[Owasp-appsensor-project] DHS & Georgia Tech Grant Funding Potential
colin.watson at owasp.org
Tue Aug 13 07:12:47 UTC 2013
I have the impression, the view is to apply for some funding to held
the guide now (today!), and plan on thinking about support for
application/tool in 2014.
I will work on this 2-6pm UK time (GMT+1) and upload for comment.
On 13 August 2013 01:20, Dennis Groves <dennis.groves at gmail.com> wrote:
> wow, yeah - great post….
> On 12 Aug 2013, at 17:10, Jim Manico wrote:
>> Whoa, +1 Ryan!
>> Jim Manico
>> (808) 652-3805
>> On Aug 12, 2013, at 7:45 PM, Ryan Barnett <ryan.barnett at owasp.org> wrote:
>> To John's point about reporting and visualization - we have similar issues
>> on the ModSecurity front. Considering that we have implemented many
>> AppSensor detection points within the OWASP ModSecurity CRS. We currently
>> mainly use a tool called the audit console and it accepts ModSecurity
>> log data.
>> You can search and sort in a variety of ways however in general I feel
>> there is much to do with regards to making these events meaningful for a
>> security analyst.
>> I don't really like the per- transaction views of most WAF alert data. I
>> prefer more of an attacker-sequence view that shows paths of attacks or
>> profiles the attacker a bit more. I actually like what Mykonos did with
>> their dashboard - http://www.mykonossoftware.com/profile-the-attacker.php
>> I guess my point is that I agree that we need a better dashboard for these
>> events but I am not sure if building one from scratch is the best use of
>> time and resources. We could consider contributing to Audit Console to add
>> features we need.
>> Ryan Barnett
> [Dennis Groves](http://about.me/dennis.groves), MSc
> [Email me](mailto:dennis.groves at owasp.org) or [schedule a
> Unless someone like you...cares a whole awful lot...
> nothing is going to get better...It's not."
> -- The Lorax
> Owasp-appsensor-project mailing list
> Owasp-appsensor-project at lists.owasp.org
More information about the Owasp-appsensor-project