OWASP Israel 2008 Conference Ivan Ristic
No More Signatures: Defending Web Applications from 0-Day Attacks with ModProfiler Using Traffic Profiling
Web application security is a big problem, yet there is never enough time to dedicate to solving the issue or, at least, making it smaller. To help with this, we embarked on a project that would enable you to tighten the security of your web applications with little effort. The project, called ModProfiler, aims to provide best-possible protection for web applications by analysing web application traffic passing by. This new open source tool builds on the success of ModSecurity (also open source), which is generally considered to be the most widely deployed web application firewall.
The premise is simple: ModProfiler works by observing what's valid and what's not, resulting with a tight application shield designed around the positive security model concept. The process of shield construction is not as simple, but the complexity is hidden away. This talk, presented by Ivan Ristic, the author of the tool, will give you an insight into the technology behind the scenes, and enable you to get the most out of it.
About Ivan Ristic
Ivan Ristic is the Vice President of Security Research for Breach Security, Inc. as a result of the recent acquisition of Thinking Stone Ltd. and its ModSecurity open source web application firewall. At Breach Security, Ristic will focus primarily on educating the market about the security risks associated with conducting business on the web. He will also continue to improve the open source ModSecurity project as well as incorporate ModSecurity technology into Breach Security’s WebDefend architecture. Prior to moving to the computer security field, Ristic spent a number of years working as a developer, system architect, and technical director in the software development industry. He authored Apache Security for O’Reilly, a concise yet comprehensive web security guide for administrators, system architects, and programmers. Ristic earned a BSc with honors in Information Technology and Computing from the Open University. He also completed coursework at the Faculty of Electrical Engineering, University of Belgrade.