[Owasp-appsensor-project] Cheat sheet?

Colin Watson colin.watson at owasp.org
Thu May 3 17:58:43 UTC 2012


John

Thank you. It was a bit of a brain dump.  I like to have all my notes
on a subject in one place, and I just thought, I may as well scribble
a cheat sheet. If you, or anyone else, have any more logging ideas,
feel free to add them in the wiki.

Do you think doing one for "Application attack detection and response"
would be worth writing? Just to define the important concepts (not
logging, doesn't do detection for you, secure code first, etc), rather
than delving in too deeply - and of course a link or two into
AppSensor. I don't mind writing most of it.

Colin

On 3 May 2012 17:34, John Melton <jtmelton at gmail.com> wrote:
> Colin,
> I've had this sitting in my inbox and just got a chance to look at it. This
> is fantastic work! Something like this is really needed by the community I
> think. Awareness about logging is currently severely lacking and ad-hoc, so
> this is excellent.
> Thanks,
> John
>
> On Mon, Apr 23, 2012 at 11:23 AM, Colin Watson <colin.watson at owasp.org>
> wrote:
>>
>> The cheat sheet series seems to be moving along at a rapid pace:
>>
>>   https://www.owasp.org/index.php/Cheat_Sheets
>>
>> There's a discussion over on the GPC list about creating some printed
>> copies for handouts fairly soon. So I have just produced a first draft
>> of a logging cheat sheet today:
>>
>>   https://www.owasp.org/index.php/Logging_Cheat_Sheet
>>
>> I think Jim M will circulate this for wider contribution/discussion. I
>> wanted to have something (somewhere else) we can refer to from
>> AppSensor without getting AppSensor bogged down in talking about
>> logging.
>>
>> Do you think we could produce a cheat sheet for AppSensor-like
>> functionality and perhaps call it more generically the "Attack
>> Detection & Response Cheat Sheet"? It might help get the idea out
>> there and can be a platform to clear up misconceptions.
>>
>> Colin
>> _______________________________________________
>> Owasp-appsensor-project mailing list
>> Owasp-appsensor-project at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-appsensor-project
>
>


More information about the Owasp-appsensor-project mailing list