[Owasp-appsensor-project] DHS & Georgia Tech Grant Funding Potential
ryan.barnett at owasp.org
Mon Aug 12 23:45:37 UTC 2013
To John's point about reporting and visualization - we have similar issues on the ModSecurity front. Considering that we have implemented many AppSensor detection points within the OWASP ModSecurity CRS. We currently mainly use a tool called the audit console and it accepts ModSecurity audit log data.
You can search and sort in a variety of ways however in general I feel that there is much to do with regards to making these events meaningful for a security analyst.
I don't really like the per- transaction views of most WAF alert data. I prefer more of an attacker-sequence view that shows paths of attacks or profiles the attacker a bit more. I actually like what Mykonos did with their dashboard - http://www.mykonossoftware.com/profile-the-attacker.php
I guess my point is that I agree that we need a better dashboard for these events but I am not sure if building one from scratch is the best use of time and resources. We could consider contributing to Audit Console to add features we need.
On Aug 12, 2013, at 2:49 PM, John Melton <jtmelton at gmail.com> wrote:
> I personally like the #2 idea. Getting the concept out is helpful, and seems like it would be very helpful, particularly within govt. circles.
> I really like the idea of sample applications using the implementation. From a development perspective, I also think it could be useful to build a reporting front-end for analysis by end-users. I am working on the engine piece and have a good handle on that, but the visualization of the data is probably an area that could use some love. However, these dev tasks might be a stretch to start now.
> If our proposal were accepted, when would the work begin? I think if the work started after the new year, I'd be comfortable proposing any of the dev ideas, but if sooner, I'd say go with just the documentation.
> On Mon, Aug 12, 2013 at 4:33 PM, Colin Watson <colin.watson at owasp.org> wrote:
>> I have discussed this a little with Samantha. Apparently there is an
>> opportunity to fund marketing, promotion, reviewing, development, and
>> writing expense, but not for example travel.
>> A couple of suggestions:
>> 1. fund a competition for the best implementation, demonstrations,
>> supporting applications (e.g. $5,000 first, three $2000 runners up and
>> five $1,000s plus some admin costs for running it?)
>> 2. pay to print and distribute further copies of the upcoming v2
>> Guide (e.g. to give them away at developer events, perhaps in the US
>> But we have an opportunity to write this by end of tomorrow and submit
>> for 2013, or wait a year and do it in 2014. I think we should put some
>> sort of bid in, the question is what for. I can spend some time
>> tomorrow writing up, if other contributors on this list can provide a
>> steer as to what they think is achievable and might gain support. I
>> think both of the ideas above avoid paying volunteers.
>> On 12 August 2013 21:17, Samantha Groves <samantha.groves at owasp.org> wrote:
>> > Hello AppSensor Team,
>> > Colin has asked me to inform you that you currently have an opportunity to
>> > submit a proposal for grant funding from the Department of Homeland
>> > Security. See the HOST Website for more information. Additionally, see the
>> > grant page for more information on the grant opportunity.
>> > Please have a look and let me know if this is something you are interested
>> > in pursuing. Additionally, please share any ideas you may have on
>> > objectives, and activities that you would like to take part in for AppSensor
>> > with Grant support, if awarded.
>> > Thank you,
>> > SG.
>> > --
>> > Samantha Groves, MBA
>> > OWASP Projects Manager
>> > The OWASP Foundation
>> > Arizona, USA
>> > Email: samantha.groves at owasp.org
>> > Skype: samanthahz
>> > OWASP Global Projects
>> > Book a Meeting with Me
>> > OWASP Contact US Form
>> > New Project Application Form
>> > _______________________________________________
>> > Owasp-appsensor-project mailing list
>> > Owasp-appsensor-project at lists.owasp.org
>> > https://lists.owasp.org/mailman/listinfo/owasp-appsensor-project
>> Owasp-appsensor-project mailing list
>> Owasp-appsensor-project at lists.owasp.org
> Owasp-appsensor-project mailing list
> Owasp-appsensor-project at lists.owasp.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-appsensor-project