[Owasp-appsensor-project] CERT/CC - "Network Monitoring for Web-Based Threats" released
michael.coates at owasp.org
Mon Mar 7 23:44:10 EST 2011
An interesting document. It steps through the an attacker's methodology for attacking an application, closely following the OWASP Web Application Penetration Testing Guide, and provides details to understand the attack. This is followed by a section of "Detection/Prevention Methods". At first I thought this would be similar to the AppSensor project, but upon further reading it seems to be more of a lockdown guide. For example, make sure to not leak information through error codes.
Its a probably a good read (I just skimmed it). We may be able to glean a few more detection points that we might have missed.
On Mar 6, 2011, at 7:30 PM, Christian Heinrich wrote:
> I am not sure if
> has been discussed - I couldn't find it in the mailing list archives.
> To quote the above blog post "The report draws on related work such as
> OWASP but comes from a different point of view. While OWASP is focused
> on developing web applications securely, this report focuses more on
> situations where you don't have that control, but you need to protect
> servers and clients from web-based threats."
> Christian Heinrich
> Owasp-appsensor-project mailing list
> Owasp-appsensor-project at lists.owasp.org
More information about the Owasp-appsensor-project