SlideShare una empresa de Scribd logo

Repsheet: A Behavior Based Approach to Web Application Security

Aaron Bedra
Aaron Bedra

This is a presentation on how to approach analyzing web application security.

Tecnología
1 de 140
Descargar para leer sin conexión
Repsheet A Behavior Based Approach to Web Application Security Aaron Bedra Application Security Lead Braintree Payments Wednesday, July 10, 13
Right now, your web applications are being attacked Wednesday, July 10, 13
And it will happen again, and again, and again Wednesday, July 10, 13
But not always in the way you think Wednesday, July 10, 13
Let’s take a look at typical application security measures Wednesday, July 10, 13
User Requests Web Server Application Environment Wednesday, July 10, 13
Wednesday, July 10, 13
roland : 12345 Wednesday, July 10, 13
roland : 12345 Wednesday, July 10, 13
And we go on with our day Wednesday, July 10, 13
How many of you stop there? Wednesday, July 10, 13
It’s time to start asking more questions Wednesday, July 10, 13
But remember… Wednesday, July 10, 13
Don’t impact user experience! Wednesday, July 10, 13
??? Wednesday, July 10, 13
• Signature based detection • Anomaly detection • Reputational intelligence • Action • Repsheet Wednesday, July 10, 13
Signatures Wednesday, July 10, 13
Mod Security Wednesday, July 10, 13
Web Application Firewall Wednesday, July 10, 13
Rule based detection Wednesday, July 10, 13
Allows you to block or alert if traffic matches a signature Wednesday, July 10, 13
Improved by the OWASP Core Rule Set Wednesday, July 10, 13
A great tool to add to your stack Wednesday, July 10, 13
Works with Apache, nginx, and IIS Wednesday, July 10, 13
Works well with Apache Wednesday, July 10, 13
Like most signature based tools it requires tuning Wednesday, July 10, 13
And has a high possibility of false positives Wednesday, July 10, 13
Great for helping with 0-day attacks Wednesday, July 10, 13
Favor alerting over blocking in most scenarios Wednesday, July 10, 13
User Requests Web Server ModSecurity Application Environment Wednesday, July 10, 13
Anomalies Wednesday, July 10, 13
10.20.253.8 - - [23/Apr/2013:14:20:21 +0000] "POST /login HTTP/1.1" 200 267"-" "Mozilla/ 5.0 (Windows NT 6.1; WOW64; rv:8.0) Gecko/ 20100101 Firefox/8.0" "77.77.165.233" Wednesday, July 10, 13
10.20.253.8 - - [23/Apr/2013:14:20:22 +0000] "POST /users/king-roland/credit_cards HTTP/ 1.1" 302 2085 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:8.0) Gecko/20100101 Firefox/ 8.0" "77.77.165.233" Wednesday, July 10, 13
10.20.253.8 - - [23/Apr/2013:14:20:23 +0000] "POST /users/king-roland/credit_cards HTTP/ 1.1" 302 2083 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:8.0) Gecko/20100101 Firefox/ 8.0" "77.77.165.233" Wednesday, July 10, 13
10.20.253.8 - - [23/Apr/2013:14:20:24 +0000] "POST /users/king-roland/credit_cards HTTP/ 1.1" 302 2085 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:8.0) Gecko/20100101 Firefox/ 8.0" "77.77.165.233" Wednesday, July 10, 13
What do you see? Wednesday, July 10, 13
I see a website getting carded Wednesday, July 10, 13
??? Wednesday, July 10, 13
Play by play Wednesday, July 10, 13
10.20.253.8 - - [23/Apr/2013:14:20:21 +0000] "POST /login HTTP/1.1" 200 267"-" "Mozilla/ 5.0 (Windows NT 6.1; WOW64; rv:8.0) Gecko/ 20100101 Firefox/8.0" "77.77.165.233" Login Request Wednesday, July 10, 13
10.20.253.8 - - [23/Apr/2013:14:20:22 +0000] "POST /users/king-roland/credit_cards HTTP/ 1.1" 302 2085 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:8.0) Gecko/20100101 Firefox/ 8.0" "77.77.165.233" Add credit card to account #1 1 sec delay Wednesday, July 10, 13
10.20.253.8 - - [23/Apr/2013:14:20:23 +0000] "POST /users/king-roland/credit_cards HTTP/ 1.1" 302 2083 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:8.0) Gecko/20100101 Firefox/ 8.0" "77.77.165.233" 1 sec delay Add credit card to account #2 FF 8 on Windows 7 or Bot? Wednesday, July 10, 13
10.20.253.8 - - [23/Apr/2013:14:20:24 +0000] "POST /users/king-roland/credit_cards HTTP/ 1.1" 302 2085 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:8.0) Gecko/20100101 Firefox/ 8.0" "77.77.165.233" 1 sec delay Add credit card to account #3 FF 8 on Windows 7 or Bot? Plovdiv Bulgaria Wednesday, July 10, 13
And this continues… Wednesday, July 10, 13
10,000 more times Wednesday, July 10, 13
Those were the only requests that IP address made Wednesday, July 10, 13
Aside from the number of requests what else gave it away? Wednesday, July 10, 13
5% 5% 4% 27% 59% GET POST HEAD PUT DELETE Wednesday, July 10, 13
HTTP method distribution is important Wednesday, July 10, 13
When an actor deviates significantly, there must be a reason! Wednesday, July 10, 13
Let’s talk GeoIP Wednesday, July 10, 13
Adding GeoIP information is generically useful Wednesday, July 10, 13
But it also helps in the face of an attack Wednesday, July 10, 13
It can help protect you and your users Wednesday, July 10, 13
Scenario Wednesday, July 10, 13
King Roland gets his GMail account hacked Wednesday, July 10, 13
Hacker sends a password reset request to your server Wednesday, July 10, 13
Normally, you would email the reset Wednesday, July 10, 13
Unless... Wednesday, July 10, 13
You realize that King Roland always logs in from Druidia Wednesday, July 10, 13
But the hacker is requesting the reset from Spaceball City Wednesday, July 10, 13
Instead of sending the reset, you now ask some questions Wednesday, July 10, 13
And hopefully protect King Roland from further bad actions Wednesday, July 10, 13
GeoIP detection also helps you block traffic from unwanted countries Wednesday, July 10, 13
User Requests Web Server ModSecurity Application Environment GeoIP Wednesday, July 10, 13
Other Anomalies • Request Rate • TCP Fingerprint vs. User Agent • Account Create/Delete/Subscribe • Anything you can imagine Wednesday, July 10, 13
What do they have in common? Wednesday, July 10, 13
Does the behavior fit an equation? Wednesday, July 10, 13
If so, your detection is simple Wednesday, July 10, 13
Request rate > Threshold Wednesday, July 10, 13
TCP fingerprint != User Agent Wednesday, July 10, 13
But the HTTP method deviation is harder Wednesday, July 10, 13
100% GET requests with a known UA (e.g. Google) is ok Wednesday, July 10, 13
100% POST requests is not Wednesday, July 10, 13
But it’s not always that simple Wednesday, July 10, 13
Scenario Wednesday, July 10, 13
A high rate of account create requests are coming from a single address Wednesday, July 10, 13
Is it a NATted IP or a fraud/spam bot? Wednesday, July 10, 13
We have patterns and data… Wednesday, July 10, 13
What’s the next step? Wednesday, July 10, 13
Quantitative Analysis Wednesday, July 10, 13
Quantitative Analysis Wednesday, July 10, 13
Quantitative Analysis Security as a Data Science Probelm Wednesday, July 10, 13
We can apply some machine learning to the data in an attempt to classify it Wednesday, July 10, 13
Classifier ??? User Requests Web Server ModSecurity Application Environment GeoIP Wednesday, July 10, 13
This is where a lot of the value comes from Wednesday, July 10, 13
And combined with signature detection helps correlate attack events Wednesday, July 10, 13
But you still need a way to keep track of it all Wednesday, July 10, 13
Reputational Intelligence Wednesday, July 10, 13
Who’s naughty and who’s really naughty Wednesday, July 10, 13
Built up from the tools/ techniques mentioned previously Wednesday, July 10, 13
Provides local reputation Wednesday, July 10, 13
You can also purchase external reputation feeds Wednesday, July 10, 13
The combination gives you solid awareness of bad actors Wednesday, July 10, 13
Reputational Intelligence External Reputation Classifier ??? User Requests Web Server ModSecurity Application Environment GeoIP ??? Wednesday, July 10, 13
Action Wednesday, July 10, 13
So now you have a ton of new information Wednesday, July 10, 13
What do you do with it? Wednesday, July 10, 13
Options • Block the traffic • Honeypot the attacker • Modify your response • Attack back • Contact the authorities Wednesday, July 10, 13
Blocking the traffic is straight forward Wednesday, July 10, 13
Block at the web server level (403) Wednesday, July 10, 13
Block at the firewall level Wednesday, July 10, 13
Both have advantages/ disadvantages Wednesday, July 10, 13
Honeypots are much more interesting Wednesday, July 10, 13
LB LB LB Engine Fake Real DB DBPartial Replication Wednesday, July 10, 13
When you honeypot, the attacker doesn’t know they’ve been caught Wednesday, July 10, 13
And it allows you to study their behavior Wednesday, July 10, 13
And update your approach to preventing attacks Wednesday, July 10, 13
But all of this requires a way to manage state and act on bad behavior Wednesday, July 10, 13
Reputational Intelligence External Reputation Classifier ??? User Requests Web Server ModSecurity Application Environment GeoIP ??? State State Where do you act? Here? Wednesday, July 10, 13
Repsheet Wednesday, July 10, 13
Reputation Engine Wednesday, July 10, 13
Redis Repsheet Backend External Reputation Feeds User Requests Web Server ModSecurity Application Environment GeoIP Repsheet Wednesday, July 10, 13
Redis Repsheet Backend External Reputation Feeds User Requests Web Server ModSecurity Application Environment GeoIP Repsheet Wednesday, July 10, 13
Redis Repsheet Backend External Reputation Feeds User Requests Web Server ModSecurity Application Environment GeoIP Repsheet Recorder Wednesday, July 10, 13
Redis Repsheet Backend External Reputation Feeds User Requests Web Server ModSecurity Application Environment GeoIP Repsheet Managed State Recorder Wednesday, July 10, 13
Redis Repsheet Backend External Reputation Feeds User Requests Web Server ModSecurity Application Environment GeoIP Repsheet Managed State ActorRecorder Wednesday, July 10, 13
Redis Repsheet Backend External Reputation Feeds User Requests Web Server ModSecurity Application Environment GeoIP Repsheet Managed State Classifier, Feed Integration, Learning Models ActorRecorder Wednesday, July 10, 13
Wednesday, July 10, 13
Wednesday, July 10, 13
Repsheet helps put everything together Wednesday, July 10, 13
Web server module records activity and looks for offenders in the cache Wednesday, July 10, 13
It listens to ModSecurity and adds offending IPs to it’s list Wednesday, July 10, 13
It provides notification and/or blocking of offenders Wednesday, July 10, 13
Blocking happens at the web server level Wednesday, July 10, 13
But you can send the Repsheet data to your firewall for TCP level blocking Wednesday, July 10, 13
Notification sends headers to the downstream application Wednesday, July 10, 13
Which allows each app to chose how it is going to respond Wednesday, July 10, 13
For instance, show a captcha on signup if Repsheet alerts Wednesday, July 10, 13
Back end looks at the recorded data for bad behavior Wednesday, July 10, 13
And updates the cache when it finds offenders Wednesday, July 10, 13
You can supply your own learning models for the data Wednesday, July 10, 13
github.com/repsheet/ repsheet Wednesday, July 10, 13
Summary Wednesday, July 10, 13
There are lots of indicators of attack in your traffic Wednesday, July 10, 13
Build up a system that can capture the data and sort good from bad Wednesday, July 10, 13
Tools • ModSecurity • GeoIP • Custom rules (velocity triggers, fingerprinting, device id, etc) • Custom behavioral classification • Repsheet Wednesday, July 10, 13
And Remember… Wednesday, July 10, 13
Wednesday, July 10, 13
Questions? Wednesday, July 10, 13

Recomendados

Paul Asadoorian - Bringing Sexy Back
Paul Asadoorian - Bringing Sexy BackPaul Asadoorian - Bringing Sexy Back
Paul Asadoorian - Bringing Sexy BackSource Conference
 
Unsupervised Learning with Apache Spark
Unsupervised Learning with Apache SparkUnsupervised Learning with Apache Spark
Unsupervised Learning with Apache SparkDB Tsai
 
(SEC323) New: Securing Web Applications with AWS WAF
(SEC323) New: Securing Web Applications with AWS WAF(SEC323) New: Securing Web Applications with AWS WAF
(SEC323) New: Securing Web Applications with AWS WAFAmazon Web Services
 
Richcast general 2013 02
Richcast general 2013 02Richcast general 2013 02
Richcast general 2013 02Ron Nath Mukherjee
 
Cw15 conoce drupal_v28
Cw15 conoce drupal_v28Cw15 conoce drupal_v28
Cw15 conoce drupal_v28Hiberus Tecnologia
 
Presentacion e conciencia te desmarcate ¡YA!
Presentacion e conciencia te desmarcate ¡YA!Presentacion e conciencia te desmarcate ¡YA!
Presentacion e conciencia te desmarcate ¡YA!desmarcate YA!
 
Praktijk In De Onderbouw Vmbo
Praktijk In De Onderbouw VmboPraktijk In De Onderbouw Vmbo
Praktijk In De Onderbouw VmboMike Seijger
 
Senati
SenatiSenati
SenatiJose Ronald Estela Horna
 

Recomendados

Paul Asadoorian - Bringing Sexy Back
Paul Asadoorian - Bringing Sexy BackPaul Asadoorian - Bringing Sexy Back
Paul Asadoorian - Bringing Sexy BackSource Conference
 
Unsupervised Learning with Apache Spark
Unsupervised Learning with Apache SparkUnsupervised Learning with Apache Spark
Unsupervised Learning with Apache SparkDB Tsai
 
(SEC323) New: Securing Web Applications with AWS WAF
(SEC323) New: Securing Web Applications with AWS WAF(SEC323) New: Securing Web Applications with AWS WAF
(SEC323) New: Securing Web Applications with AWS WAFAmazon Web Services
 
Richcast general 2013 02
Richcast general 2013 02Richcast general 2013 02
Richcast general 2013 02Ron Nath Mukherjee
 
Cw15 conoce drupal_v28
Cw15 conoce drupal_v28Cw15 conoce drupal_v28
Cw15 conoce drupal_v28Hiberus Tecnologia
 
Presentacion e conciencia te desmarcate ¡YA!
Presentacion e conciencia te desmarcate ¡YA!Presentacion e conciencia te desmarcate ¡YA!
Presentacion e conciencia te desmarcate ¡YA!desmarcate YA!
 
Praktijk In De Onderbouw Vmbo
Praktijk In De Onderbouw VmboPraktijk In De Onderbouw Vmbo
Praktijk In De Onderbouw VmboMike Seijger
 
Senati
SenatiSenati
SenatiJose Ronald Estela Horna
 
Training & Development (Train The Trainer ) Workshop
Training & Development (Train The Trainer ) WorkshopTraining & Development (Train The Trainer ) Workshop
Training & Development (Train The Trainer ) WorkshopConsultants for Business Leaders
 
Programación Anual 4 años A
Programación Anual 4 años AProgramación Anual 4 años A
Programación Anual 4 años Arociocabrera81
 
Fr E Routing Slm V40
Fr E Routing Slm V40Fr E Routing Slm V40
Fr E Routing Slm V40boukna abdou
 
Big data app meetup 2016-06-15
Big data app meetup 2016-06-15Big data app meetup 2016-06-15
Big data app meetup 2016-06-15Illia Polosukhin
 
Understanding User Behavior Online
Understanding User Behavior OnlineUnderstanding User Behavior Online
Understanding User Behavior OnlineKaren McGrane
 
Ogarnij swoje cele - Geek Girls Carrots
Ogarnij swoje cele - Geek Girls CarrotsOgarnij swoje cele - Geek Girls Carrots
Ogarnij swoje cele - Geek Girls CarrotsJulitta Dębska
 
Momumentos de valledupar 2
Momumentos de valledupar 2Momumentos de valledupar 2
Momumentos de valledupar 2majopemo96
 
Auto administra
Auto administraAuto administra
Auto administraLuis Eduardo Calderon Yanchapaxi
 
Autocontrol hsj 2011 (2)
Autocontrol hsj 2011 (2)Autocontrol hsj 2011 (2)
Autocontrol hsj 2011 (2)Norma Allel
 
Academic Record 2016
Academic Record 2016Academic Record 2016
Academic Record 2016Timothy van der Merwe
 
99CLUBS_PDF
99CLUBS_PDF99CLUBS_PDF
99CLUBS_PDFslider13
 
Presentacion Proyecto # 42 Premio Eureka 2011 Mención Innovatividad Técnica
Presentacion Proyecto # 42 Premio Eureka 2011 Mención Innovatividad TécnicaPresentacion Proyecto # 42 Premio Eureka 2011 Mención Innovatividad Técnica
Presentacion Proyecto # 42 Premio Eureka 2011 Mención Innovatividad TécnicaProyecto Red Eureka
 
ReThink at Google
ReThink at GoogleReThink at Google
ReThink at GoogleEric Miltsch
 
ThoughtWorks Quarterly Technology Briefing June 2013, Berlin
ThoughtWorks Quarterly Technology Briefing June 2013, BerlinThoughtWorks Quarterly Technology Briefing June 2013, Berlin
ThoughtWorks Quarterly Technology Briefing June 2013, BerlinThoughtworks
 
Armorizing applications
Armorizing applicationsArmorizing applications
Armorizing applicationsIftach Ian Amit
 
OWASP Top 10 2013
OWASP Top 10 2013OWASP Top 10 2013
OWASP Top 10 2013markstory
 
Writing SaltStack Modules - OpenWest 2013
Writing SaltStack Modules - OpenWest 2013Writing SaltStack Modules - OpenWest 2013
Writing SaltStack Modules - OpenWest 2013SaltStack
 
Front-End Performance Starts On the Server
Front-End Performance Starts On the ServerFront-End Performance Starts On the Server
Front-End Performance Starts On the ServerJon Arne Sæterås
 
How to be a Chef (Developer Edition)
How to be a Chef (Developer Edition)How to be a Chef (Developer Edition)
How to be a Chef (Developer Edition)Rodrigo Ayala
 
2013 - Mark story - Avoiding the Owasp
2013 - Mark story - Avoiding the Owasp2013 - Mark story - Avoiding the Owasp
2013 - Mark story - Avoiding the OwaspPHP Conference Argentina
 
JSDay 2013 - Practical Responsive Web Design
JSDay 2013 - Practical Responsive Web DesignJSDay 2013 - Practical Responsive Web Design
JSDay 2013 - Practical Responsive Web DesignJonathan Klein
 
Running At 99%: Mitigating App DoS
Running At 99%: Mitigating App DoSRunning At 99%: Mitigating App DoS
Running At 99%: Mitigating App DoSryan_huber
 

Más contenido relacionado

Destacado

Programación Anual 4 años A
Programación Anual 4 años AProgramación Anual 4 años A
Programación Anual 4 años Arociocabrera81
 
Fr E Routing Slm V40
Fr E Routing Slm V40Fr E Routing Slm V40
Fr E Routing Slm V40boukna abdou
 
Big data app meetup 2016-06-15
Big data app meetup 2016-06-15Big data app meetup 2016-06-15
Big data app meetup 2016-06-15Illia Polosukhin
 
Understanding User Behavior Online
Understanding User Behavior OnlineUnderstanding User Behavior Online
Understanding User Behavior OnlineKaren McGrane
 
Ogarnij swoje cele - Geek Girls Carrots
Ogarnij swoje cele - Geek Girls CarrotsOgarnij swoje cele - Geek Girls Carrots
Ogarnij swoje cele - Geek Girls CarrotsJulitta Dębska
 
Momumentos de valledupar 2
Momumentos de valledupar 2Momumentos de valledupar 2
Momumentos de valledupar 2majopemo96
 
Autocontrol hsj 2011 (2)
Autocontrol hsj 2011 (2)Autocontrol hsj 2011 (2)
Autocontrol hsj 2011 (2)Norma Allel
 
99CLUBS_PDF
99CLUBS_PDF99CLUBS_PDF
99CLUBS_PDFslider13
 
Presentacion Proyecto # 42 Premio Eureka 2011 Mención Innovatividad Técnica
Presentacion Proyecto # 42 Premio Eureka 2011 Mención Innovatividad TécnicaPresentacion Proyecto # 42 Premio Eureka 2011 Mención Innovatividad Técnica
Presentacion Proyecto # 42 Premio Eureka 2011 Mención Innovatividad TécnicaProyecto Red Eureka
 

Destacado (13)

Training & Development (Train The Trainer ) Workshop
Training & Development (Train The Trainer ) WorkshopTraining & Development (Train The Trainer ) Workshop
Training & Development (Train The Trainer ) Workshop
 
Programación Anual 4 años A
Programación Anual 4 años AProgramación Anual 4 años A
Programación Anual 4 años A
 
Fr E Routing Slm V40
Fr E Routing Slm V40Fr E Routing Slm V40
Fr E Routing Slm V40
 
Big data app meetup 2016-06-15
Big data app meetup 2016-06-15Big data app meetup 2016-06-15
Big data app meetup 2016-06-15
 
Understanding User Behavior Online
Understanding User Behavior OnlineUnderstanding User Behavior Online
Understanding User Behavior Online
 
Ogarnij swoje cele - Geek Girls Carrots
Ogarnij swoje cele - Geek Girls CarrotsOgarnij swoje cele - Geek Girls Carrots
Ogarnij swoje cele - Geek Girls Carrots
 
Momumentos de valledupar 2
Momumentos de valledupar 2Momumentos de valledupar 2
Momumentos de valledupar 2
 
Auto administra
Auto administraAuto administra
Auto administra
 
Autocontrol hsj 2011 (2)
Autocontrol hsj 2011 (2)Autocontrol hsj 2011 (2)
Autocontrol hsj 2011 (2)
 
Academic Record 2016
Academic Record 2016Academic Record 2016
Academic Record 2016
 
99CLUBS_PDF
99CLUBS_PDF99CLUBS_PDF
99CLUBS_PDF
 
Presentacion Proyecto # 42 Premio Eureka 2011 Mención Innovatividad Técnica
Presentacion Proyecto # 42 Premio Eureka 2011 Mención Innovatividad TécnicaPresentacion Proyecto # 42 Premio Eureka 2011 Mención Innovatividad Técnica
Presentacion Proyecto # 42 Premio Eureka 2011 Mención Innovatividad Técnica
 
ReThink at Google
ReThink at GoogleReThink at Google
ReThink at Google
 

Similar a Repsheet: A Behavior Based Approach to Web Application Security

ThoughtWorks Quarterly Technology Briefing June 2013, Berlin
ThoughtWorks Quarterly Technology Briefing June 2013, BerlinThoughtWorks Quarterly Technology Briefing June 2013, Berlin
ThoughtWorks Quarterly Technology Briefing June 2013, BerlinThoughtworks
 
OWASP Top 10 2013
OWASP Top 10 2013OWASP Top 10 2013
OWASP Top 10 2013markstory
 
Writing SaltStack Modules - OpenWest 2013
Writing SaltStack Modules - OpenWest 2013Writing SaltStack Modules - OpenWest 2013
Writing SaltStack Modules - OpenWest 2013SaltStack
 
Front-End Performance Starts On the Server
Front-End Performance Starts On the ServerFront-End Performance Starts On the Server
Front-End Performance Starts On the ServerJon Arne Sæterås
 
How to be a Chef (Developer Edition)
How to be a Chef (Developer Edition)How to be a Chef (Developer Edition)
How to be a Chef (Developer Edition)Rodrigo Ayala
 
JSDay 2013 - Practical Responsive Web Design
JSDay 2013 - Practical Responsive Web DesignJSDay 2013 - Practical Responsive Web Design
JSDay 2013 - Practical Responsive Web DesignJonathan Klein
 
Running At 99%: Mitigating App DoS
Running At 99%: Mitigating App DoSRunning At 99%: Mitigating App DoS
Running At 99%: Mitigating App DoSryan_huber
 
Bkbiet day1
Bkbiet day1Bkbiet day1
Bkbiet day1mihirio
 
Data Breaking Bad at Berlin Buzzwords
Data Breaking Bad at Berlin BuzzwordsData Breaking Bad at Berlin Buzzwords
Data Breaking Bad at Berlin BuzzwordsMapR Technologies
 
Mobilism 2013: A story of how we built Responsive BBC News
Mobilism 2013: A story of how we built Responsive BBC NewsMobilism 2013: A story of how we built Responsive BBC News
Mobilism 2013: A story of how we built Responsive BBC NewsJohn Cleveley
 
ExpressionEngine Conference: Rock Solid - Securing You Client's ExpressionEng...
ExpressionEngine Conference: Rock Solid - Securing You Client's ExpressionEng...ExpressionEngine Conference: Rock Solid - Securing You Client's ExpressionEng...
ExpressionEngine Conference: Rock Solid - Securing You Client's ExpressionEng...David Dexter
 
Malware SPAM - March 2013
Malware SPAM - March 2013Malware SPAM - March 2013
Malware SPAM - March 2013Brent Muir
 
Bring the Noise
Bring the NoiseBring the Noise
Bring the NoiseJon Cowie
 
e-Business World 2013 - Βεντούρης Χρήστος: The Landscape of 2013 … Mind your ...
e-Business World 2013 - Βεντούρης Χρήστος: The Landscape of 2013 … Mind your ...e-Business World 2013 - Βεντούρης Χρήστος: The Landscape of 2013 … Mind your ...
e-Business World 2013 - Βεντούρης Χρήστος: The Landscape of 2013 … Mind your ...InfoCom Conferences
 
Making your websites fast and scalable - Deri Jones CEO, SciVisum Ltd
Making your websites fast and scalable - Deri Jones CEO, SciVisum LtdMaking your websites fast and scalable - Deri Jones CEO, SciVisum Ltd
Making your websites fast and scalable - Deri Jones CEO, SciVisum LtdSciVisum Ltd
 
The Future is Responsive
The Future is ResponsiveThe Future is Responsive
The Future is ResponsiveJonathan Smiley
 

Similar a Repsheet: A Behavior Based Approach to Web Application Security (20)

ThoughtWorks Quarterly Technology Briefing June 2013, Berlin
ThoughtWorks Quarterly Technology Briefing June 2013, BerlinThoughtWorks Quarterly Technology Briefing June 2013, Berlin
ThoughtWorks Quarterly Technology Briefing June 2013, Berlin
 
Armorizing applications
Armorizing applicationsArmorizing applications
Armorizing applications
 
OWASP Top 10 2013
OWASP Top 10 2013OWASP Top 10 2013
OWASP Top 10 2013
 
Writing SaltStack Modules - OpenWest 2013
Writing SaltStack Modules - OpenWest 2013Writing SaltStack Modules - OpenWest 2013
Writing SaltStack Modules - OpenWest 2013
 
Front-End Performance Starts On the Server
Front-End Performance Starts On the ServerFront-End Performance Starts On the Server
Front-End Performance Starts On the Server
 
How to be a Chef (Developer Edition)
How to be a Chef (Developer Edition)How to be a Chef (Developer Edition)
How to be a Chef (Developer Edition)
 
2013 - Mark story - Avoiding the Owasp
2013 - Mark story - Avoiding the Owasp2013 - Mark story - Avoiding the Owasp
2013 - Mark story - Avoiding the Owasp
 
JSDay 2013 - Practical Responsive Web Design
JSDay 2013 - Practical Responsive Web DesignJSDay 2013 - Practical Responsive Web Design
JSDay 2013 - Practical Responsive Web Design
 
Running At 99%: Mitigating App DoS
Running At 99%: Mitigating App DoSRunning At 99%: Mitigating App DoS
Running At 99%: Mitigating App DoS
 
Bkbiet day1
Bkbiet day1Bkbiet day1
Bkbiet day1
 
How to get involved in Mozilla
How to get involved in MozillaHow to get involved in Mozilla
How to get involved in Mozilla
 
Data Breaking Bad at Berlin Buzzwords
Data Breaking Bad at Berlin BuzzwordsData Breaking Bad at Berlin Buzzwords
Data Breaking Bad at Berlin Buzzwords
 
Mobilism 2013: A story of how we built Responsive BBC News
Mobilism 2013: A story of how we built Responsive BBC NewsMobilism 2013: A story of how we built Responsive BBC News
Mobilism 2013: A story of how we built Responsive BBC News
 
ExpressionEngine Conference: Rock Solid - Securing You Client's ExpressionEng...
ExpressionEngine Conference: Rock Solid - Securing You Client's ExpressionEng...ExpressionEngine Conference: Rock Solid - Securing You Client's ExpressionEng...
ExpressionEngine Conference: Rock Solid - Securing You Client's ExpressionEng...
 
Malware SPAM - March 2013
Malware SPAM - March 2013Malware SPAM - March 2013
Malware SPAM - March 2013
 
Bring the Noise
Bring the NoiseBring the Noise
Bring the Noise
 
e-Business World 2013 - Βεντούρης Χρήστος: The Landscape of 2013 … Mind your ...
e-Business World 2013 - Βεντούρης Χρήστος: The Landscape of 2013 … Mind your ...e-Business World 2013 - Βεντούρης Χρήστος: The Landscape of 2013 … Mind your ...
e-Business World 2013 - Βεντούρης Χρήστος: The Landscape of 2013 … Mind your ...
 
Making your websites fast and scalable - Deri Jones CEO, SciVisum Ltd
Making your websites fast and scalable - Deri Jones CEO, SciVisum LtdMaking your websites fast and scalable - Deri Jones CEO, SciVisum Ltd
Making your websites fast and scalable - Deri Jones CEO, SciVisum Ltd
 
The Future is Responsive
The Future is ResponsiveThe Future is Responsive
The Future is Responsive
 
Node.js Introduction
Node.js IntroductionNode.js Introduction
Node.js Introduction
 

Más de Aaron Bedra

The Cost of Complexity
The Cost of ComplexityThe Cost of Complexity
The Cost of ComplexityAaron Bedra
 
AWS Security Essentials
AWS Security EssentialsAWS Security Essentials
AWS Security EssentialsAaron Bedra
 
Leveling the playing field
Leveling the playing fieldLeveling the playing field
Leveling the playing fieldAaron Bedra
 
Windy City Rails - Layered Security
Windy City Rails - Layered SecurityWindy City Rails - Layered Security
Windy City Rails - Layered SecurityAaron Bedra
 
Focus, SCNA 2011
Focus, SCNA 2011Focus, SCNA 2011
Focus, SCNA 2011Aaron Bedra
 
Pontificating quantification
Pontificating quantificationPontificating quantification
Pontificating quantificationAaron Bedra
 
Clojure in the Field
Clojure in the FieldClojure in the Field
Clojure in the FieldAaron Bedra
 
The Art of the Spike
The Art of the SpikeThe Art of the Spike
The Art of the SpikeAaron Bedra
 

Más de Aaron Bedra (8)

The Cost of Complexity
The Cost of ComplexityThe Cost of Complexity
The Cost of Complexity
 
AWS Security Essentials
AWS Security EssentialsAWS Security Essentials
AWS Security Essentials
 
Leveling the playing field
Leveling the playing fieldLeveling the playing field
Leveling the playing field
 
Windy City Rails - Layered Security
Windy City Rails - Layered SecurityWindy City Rails - Layered Security
Windy City Rails - Layered Security
 
Focus, SCNA 2011
Focus, SCNA 2011Focus, SCNA 2011
Focus, SCNA 2011
 
Pontificating quantification
Pontificating quantificationPontificating quantification
Pontificating quantification
 
Clojure in the Field
Clojure in the FieldClojure in the Field
Clojure in the Field
 
The Art of the Spike
The Art of the SpikeThe Art of the Spike
The Art of the Spike
 

Último

AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusZilliz
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbuapidays
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...apidays
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 

Último (20)

AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 

Repsheet: A Behavior Based Approach to Web Application Security