Project Information:template AppSensor Project

{| style="width:100%" border="0" align="center" ! colspan="8" align="center" style="background:#4058A0; color:white"| PROJECT IDENTIFICATION |- | style="width:15%; background:#7B8ABD" align="center"|Project Name | colspan="7" style="width:85%; background:#cccccc" align="left"| OWASP AppSensor Project - Detect and Respond to Attacks from Within the Application |- | style="width:15%; background:#7B8ABD" align="center"| Short Project Description | colspan="7" style="width:85%; background:#cccccc" align="left"|

Real Time Application Attack Detection and Response
Overview

''We use guards, cameras and alarm systems to defend banks and stores. Why don't we do the same for our online applications?''

The AppSensor project defines a conceptual framework that offers prescriptive guidance to implement intrusion detection and automated response into an existing application. Current efforts are underway to create the AppSensor tool which can be utilized by any existing application interested in adding detection and response capabilities.

Detection

AppSensor defines 42 different detection points which can be used to identify a malicious attacker.

Response

AppSensor provides guidance on how to response once a malicious attacker has been identified. Possible actions include: logging out the user, locking the account or notifying an administrator.

Defending the Application

An attacker often requires numerous probes and attack attempts in order to locate an exploitable vulnerability within the application. By using AppSensor it is possible to identify and eliminate the threat of an attacker before they are able to successfully identify an exploitable flaw.

|- | style="width:15%; background:#7B8ABD" align="center"|Project key Information | style="width:14%; background:#cccccc" align="center"|Project Leader Michael Coates | style="width:15%; background:#cccccc" align="center"|Project Contributors (if applicable) | style="width:10%; background:#cccccc" align="center"|Mailing list Subscribe here [mailto:OWASP-AppSensor-Project(at)lists.owasp.org Use here] | style="width:14%; background:#cccccc" align="center"|Project Type Documentation |}
 * style="width:17%; background:#cccccc" align="center"|License Creative Commons Attribution Share Alike 3.0
 * style="width:15%; background:#cccccc" align="center"|Sponsor OWASP SoC 08