Difference between revisions of "Project Information:template AppSensor Project"

From OWASP
Jump to: navigation, search
m (Real Time Application Attack Detection and Response)
 
(17 intermediate revisions by 2 users not shown)
Line 1: Line 1:
----
 
 
{| style="width:100%" border="0" align="center"
 
{| style="width:100%" border="0" align="center"
 
  ! colspan="8" align="center" style="background:#4058A0; color:white"|<font color="white">'''PROJECT IDENTIFICATION'''  
 
  ! colspan="8" align="center" style="background:#4058A0; color:white"|<font color="white">'''PROJECT IDENTIFICATION'''  
Line 13: Line 12:
 
'''Overview'''
 
'''Overview'''
  
''We use guards, cameras and alarm systems to defend banks and stores. Why don't we do the same for our online applications?''
+
Article on why [http://www.owasp.org/index.php/ApplicationLayerIntrustionDetection Application Based Intrusion Detection] is a must for critical applications.
  
The AppSensor project defines a conceptual framework that offers prescriptive guidance to implement intrusion detection and automated response into an existing application.  Current efforts are underway to create the AppSensor tool which can be utilized by any existing application interested in adding detection and response capabilities.
+
The AppSensor project defines a conceptual framework and methodology that offers prescriptive guidance to implement intrusion detection and automated response into an existing application.  Current efforts are underway to create the AppSensor tool which can be utilized by any existing application interested in adding detection and response capabilities.
 +
<br><br>
  
 
'''Detection'''
 
'''Detection'''
  
AppSensor defines 42 different detection points which can be used to identify a malicious attacker.
+
AppSensor defines over 50 different [http://www.owasp.org/index.php/AppSensor_DetectionPoints detection points] which can be used to identify a malicious attacker.
  
 
'''Response'''
 
'''Response'''
  
AppSensor provides guidance on how to response once a malicious attacker has been identified. Possible actions include: logging out the user, locking the account or notifying an administrator.   
+
AppSensor provides guidance on how to respond once a malicious attacker has been identified. Possible actions include: logging out the user, locking the account or notifying an administrator.  More than a dozen [http://www.owasp.org/index.php/AppSensor_ResponseActions response actions] are described.
  
 
'''Defending the Application'''
 
'''Defending the Application'''
Line 31: Line 31:
 
  |-
 
  |-
 
  | style="width:15%; background:#7B8ABD" align="center"|'''Project key Information'''
 
  | style="width:15%; background:#7B8ABD" align="center"|'''Project key Information'''
  | style="width:14%; background:#cccccc" align="center"|Project Leader<br>[[User:MichaelCoates|'''Michael Coates''']]
+
  | style="width:14%; background:#cccccc" align="center"|Project Leaders:
  | style="width:15%; background:#cccccc" align="center"|Project Contributors<br>(if applicable)
+
[[User:MichaelCoates|'''Michael Coates''']]<br>John Melton<br>Colin Watson<br>Dennis Groves
 +
  | style="width:15%; background:#cccccc" align="center"|Project Contributors:
 +
Ryan Barnett
 +
<br>Simon Bennetts
 +
<br>August Detlefsen
 +
<br>Dennis Groves
 +
<br>Randy Janida
 +
<br>Jim Manico
 +
<br>Giri Nambari
 +
<br>Eric Sheridan
 +
<br>John Stevens
 +
<br>Kevin Wall
 
  | style="width:10%; background:#cccccc" align="center"|Mailing list<br>[https://lists.owasp.org/mailman/listinfo/owasp-appsensor-project '''Subscribe here''']<br>[mailto:OWASP-AppSensor-Project(at)lists.owasp.org '''Use here''']
 
  | style="width:10%; background:#cccccc" align="center"|Mailing list<br>[https://lists.owasp.org/mailman/listinfo/owasp-appsensor-project '''Subscribe here''']<br>[mailto:OWASP-AppSensor-Project(at)lists.owasp.org '''Use here''']
 
| style="width:17%; background:#cccccc" align="center"|License<br>[http://creativecommons.org/licenses/by-sa/3.0/ '''Creative Commons Attribution Share Alike 3.0''']
 
| style="width:17%; background:#cccccc" align="center"|License<br>[http://creativecommons.org/licenses/by-sa/3.0/ '''Creative Commons Attribution Share Alike 3.0''']
Line 46: Line 57:
 
  | style="width:29%; background:#cccccc" align="center"|
 
  | style="width:29%; background:#cccccc" align="center"|
 
'''[[:Category:OWASP_Project_Assessment#Beta_Quality_Documentation_Criteria|Beta Quality]]'''<br>[[:OWASP AppSensor Project - Assessment Frame|Please see here for complete information.]]
 
'''[[:Category:OWASP_Project_Assessment#Beta_Quality_Documentation_Criteria|Beta Quality]]'''<br>[[:OWASP AppSensor Project - Assessment Frame|Please see here for complete information.]]
  | style="width:42%; background:#cccccc" align="center"|
+
  | style="width:42%; background:#cccccc" align="left"|
'''AppSensor Beta Release 1.1 - Now Available!'''
+
* '''NEW: AppSensor & ESAPI:''' [http://www.owasp.org/index.php/AppSensor_Developer_Guide Getting Started: AppSensor Developer Guide]
* [https://www.owasp.org/images/2/2f/OWASP_AppSensor_Beta_1.1.pdf PDF] & [https://www.owasp.org/images/b/b0/OWASP_AppSensor_Beta_1.1.doc Word] files - NEW RELEASE!!!
+
* '''Download AppSensor Book:''' [https://www.owasp.org/images/2/2f/OWASP_AppSensor_Beta_1.1.pdf PDF] | [https://www.owasp.org/images/b/b0/OWASP_AppSensor_Beta_1.1.doc Word]
* [https://www.owasp.org/images/7/77/Presentation_AppSensor.ppt PowerPoint Presentation]
+
* '''Presentations:'''
  | style="width:29%; background:#cccccc" align="center"|
+
** [http://www.owasp.org/images/0/06/Defend_Yourself-Integrating_Real_Time_Defenses_into_Online_Applications-Michael_Coates.pdf Defend Yourself: Integrating Real Time Defenses into Online Applications]
* (If appropriate, add links)
+
** [http://www.brighttalk.com/webcast/20680 Automated Application Defenses to Thwart Advanced Attackers (Slides & Audio)]
 +
* '''Diagram:''' [https://www.owasp.org/index.php/File:Appsensor-pid.pdf Understanding AppSensor in the WebApp - Diagram]
 +
* '''Live Demo:''' [http://www.youtube.com/watch?v=8ItfuwvLxRk Video]
 +
* '''AppSensor Code:''' [http://code.google.com/p/appsensor/ Google Code]
 +
* '''External References/Links:'''
 +
** [https://buildsecurityin.us-cert.gov/swa/topics/resilient-software/ DHS Building Resilient Software]
 +
** [https://buildsecurityin.us-cert.gov/swa/resources DHS Software Assurance Resources]
 +
** [http://www.crosstalkonline.org/storage/issue-archives/2011/201109/201109-Watson.pdf US Department of Defense Cross Talk Journal Sept, 2011]
 +
  | style="width:29%; background:#cccccc" align="center" |
 +
* [http://www.owasp.org/index.php/Category:OWASP_Enterprise_Security_API ESAPI]
 
  |}
 
  |}
 +
 
----
 
----

Latest revision as of 13:22, 13 August 2013

PROJECT IDENTIFICATION
Project Name OWASP AppSensor Project - Detect and Respond to Attacks from Within the Application
Short Project Description

Real Time Application Attack Detection and Response

Overview

Article on why Application Based Intrusion Detection is a must for critical applications.

The AppSensor project defines a conceptual framework and methodology that offers prescriptive guidance to implement intrusion detection and automated response into an existing application. Current efforts are underway to create the AppSensor tool which can be utilized by any existing application interested in adding detection and response capabilities.

Detection

AppSensor defines over 50 different detection points which can be used to identify a malicious attacker.

Response

AppSensor provides guidance on how to respond once a malicious attacker has been identified. Possible actions include: logging out the user, locking the account or notifying an administrator. More than a dozen response actions are described.

Defending the Application

An attacker often requires numerous probes and attack attempts in order to locate an exploitable vulnerability within the application. By using AppSensor it is possible to identify and eliminate the threat of an attacker before they are able to successfully identify an exploitable flaw.

Project key Information Project Leaders:

Michael Coates
John Melton
Colin Watson
Dennis Groves

Project Contributors:

Ryan Barnett
Simon Bennetts
August Detlefsen
Dennis Groves
Randy Janida
Jim Manico
Giri Nambari
Eric Sheridan
John Stevens
Kevin Wall

Mailing list
Subscribe here
Use here
License
Creative Commons Attribution Share Alike 3.0
Project Type
Documentation
Sponsor
OWASP SoC 08
Release Status Main Links Related Projects

Beta Quality
Please see here for complete information.