content was excellent. Can take this back to the office and apply immediately.†and “This course was worth the moneyâ€. Participants are encouraged to watch the following video presentation about AppSensor in advance of the training course: Automated Application Defenses to Thwart Advanced Attackers
Attendee takeaways and key learning objectives:On completion of the course, participants should be able to:
- assess the business and user impacts of application IDP
- define application IDP strategies based on an assessment of risk
- create application IDP specifications
The following printed materials will be given to each participant to take back to their place of work:
- step-by-step planning guide
- course notes
- course exercises (notes and example solutions)
Course Outline:
- Â Course Introduction
- Preliminary Requirements
- Application Logging Practices
- Standard Detection Points
- Â Custom Detection Points
- Â Model Creation
- Â Model Optimization
- Â Attack Analysis
- Â Response Actions
- Response Threshold Specification
- Â Implementation Plan
Optional Course Assessment Test Exercises will be undertaken in small teams of between 4 and 6 people. Each exercise during the day will be the continuation of the previous one, so the teams build up a complete IDP plan for their example project.