[Owasp-appsensor-project] New Detection Point Candidate: New Parent Category - OutputException (OE)
ryan.barnett at owasp.org
Fri Sep 30 11:52:38 EDT 2011
We currently have InputException (IE) and this would be its counterpart and
would include all issues related to inspecting the HTTP response.
There are a number of current detection points that could move here -
* IE7: Detect Abnormal Content Output Structure could actually move here
* CIE2: Detect Abnormal Quantity of Returned Records
There is also a new Detection Point for this category that I recommend -
- Deviation from normal response time interval which could detect if an
application is under a resource DoS attack.
So the new category could be this -
* OE1: Detect Abnormal Content Output Structure
* OE2: Detect Abnormal Quantity of Returned Records
* OE3: Deviation from normal response time interval
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-appsensor-project