[Owasp-appsensor-project] Presentations in Europe during May and June

Colin Watson colin.watson at owasp.org
Fri Jun 10 04:04:12 EDT 2011


I should also say, if anyone would like my original .MOV files of the
screen recordings, I can email them directly.  They are better quality
than the way YouTube has re-processed them.  About 12 and 32 Mb files.

Colin

On 10 June 2011 08:22, Colin Watson <colin.watson at owasp.org> wrote:
> John
>
> I was talking about this sort of architecture:
>
> 1. Attacker
> 2. -> Attacks
> 3. -> -> Application
> 4. <-> <-> AppSensor
> 5. -> -> -> -> Signalling
> 6. -> -> -> -> -> Dashboard
>
> but wanted to show a whole range of example data (detection points and
> responses).  It was therefore easier for me just to demo 5 & 6.  To do
> that, I did:
>
> 5.a  Log file of events (like a security event log)
> 5.b  Perl with Sockets to read the log file and broadcast the events
> onto the network
> 6.a  A Comet (Ajax push) server to collect the events and stream them
> to subscribing clients
> 6.b  A static web page built using HTML, CSS and using the Dojo
> JavaScript toolkit for the general layout
> 6.c  The web page contained three tables which subscribed to the
> particular feeds coming from the Comet server
>
> For simplicity the web page was also hosted on the Comet server, but
> in practice it would be a separate 'proper' web server.  I had some
> prior experience with Lightstreamer, so used that for the Comet part
> and adapted their demonstration scripts and their Lightstreamer
> JavaScript libraries to display characteristics I wanted to show.
> That server has a free licence for a single subscribing IP address.
> There are other Comet servers available including open source ones
> which I would like to investigate.  Then I would really like to get
> something more robust built that say integrates with ESAPI in some
> way.  Then we can join all the dots from 1 to 6 in a single
> application.
>
> Colin
>
> On 9 June 2011 19:57, John Melton <jtmelton at gmail.com> wrote:
>> Colin,
>> VERY COOL. Those videos are great. It really shows the power of what
>> appsensor can do with proper visualization. Just curious - what was the demo
>> UI built in?
>> Thanks,
>> John
>>
>> On Thu, Jun 9, 2011 at 1:54 PM, Colin Watson <colin.watson at owasp.org> wrote:
>>>
>>> An update on these presentations...
>>>
>>> The presentation at the ISSD Conference in London on 19th May was
>>> received well, but again interest in "who is doing this" as if in
>>> disbelief.  However many people clearly got the idea and were
>>> impressed.  I hadn't watched Michael's presentation to OWASP
>>> Minneapolis St Paul at that time, otherwise would have mentioned the
>>> "large insurance company" too.
>>>
>>> In Athens at the OWASP Greece training day, there was an audience of
>>> 140 - most of whom were developers.  Lots of questions on the
>>> practically of adding these ideas, and one about using it for anomaly
>>> detection.
>>>
>>> At AppSec EU today, I had a question about which frameworks offered
>>> support (ESAPI and Shiro), the potential effect of adding more
>>> vulnerabilities by adding more code (certainly possible), whether
>>> syslog could be used for signalling (yes).  My live demonstration of
>>> example AppSensor dashboards was slightly hindered by some display
>>> resolution problems with the projector, but I have uploaded the videos
>>> of the demos to YouTube:
>>>
>>>   http://www.youtube.com/watch?v=zCaYREAyiRg
>>>
>>>   http://www.youtube.com/watch?v=YZ5zGQ-XLkk
>>>
>>> The AppSec EU presentation will appear on the OWASP wiki in due course.
>>>
>>> Colin
>>> _______________________________________________
>>> Owasp-appsensor-project mailing list
>>> Owasp-appsensor-project at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-appsensor-project
>>
>>
>


More information about the Owasp-appsensor-project mailing list