[Owasp-appsensor-project] Additional Detection Points - Change to Environment Threat Level

Colin Watson colin.watson at owasp.org
Fri Jun 11 04:44:07 EDT 2010


Noted.

Colin

On 11 June 2010 00:12, Michael Coates <michael.coates at owasp.org> wrote:
> John has a good point that we aren't ready to implement this into the code,
> but we can still list it as a detection point in the wiki.  Our AppSensor
> information project provides someone with all the knowledge to roll their
> own AppSensor. The AppSensor code that we are developing is one
> implementation in Java with ESAPI integration. So although we may not
> support this detection point in our code, its still a good idea for someone
> else to consider.
>
> Michael Coates
> OWASP
>
> On 6/9/10 7:15 PM, John Melton wrote:
>
> I say no here for now ... I think this could be incredibly useful, but as
> there's currently no concept of a tiered response level in appsensor, I
> don't think this should be included until that concept exists.
>
> On Wed, Jun 9, 2010 at 10:32 AM, Colin Watson <colin.watson at owasp.org>
> wrote:
>>
>> Suggestion to add a new detection point.  Has this already been ruled
>> out?  Should it be added?  Is the description/categorization suitable?
>>
>> Source
>> -----------------------------------
>> Just another idea, but based on discussions about creating an Internet
>> Threat Exposure (ITE) index by the UK Cybersecurity KTN in 2008.
>>
>> Description
>> -----------------------------------
>> The general threat level (e.g. general risk of attack from the
>> Internet, or specific targetted attacks against an organisation) is
>> elevated.  This could also be used to change response sensitivity due
>> to short-term effects such as application upgrades/patching.  This
>> input could be used to alter thresholds for AppSensor responses.
>>
>> Suggested categorization
>> -----------------------------------
>> In the suggested new category "Reputation" (see RP1 Suspicious User IP
>> Address)
>> RP5 Change to Environment Threat Level
>> _______________________________________________
>> Owasp-appsensor-project mailing list
>> Owasp-appsensor-project at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-appsensor-project
>
>
> _______________________________________________
> Owasp-appsensor-project mailing list
> Owasp-appsensor-project at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-appsensor-project
>


More information about the Owasp-appsensor-project mailing list