[Owasp-appsensor-project] Book - Request for contributors, editors and reviewers

Colin Watson colin.watson at owasp.org
Tue Jun 4 10:44:17 UTC 2013


All

We have been working on a draft of a new version of the AppSensor
Guide and it is getting to the stage where we have a good structure
based on that identified in the 2011 summit, and a large amount of
content. I have drafted text and Dennis Groves is reviewing and adding
more content.  John Melton and Jay Reynold's glossary has been
incorporated. Rauf Butt's text on the web services version has been
added. Text has been acquired from Michael Coates' original book and
from the wiki. And, text has been taken from other mailing list posts
and discussions at events.

We would like to have a version of the book available to promote at
the next OWASP AppSec global conferences, the first of which is in
Hamburg in August.

This may mean the book is released as say v1.9 instead of v2.0, so we
can continue to add more content over the next few months.
Subsequently once we have a "complete" v2, we can also take the step
of converting into a more accessible, and more easily to contribute,
e-book format. This can then be used for a living v2.x version.

But for the moment, I would like to ask for people with time to review
the draft book to date, and also to see if they can extend or fill in
other parts? This will require effort over the next 4-5 weeks. The
book is currently being written in Word .DOC format, but ultimately
will be converted into other formats. Please let me know if you can
help.

The current contents list is reproduced below, but this is still
subject to your ideas and input.

Best regards

Colin

------------------------------------------------------------------

Cover
Title
Acknowledgments, Project leadership and Contributors
Contents


Part I : Overview
------------------------------------------------------------------

CHAPTER 1 : APPLICATION-SPECIFIC INTRUSION DETECTION & RESPONSE
Purpose, Dynamic defense, The application advantage, Benefits to
organizations and users, AppSensor attack-aware applications with
real-time response, Technique adoption

CHAPTER 2 : PROTECTION MEASURES Intrusion detection and prevention
fundamentals, Detecting attacks on application, The issue of
vulnerabilities, Infrastructure protection mechanisms, Application
protection mechanisms, AppSensor defining characteristics

CHAPTER 3 : THE APPSENSOR APPROACH Stop! Specify, design, build,
deploy and operate secure applications first, Other preliminary
requirements, Architecture, The process, Roles

CHAPTER 4 : CONCEPTUAL ELEMENTS Introduction, Approach, Detection,
Thresholds to determine an attack, Response


Part II : Illustrative Case Studies
------------------------------------------------------------------

CHAPTER 5 : CASE STUDY OF A RAPIDLY DEPLOYED WEB APPLICATION
CHAPTER 6 : CASE STUDY OF A MAGAZINE’S MOBILE APP
CHAPTER 7 : CASE STUDY OF A SMART GRID CONSUMER METER
CHAPTER 8 : CASE STUDY OF A FINANCIAL MARKET TRADING SYSTEM
CHAPTER 9 : CASE STUDY OF A B2C E-COMMERCE WEBSITE
CHAPTER 10 : CASE STUDY OF B2B WEB SERVICES
CHAPTER 11 : CASE STUDY OF A SOMETHING ELSE???


Part III : Making It Happen
------------------------------------------------------------------

CHAPTER 12 : INTRODUCTION Process, culture and technology agnostic,
Begin with a pilot application, Suggested method

CHAPTER 13 : DESIGN AND IMPLEMENTATION Management support,
Organizational policy, Architecture, Detection point selection,
Response actions and thresholds, Implementation

CHAPTER 14 : VERIFICATION, DEPLOYMENT AND OPERATION CHAPTER 15 :
SOFTWARE ACQUISITION PROCESSES

CHAPTER 16 : ADVANCED DETECTION POINTS Approach, Inspirational
detection points, Detection point requirements, Model creation,
Optimization, Attack analysis

CHAPTER 17 : ADVANCED RESPONSE ACTIONS AND THRESHOLDS Approach,
Conventional defenses vs. AppSensor defenses, Built-in potential,
Inspirational response actions, Attack detection threshold definition,
Thresholds for aggregating detection points, Thresholds for user event
and user trend detection points, Thresholds for system trend detection
points, Thresholds for modifying detection points, Threshold tuning,
Other considerations


Part IV : Demonstration Implementations
------------------------------------------------------------------

CHAPTER 18 : WEB SERVICES (APPSENSOR WS)
CHAPTER 19 : FULLY INTEGRATED (APPSENSOR CORE)
CHAPTER 20 : LOCAL DATABASE
CHAPTER 21 : .NET MAGIC???
CHAPTER 22 : USING SIEM???
CHAPTER 23 : USING OSSEC OR SPLUNK???
CHAPTER 24 : LEVERAGING A WEB APPLICATION FIREWALL


Part V : Reference
------------------------------------------------------------------

GLOSSARY
DETECTION POINTS
RESPONSE ACTIONS
SPECIFICATION AND CONTRACTUAL CLAUSES
AWARENESS AND TRAINING RESOURCES
BIBLIOGRAPHY

------------------------------------------------------------------


More information about the Owasp-appsensor-project mailing list