Difference between revisions of "AppSecEU08 PHPIDS Monitoring attack surface activity"

From OWASP
Jump to: navigation, search
(New page: == The talk == The presentation will be about the PHPIDS and how this system might be capable solving several security dilemmas of developers and site owners. Such as: * Complexity of t...)
 
(The talk)
 
Line 3: Line 3:
 
The presentation will be about the PHPIDS and how this system might be capable solving several security dilemmas of developers and site owners. Such as:
 
The presentation will be about the PHPIDS and how this system might be capable solving several security dilemmas of developers and site owners. Such as:
  
* Complexity of the webapp security topic vs. time pressure
+
* Complexity of the webapp security topic vs. time pressure
* Diversity of attack patterns and techniques
+
* Diversity of attack patterns and techniques
* Costs for nowadays security solutions
+
* Costs for nowadays security solutions
* Obfuscated exploits vs. Blacklisting
+
* Obfuscated exploits vs. Blacklisting
* Techniques to detect attacks based on alogrithms
+
* Techniques to detect attacks based on algorithms
 +
* Massive usage of regular expressions vs. performance
  
The talk is potentially interesting for either security professionals, developers and project managers since the meaning and whereabouts of the PHPIDS will be introduced - as well as some regular expression black magik the system uses.  
+
The talk is potentially interesting for either security professionals, developers and project managers since the meaning and whereabouts of the PHPIDS will be introduced - as well as some regular expression black magic the system uses.
 +
 
 +
An important part of the presentation will be about possibilities to detect attacks without blacklists or other dictionary based techniques but by the plain buildup of the string.
  
 
The presentation is based on a white-paper about the PHPIDS - which can be found here [http://php-ids.org/2008/02/17/phpids-white-paper-published/]
 
The presentation is based on a white-paper about the PHPIDS - which can be found here [http://php-ids.org/2008/02/17/phpids-white-paper-published/]

Latest revision as of 12:55, 1 May 2008

The talk

The presentation will be about the PHPIDS and how this system might be capable solving several security dilemmas of developers and site owners. Such as:

  • Complexity of the webapp security topic vs. time pressure
  • Diversity of attack patterns and techniques
  • Costs for nowadays security solutions
  • Obfuscated exploits vs. Blacklisting
  • Techniques to detect attacks based on algorithms
  • Massive usage of regular expressions vs. performance

The talk is potentially interesting for either security professionals, developers and project managers since the meaning and whereabouts of the PHPIDS will be introduced - as well as some regular expression black magic the system uses.

An important part of the presentation will be about possibilities to detect attacks without blacklists or other dictionary based techniques but by the plain buildup of the string.

The presentation is based on a white-paper about the PHPIDS - which can be found here [1]

The speaker

Mario Heiderich is a cologne based developer and CSO right now working for the performance marketing company ormigo.com [2]. He is active in several security related groups and organizations such as the PHPIDS Team [3], GNUCITIZEN [4] and several others. Please visit his website to receive more information about Mario [5].