[Owasp-appsensor-project] DHS & Georgia Tech Grant Funding Potential

Colin Watson colin.watson at owasp.org
Tue Aug 13 07:12:47 UTC 2013


I have the impression, the view is to apply for some funding to held
the guide now (today!), and plan on thinking about support for
application/tool in 2014.


I will work on this 2-6pm UK time (GMT+1) and upload for comment.

Colin


On 13 August 2013 01:20, Dennis Groves <dennis.groves at gmail.com> wrote:
> wow, yeah - great post….
>
>
> On 12 Aug 2013, at 17:10, Jim Manico wrote:
>
>> Whoa, +1 Ryan!
>>
>> --
>> Jim Manico
>> @Manicode
>> (808) 652-3805
>>
>> On Aug 12, 2013, at 7:45 PM, Ryan Barnett <ryan.barnett at owasp.org> wrote:
>>
>> To John's point about reporting and visualization - we have similar issues
>> on the ModSecurity front. Considering that we have implemented many
>> AppSensor detection points within the OWASP ModSecurity CRS. We currently
>> mainly use a tool called the audit console and it accepts ModSecurity
>> audit
>> log data.
>>
>> http://www.jwall.org/web/audit/console/index.jsp
>>
>> You can search and sort in a variety of ways however in general I feel
>> that
>> there is much to do with regards to making these events meaningful for a
>> security analyst.
>>
>> I don't really like the per- transaction views of most WAF alert data. I
>> prefer more of an attacker-sequence view that shows paths of attacks or
>> profiles the attacker a bit more. I actually like what Mykonos did with
>> their dashboard - http://www.mykonossoftware.com/profile-the-attacker.php
>>
>> I guess my point is that I agree that we need a better dashboard for these
>> events but I am not sure if building one from scratch is the best use of
>> time and resources. We could consider contributing to Audit Console to add
>> features we need.
>>
>> --
>> Ryan Barnett
>
>
>
> [Dennis Groves](http://about.me/dennis.groves), MSc
> [Email me](mailto:dennis.groves at owasp.org) or [schedule a
> meeting](http://goo.gl/8sPIy).
>
>     Unless someone like you...cares a whole awful lot...
>     nothing is going to get better...It's not."
>                                             -- The Lorax
> _______________________________________________
> Owasp-appsensor-project mailing list
> Owasp-appsensor-project at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-appsensor-project


More information about the Owasp-appsensor-project mailing list