[Owasp-appsensor-project] Additional Detection Points - Change to Environment Threat Level

Michael Coates michael.coates at owasp.org
Thu Jun 10 19:12:52 EDT 2010


John has a good point that we aren't ready to implement this into the 
code, but we can still list it as a detection point in the wiki.  Our 
AppSensor information project provides someone with all the knowledge to 
roll their own AppSensor. The AppSensor code that we are developing is 
one implementation in Java with ESAPI integration. So although we may 
not support this detection point in our code, its still a good idea for 
someone else to consider.

Michael Coates
OWASP


On 6/9/10 7:15 PM, John Melton wrote:
> I say no here for now ... I think this could be incredibly useful, but 
> as there's currently no concept of a tiered response level in 
> appsensor, I don't think this should be included until that concept 
> exists.
>
> On Wed, Jun 9, 2010 at 10:32 AM, Colin Watson <colin.watson at owasp.org 
> <mailto:colin.watson at owasp.org>> wrote:
>
>     Suggestion to add a new detection point.  Has this already been ruled
>     out?  Should it be added?  Is the description/categorization suitable?
>
>     Source
>     -----------------------------------
>     Just another idea, but based on discussions about creating an Internet
>     Threat Exposure (ITE) index by the UK Cybersecurity KTN in 2008.
>
>     Description
>     -----------------------------------
>     The general threat level (e.g. general risk of attack from the
>     Internet, or specific targetted attacks against an organisation) is
>     elevated.  This could also be used to change response sensitivity due
>     to short-term effects such as application upgrades/patching.  This
>     input could be used to alter thresholds for AppSensor responses.
>
>     Suggested categorization
>     -----------------------------------
>     In the suggested new category "Reputation" (see RP1 Suspicious
>     User IP Address)
>     RP5 Change to Environment Threat Level
>     _______________________________________________
>     Owasp-appsensor-project mailing list
>     Owasp-appsensor-project at lists.owasp.org
>     <mailto:Owasp-appsensor-project at lists.owasp.org>
>     https://lists.owasp.org/mailman/listinfo/owasp-appsensor-project
>
>
>
> _______________________________________________
> Owasp-appsensor-project mailing list
> Owasp-appsensor-project at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-appsensor-project
>    
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-appsensor-project/attachments/20100610/643ab5b6/attachment.html 


More information about the Owasp-appsensor-project mailing list