SlideShare a Scribd company logo

Armorizing applications

Iftach Ian Amit
Iftach Ian Amit

This document discusses the importance of application logs for security purposes. It notes that while network, system and other logs have improved, application logs are still often lacking crucial context about user actions and application state. To effectively investigate issues, security analysts need a unified view of all log data, including details applications have about user sessions, access and functionality used. The document urges application developers to make more of this type of contextual log data available to defenders to help connect dots between different system components and entities.

Technology
1 of 84
Download to read offline
Armorizing Applications Iftach Ian Amit Director of Services Friday, October 11, 13
Hi! Friday, October 11, 13
I’m not an application guy :-| Friday, October 11, 13
I’m a security guy Who actually used to do some application stuff Friday, October 11, 13
whoami? $ id uid=501(iamit) gid=20(ioactive) groups=12(hack), 33(research),61(dev),79(red_team),80(sexy_defense), 81(exil),98(idf),100(dc9723),204(/dev/null) Friday, October 11, 13
Attack? Defense! Friday, October 11, 13
So, I’ve been dealing with defense a lot Friday, October 11, 13
As in - helping defenders get a head start Friday, October 11, 13
Guess what? We are still failing on the basics... Friday, October 11, 13
Logs... Friday, October 11, 13
Logs... Firewall Friday, October 11, 13
Logs... Firewall IDS Friday, October 11, 13
Logs... Firewall IDS IPS Friday, October 11, 13
Logs... Firewall IDS IPS Network Friday, October 11, 13
Logs... Firewall IDS IPS Network HTTPD Friday, October 11, 13
Logs... Firewall IDS IPS Network HTTPD DBMS Friday, October 11, 13
Logs... Firewall IDS IPS Network HTTPD DBMS DNS Friday, October 11, 13
Logs... Firewall IDS IPS Network HTTPD DBMS DNS Application? Friday, October 11, 13
We still have sucky application logs :-( Friday, October 11, 13
Friday, October 11, 13
I mean, we came a long way since web-app coding in the 90’s I know. I’ve lived through it :-( Friday, October 11, 13
Example: Friday, October 11, 13
Example: Friday, October 11, 13
Example: Uses MVC. Actually very nicely architected... Friday, October 11, 13
Example: Uses MVC. Actually very nicely architected... Friday, October 11, 13
Example: Uses MVC. Actually very nicely architected... Good start.At least we can haz data. Friday, October 11, 13
Example: Uses MVC. Actually very nicely architected... Good start.At least we can haz data. This is pretty much useless* Friday, October 11, 13
Example: Uses MVC. Actually very nicely architected... Good start.At least we can haz data. This is pretty much useless* * from a security perspective. no doubt that when this breaks you’ll need it Friday, October 11, 13
Let’s get back to basics for a sec here Friday, October 11, 13
time=2013-03-02 23:59:57 action=drop orig=192.168.1.103 i/ f_dir=inbound i/ f_name=eth1c0 has_accounting=0 product=VPN-1 & FireWall-1 policy_name=INTERNET src=1.2.3.4 s_port=37586 dst=3.4.5.6 service=80 proto=tcp rule=16 xlatesrc=8.9.10.11 xlatesport=57517 xlatedport=0 NAT_rulenum=4 NAT_addtnl_rulenum=internal Friday, October 11, 13
Friday, October 11, 13
but wait, how about them HTTPD? Friday, October 11, 13
193.205.210.42 - - [09/Oct/2013:00:57:17 -0700] "GET /blog/2013/07/mail-encryption-for-android/ HTTP/1.1" 200 32064 "https:// www.google.it/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.69 Safari/ 537.36" 193.205.210.42 - - [09/Oct/2013:00:57:19 -0700] "GET /blog/wp-includes/js/comment-reply.min.js?ver=3.6.1 HTTP/1.1" 200 1068 "http:// www.iamit.org/blog/2013/07/mail-encryption-for-android/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.69 Safari/537.36" 193.205.210.42 - - [09/Oct/2013:00:57:19 -0700] "GET /blog/wp-content/plugins/podpress/js/podpress.js?ver=3.6.1 HTTP/1.1" 200 40786 "http://www.iamit.org/blog/2013/07/mail-encryption-for-android/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.69 Safari/537.36" 193.205.210.42 - - [09/Oct/2013:00:57:19 -0700] "GET /blog/wp-content/plugins/jetpack/modules/sharedaddy/sharing.css?ver=2.5 HTTP/ 1.1" 200 11641 "http://www.iamit.org/blog/2013/07/mail-encryption-for-android/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.69 Safari/537.36" 193.205.210.42 - - [09/Oct/2013:00:57:19 -0700] "GET /blog/wp-content/plugins/lightbox-2/lightbox.js?ver=1.8 HTTP/1.1" 200 21623 "http://www.iamit.org/blog/2013/07/mail-encryption-for-android/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.69 Safari/537.36" 193.205.210.42 - - [09/Oct/2013:00:57:19 -0700] "GET /blog/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 HTTP/1.1" 200 7484 "http://www.iamit.org/blog/2013/07/mail-encryption-for-android/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.69 Safari/537.36" 193.205.210.42 - - [09/Oct/2013:00:57:20 -0700] "GET /blog/wp-content/plugins/podpress/players/1pixelout/1pixelout_audio-player.js HTTP/1.1" 200 12305 "http://www.iamit.org/blog/2013/07/mail-encryption-for-android/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.69 Safari/537.36" 193.205.210.42 - - [09/Oct/2013:00:57:20 -0700] "GET /blog/wp-content/plugins/jetpack/modules/wpgroho.js?ver=3.6.1 HTTP/1.1" 200 1212 "http://www.iamit.org/blog/2013/07/mail-encryption-for-android/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/ 537.36 (KHTML, like Gecko) Chrome/30.0.1599.69 Safari/537.36" 193.205.210.42 - - [09/Oct/2013:00:57:20 -0700] "GET /blog/wp-content/plugins/jetpack/modules/sharedaddy/sharing.js?ver=20121205 HTTP/1.1" 200 39040 "http://www.iamit.org/blog/2013/07/mail-encryption-for-android/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.69 Safari/537.36" 193.205.210.42 - - [09/Oct/2013:00:57:21 -0700] "GET /blog/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=3.5.2 HTTP/1.1" 200 8610 "http://www.iamit.org/blog/2013/07/mail-encryption-for-android/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/ 537.36 (KHTML, like Gecko) Chrome/30.0.1599.69 Safari/537.36" 193.205.210.42 - - [09/Oct/2013:00:57:21 -0700] "GET /blog/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js? ver=3.40.0-2013.08.13 HTTP/1.1" 200 14910 "http://www.iamit.org/blog/2013/07/mail-encryption-for-android/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.69 Safari/537.36" 193.205.210.42 - - [09/Oct/2013:00:57:23 -0700] "GET /favicon.ico HTTP/1.1" 200 1351 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.69 Safari/537.36" 193.205.210.42 - - [09/Oct/2013:00:57:23 -0700] "GET /blog/wp-includes/js/jquery/jquery.js?ver=1.10.2 HTTP/1.1" 200 93371 "http:// www.iamit.org/blog/2013/07/mail-encryption-for-android/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_5) AppleWebKit/537.36Friday, October 11, 13
Don’t get me started... Friday, October 11, 13
And that’s AFTER taking into account “log analyzers” Friday, October 11, 13
“But you security guys have all these fancy SIEM stuff, right?” Friday, October 11, 13
Friday, October 11, 13
Friday, October 11, 13
Friday, October 11, 13
Yes, we have fancy dashboards and graphs and sometimes synchronized logs from multiple sources But it’s still a pain in the tuches Friday, October 11, 13
WHY? Friday, October 11, 13
Friday, October 11, 13
The application has ALL THE CONTEXT Friday, October 11, 13
Friday, October 11, 13
Friday, October 11, 13
Friday, October 11, 13
Yet you keep it to yourself Friday, October 11, 13
This made me cry in joy: Friday, October 11, 13
Friday, October 11, 13
Firewall Web Server Client X Client X ClientY Client X ClientY ClientY Client X Client X Client X ClientY ClientY index items index items+a items items+c checkout login confirm checkout confirm Friday, October 11, 13
Firewall Web ServerApplication Client X Client X ClientY Client X ClientY ClientY Client X Client X Client X ClientY ClientY index items index items+a items items+c checkout login confirm checkout confirm - John, from X, just bought A and shipped it paying with CC - Client fromY tried to bypass app logic and avoid payment/auth Friday, October 11, 13
Friday, October 11, 13
Friday, October 11, 13
Friday, October 11, 13
Rinse, Lather, Repeat Friday, October 11, 13
Everywhere! DB Access Session Management State Management User Management ... Friday, October 11, 13
Be a dot connector! Friday, October 11, 13
Counter Intelligence use-case Problem dormant accounts used for fraud (and/or money laundering) Friday, October 11, 13
Counter Intelligence use-case Problem dormant accounts used for fraud (and/or money laundering) Account Friday, October 11, 13
Counter Intelligence use-case Problem dormant accounts used for fraud (and/or money laundering) Account Friday, October 11, 13
Counter Intelligence use-case Problem dormant accounts used for fraud (and/or money laundering) Account >1yr dormant Friday, October 11, 13
Counter Intelligence use-case Problem dormant accounts used for fraud (and/or money laundering) Account >1yr dormant laundering Friday, October 11, 13
Counter Intelligence use-case Problem dormant accounts used for fraud (and/or money laundering) Account >1yr dormant laundering Intl. transfers Friday, October 11, 13
Counter Intelligence use-case Problem dormant accounts used for fraud (and/or money laundering) Account >1yr dormant laundering Intl. transfersInternal/ External??? Friday, October 11, 13
Account Friday, October 11, 13
AccountAccountAccountAccountAccount Friday, October 11, 13
List AccountAccountAccountAccountAccount Friday, October 11, 13
Marketing Accounting Branch mgmt. List AccountAccountAccountAccountAccount Friday, October 11, 13
Marketing Accounting Branch mgmt. List AccountAccountAccountAccountAccount Friday, October 11, 13
Marketing Accounting Branch mgmt. List AccountAccountAccountAccountAccount List AccountAccountAccountAccountAccount Friday, October 11, 13
Marketing Accounting Branch mgmt. List AccountAccountAccountAccountAccount List AccountAccountAccountAccountAccount List AccountAccountAccountAccountAccount Friday, October 11, 13
Marketing Accounting Branch mgmt. List AccountAccountAccountAccountAccount List AccountAccountAccountAccountAccount List AccountAccountAccountAccountAccount Internal user Friday, October 11, 13
Marketing Accounting Branch mgmt. List AccountAccountAccountAccountAccount List AccountAccountAccountAccountAccount List AccountAccountAccountAccountAccount Internal user Friday, October 11, 13
Marketing Accounting Branch mgmt. List AccountAccountAccountAccountAccount List AccountAccountAccountAccountAccount List AccountAccountAccountAccountAccount Internal user Friday, October 11, 13
Internal user Friday, October 11, 13
Internal user PC Friday, October 11, 13
Internal user PC Friday, October 11, 13
Internal user PC Trojan Friday, October 11, 13
Internal user PC Trojan Friday, October 11, 13
Internal user PC Trojan Friday, October 11, 13
Internal user PC Trojan C&C Friday, October 11, 13
Internal user PC Trojan C&C Bad Guys(tm) Friday, October 11, 13
Log on context Weird state changes Repeatable expectable actions Who, what, why Help me get the story right! Friday, October 11, 13
Questions? Comments! Ian Amit @iiamit ian.amit@ioactive.com Friday, October 11, 13

Recommended

WebShell - confoo 2011 - sean coates
WebShell - confoo 2011 - sean coatesWebShell - confoo 2011 - sean coates
WebShell - confoo 2011 - sean coatesBachkoutou Toutou
 
44CON London 2015 - Is there an EFI monster inside your apple?
44CON London 2015 - Is there an EFI monster inside your apple?44CON London 2015 - Is there an EFI monster inside your apple?
44CON London 2015 - Is there an EFI monster inside your apple?44CON
 
2012.09 A Million Mousetraps: Using Big Data and Little Loops to Build Better...
2012.09 A Million Mousetraps: Using Big Data and Little Loops to Build Better...2012.09 A Million Mousetraps: Using Big Data and Little Loops to Build Better...
2012.09 A Million Mousetraps: Using Big Data and Little Loops to Build Better...Allison Miller
 
Attacker Ghost Stories - ShmooCon 2014
Attacker Ghost Stories - ShmooCon 2014Attacker Ghost Stories - ShmooCon 2014
Attacker Ghost Stories - ShmooCon 2014Rob Fuller
 
Practical Exploitation - Webappy Style
Practical Exploitation - Webappy StylePractical Exploitation - Webappy Style
Practical Exploitation - Webappy StyleRob Fuller
 
Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)
Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)
Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)Rob Fuller
 
Inside a Digital Collection: Historic Clothing in Omeka
Inside a Digital Collection: Historic Clothing in OmekaInside a Digital Collection: Historic Clothing in Omeka
Inside a Digital Collection: Historic Clothing in OmekaArden Kirkland
 
Ant Build Tool
Ant Build ToolAnt Build Tool
Ant Build ToolRafael Mumme
 

Recommended

WebShell - confoo 2011 - sean coates
WebShell - confoo 2011 - sean coatesWebShell - confoo 2011 - sean coates
WebShell - confoo 2011 - sean coatesBachkoutou Toutou
 
44CON London 2015 - Is there an EFI monster inside your apple?
44CON London 2015 - Is there an EFI monster inside your apple?44CON London 2015 - Is there an EFI monster inside your apple?
44CON London 2015 - Is there an EFI monster inside your apple?44CON
 
2012.09 A Million Mousetraps: Using Big Data and Little Loops to Build Better...
2012.09 A Million Mousetraps: Using Big Data and Little Loops to Build Better...2012.09 A Million Mousetraps: Using Big Data and Little Loops to Build Better...
2012.09 A Million Mousetraps: Using Big Data and Little Loops to Build Better...Allison Miller
 
Attacker Ghost Stories - ShmooCon 2014
Attacker Ghost Stories - ShmooCon 2014Attacker Ghost Stories - ShmooCon 2014
Attacker Ghost Stories - ShmooCon 2014Rob Fuller
 
Practical Exploitation - Webappy Style
Practical Exploitation - Webappy StylePractical Exploitation - Webappy Style
Practical Exploitation - Webappy StyleRob Fuller
 
Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)
Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)
Attacker Ghost Stories (CarolinaCon / Area41 / RVASec)Rob Fuller
 
Inside a Digital Collection: Historic Clothing in Omeka
Inside a Digital Collection: Historic Clothing in OmekaInside a Digital Collection: Historic Clothing in Omeka
Inside a Digital Collection: Historic Clothing in OmekaArden Kirkland
 
Ant Build Tool
Ant Build ToolAnt Build Tool
Ant Build ToolRafael Mumme
 
Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2Iftach Ian Amit
 
"Cyber" security - all good, no need to worry?
"Cyber" security - all good, no need to worry?"Cyber" security - all good, no need to worry?
"Cyber" security - all good, no need to worry?Iftach Ian Amit
 
ISTS12 Keynote
ISTS12 KeynoteISTS12 Keynote
ISTS12 KeynoteIftach Ian Amit
 
Seeing Red In Your Future?
Seeing Red In Your Future?Seeing Red In Your Future?
Seeing Red In Your Future?Iftach Ian Amit
 
From your Pocket to your Heart and Back
From your Pocket to your Heart and BackFrom your Pocket to your Heart and Back
From your Pocket to your Heart and BackIftach Ian Amit
 
Hacking cyber-iamit
Hacking cyber-iamitHacking cyber-iamit
Hacking cyber-iamitIftach Ian Amit
 
Painting a Company Red and Blue
Painting a Company Red and BluePainting a Company Red and Blue
Painting a Company Red and BlueIftach Ian Amit
 
Social Media Risk Metrics
Social Media Risk MetricsSocial Media Risk Metrics
Social Media Risk MetricsIftach Ian Amit
 
Creación de tablas y relaciones en MySQL y wamp server
Creación de tablas y relaciones en MySQL y wamp serverCreación de tablas y relaciones en MySQL y wamp server
Creación de tablas y relaciones en MySQL y wamp serverJair Ospino Ardila
 
Tulsa techfest2010 security
Tulsa techfest2010 securityTulsa techfest2010 security
Tulsa techfest2010 securityJason Ragsdale
 
Running At 99%: Mitigating App DoS
Running At 99%: Mitigating App DoSRunning At 99%: Mitigating App DoS
Running At 99%: Mitigating App DoSryan_huber
 
Ilugc curl
Ilugc curlIlugc curl
Ilugc curlAkilan Ram
 
[jqconatx] Adaptive Images for Responsive Web Design
[jqconatx] Adaptive Images for Responsive Web Design[jqconatx] Adaptive Images for Responsive Web Design
[jqconatx] Adaptive Images for Responsive Web DesignChristopher Schmitt
 
Repsheet: A Behavior Based Approach to Web Application Security
Repsheet: A Behavior Based Approach to Web Application SecurityRepsheet: A Behavior Based Approach to Web Application Security
Repsheet: A Behavior Based Approach to Web Application SecurityAaron Bedra
 
OWASP Top 10 2013
OWASP Top 10 2013OWASP Top 10 2013
OWASP Top 10 2013markstory
 
2013 - Mark story - Avoiding the Owasp
2013 - Mark story - Avoiding the Owasp2013 - Mark story - Avoiding the Owasp
2013 - Mark story - Avoiding the OwaspPHP Conference Argentina
 
OSDC 2015: Pere Urbon | Scaling Logstash: A Collection of War Stories
OSDC 2015: Pere Urbon | Scaling Logstash: A Collection of War StoriesOSDC 2015: Pere Urbon | Scaling Logstash: A Collection of War Stories
OSDC 2015: Pere Urbon | Scaling Logstash: A Collection of War StoriesNETWAYS
 
Macruby - RubyConf Presentation 2010
Macruby - RubyConf Presentation 2010Macruby - RubyConf Presentation 2010
Macruby - RubyConf Presentation 2010Matt Aimonetti
 
Vinted life embetterment
Vinted life embettermentVinted life embetterment
Vinted life embettermentAgile Lietuva
 
Provisioning profiles like a Pro
Provisioning profiles like a ProProvisioning profiles like a Pro
Provisioning profiles like a ProJay Graves
 
In Plain Sight: The Perfect Exfiltration
In Plain Sight: The Perfect ExfiltrationIn Plain Sight: The Perfect Exfiltration
In Plain Sight: The Perfect ExfiltrationItzik Kotler
 
2nd Annual Start-up Launches with Dr. Werner Vogels (SPOT101) | AWS re:Invent...
2nd Annual Start-up Launches with Dr. Werner Vogels (SPOT101) | AWS re:Invent...2nd Annual Start-up Launches with Dr. Werner Vogels (SPOT101) | AWS re:Invent...
2nd Annual Start-up Launches with Dr. Werner Vogels (SPOT101) | AWS re:Invent...Amazon Web Services
 

More Related Content

Viewers also liked

Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2Iftach Ian Amit
 
"Cyber" security - all good, no need to worry?
"Cyber" security - all good, no need to worry?"Cyber" security - all good, no need to worry?
"Cyber" security - all good, no need to worry?Iftach Ian Amit
 
Seeing Red In Your Future?
Seeing Red In Your Future?Seeing Red In Your Future?
Seeing Red In Your Future?Iftach Ian Amit
 
From your Pocket to your Heart and Back
From your Pocket to your Heart and BackFrom your Pocket to your Heart and Back
From your Pocket to your Heart and BackIftach Ian Amit
 
Painting a Company Red and Blue
Painting a Company Red and BluePainting a Company Red and Blue
Painting a Company Red and BlueIftach Ian Amit
 
Social Media Risk Metrics
Social Media Risk MetricsSocial Media Risk Metrics
Social Media Risk MetricsIftach Ian Amit
 
Creación de tablas y relaciones en MySQL y wamp server
Creación de tablas y relaciones en MySQL y wamp serverCreación de tablas y relaciones en MySQL y wamp server
Creación de tablas y relaciones en MySQL y wamp serverJair Ospino Ardila
 

Viewers also liked (9)

Passwords good badugly181212-2
Passwords good badugly181212-2Passwords good badugly181212-2
Passwords good badugly181212-2
 
"Cyber" security - all good, no need to worry?
"Cyber" security - all good, no need to worry?"Cyber" security - all good, no need to worry?
"Cyber" security - all good, no need to worry?
 
ISTS12 Keynote
ISTS12 KeynoteISTS12 Keynote
ISTS12 Keynote
 
Seeing Red In Your Future?
Seeing Red In Your Future?Seeing Red In Your Future?
Seeing Red In Your Future?
 
From your Pocket to your Heart and Back
From your Pocket to your Heart and BackFrom your Pocket to your Heart and Back
From your Pocket to your Heart and Back
 
Hacking cyber-iamit
Hacking cyber-iamitHacking cyber-iamit
Hacking cyber-iamit
 
Painting a Company Red and Blue
Painting a Company Red and BluePainting a Company Red and Blue
Painting a Company Red and Blue
 
Social Media Risk Metrics
Social Media Risk MetricsSocial Media Risk Metrics
Social Media Risk Metrics
 
Creación de tablas y relaciones en MySQL y wamp server
Creación de tablas y relaciones en MySQL y wamp serverCreación de tablas y relaciones en MySQL y wamp server
Creación de tablas y relaciones en MySQL y wamp server
 

Similar to Armorizing applications

Tulsa techfest2010 security
Tulsa techfest2010 securityTulsa techfest2010 security
Tulsa techfest2010 securityJason Ragsdale
 
Running At 99%: Mitigating App DoS
Running At 99%: Mitigating App DoSRunning At 99%: Mitigating App DoS
Running At 99%: Mitigating App DoSryan_huber
 
[jqconatx] Adaptive Images for Responsive Web Design
[jqconatx] Adaptive Images for Responsive Web Design[jqconatx] Adaptive Images for Responsive Web Design
[jqconatx] Adaptive Images for Responsive Web DesignChristopher Schmitt
 
Repsheet: A Behavior Based Approach to Web Application Security
Repsheet: A Behavior Based Approach to Web Application SecurityRepsheet: A Behavior Based Approach to Web Application Security
Repsheet: A Behavior Based Approach to Web Application SecurityAaron Bedra
 
OWASP Top 10 2013
OWASP Top 10 2013OWASP Top 10 2013
OWASP Top 10 2013markstory
 
OSDC 2015: Pere Urbon | Scaling Logstash: A Collection of War Stories
OSDC 2015: Pere Urbon | Scaling Logstash: A Collection of War StoriesOSDC 2015: Pere Urbon | Scaling Logstash: A Collection of War Stories
OSDC 2015: Pere Urbon | Scaling Logstash: A Collection of War StoriesNETWAYS
 
Macruby - RubyConf Presentation 2010
Macruby - RubyConf Presentation 2010Macruby - RubyConf Presentation 2010
Macruby - RubyConf Presentation 2010Matt Aimonetti
 
Vinted life embetterment
Vinted life embettermentVinted life embetterment
Vinted life embettermentAgile Lietuva
 
Provisioning profiles like a Pro
Provisioning profiles like a ProProvisioning profiles like a Pro
Provisioning profiles like a ProJay Graves
 
In Plain Sight: The Perfect Exfiltration
In Plain Sight: The Perfect ExfiltrationIn Plain Sight: The Perfect Exfiltration
In Plain Sight: The Perfect ExfiltrationItzik Kotler
 
2nd Annual Start-up Launches with Dr. Werner Vogels (SPOT101) | AWS re:Invent...
2nd Annual Start-up Launches with Dr. Werner Vogels (SPOT101) | AWS re:Invent...2nd Annual Start-up Launches with Dr. Werner Vogels (SPOT101) | AWS re:Invent...
2nd Annual Start-up Launches with Dr. Werner Vogels (SPOT101) | AWS re:Invent...Amazon Web Services
 
Putting the 'web' into webRTC
Putting the 'web' into webRTCPutting the 'web' into webRTC
Putting the 'web' into webRTCTim Panton
 
Troubleshooting Live Java Web Applications
Troubleshooting Live Java Web ApplicationsTroubleshooting Live Java Web Applications
Troubleshooting Live Java Web Applicationsashleypuls
 
LogStash - Yes, logging can be awesome
LogStash - Yes, logging can be awesomeLogStash - Yes, logging can be awesome
LogStash - Yes, logging can be awesomeJames Turnbull
 
112 portfpres.pdf
112 portfpres.pdf112 portfpres.pdf
112 portfpres.pdfsash236
 
Petr Dvořák: Mobilní webové služby pohledem iPhone developera
Petr Dvořák: Mobilní webové služby pohledem iPhone developeraPetr Dvořák: Mobilní webové služby pohledem iPhone developera
Petr Dvořák: Mobilní webové služby pohledem iPhone developeraWebExpo
 
AppForum 2014 Boost Hybrid App Performance
AppForum 2014 Boost Hybrid App PerformanceAppForum 2014 Boost Hybrid App Performance
AppForum 2014 Boost Hybrid App Performancerobgalvinjr
 

Similar to Armorizing applications (20)

Tulsa techfest2010 security
Tulsa techfest2010 securityTulsa techfest2010 security
Tulsa techfest2010 security
 
Running At 99%: Mitigating App DoS
Running At 99%: Mitigating App DoSRunning At 99%: Mitigating App DoS
Running At 99%: Mitigating App DoS
 
Ilugc curl
Ilugc curlIlugc curl
Ilugc curl
 
[jqconatx] Adaptive Images for Responsive Web Design
[jqconatx] Adaptive Images for Responsive Web Design[jqconatx] Adaptive Images for Responsive Web Design
[jqconatx] Adaptive Images for Responsive Web Design
 
Repsheet: A Behavior Based Approach to Web Application Security
Repsheet: A Behavior Based Approach to Web Application SecurityRepsheet: A Behavior Based Approach to Web Application Security
Repsheet: A Behavior Based Approach to Web Application Security
 
OWASP Top 10 2013
OWASP Top 10 2013OWASP Top 10 2013
OWASP Top 10 2013
 
2013 - Mark story - Avoiding the Owasp
2013 - Mark story - Avoiding the Owasp2013 - Mark story - Avoiding the Owasp
2013 - Mark story - Avoiding the Owasp
 
OSDC 2015: Pere Urbon | Scaling Logstash: A Collection of War Stories
OSDC 2015: Pere Urbon | Scaling Logstash: A Collection of War StoriesOSDC 2015: Pere Urbon | Scaling Logstash: A Collection of War Stories
OSDC 2015: Pere Urbon | Scaling Logstash: A Collection of War Stories
 
Macruby - RubyConf Presentation 2010
Macruby - RubyConf Presentation 2010Macruby - RubyConf Presentation 2010
Macruby - RubyConf Presentation 2010
 
Vinted life embetterment
Vinted life embettermentVinted life embetterment
Vinted life embetterment
 
Provisioning profiles like a Pro
Provisioning profiles like a ProProvisioning profiles like a Pro
Provisioning profiles like a Pro
 
In Plain Sight: The Perfect Exfiltration
In Plain Sight: The Perfect ExfiltrationIn Plain Sight: The Perfect Exfiltration
In Plain Sight: The Perfect Exfiltration
 
2nd Annual Start-up Launches with Dr. Werner Vogels (SPOT101) | AWS re:Invent...
2nd Annual Start-up Launches with Dr. Werner Vogels (SPOT101) | AWS re:Invent...2nd Annual Start-up Launches with Dr. Werner Vogels (SPOT101) | AWS re:Invent...
2nd Annual Start-up Launches with Dr. Werner Vogels (SPOT101) | AWS re:Invent...
 
Putting the 'web' into webRTC
Putting the 'web' into webRTCPutting the 'web' into webRTC
Putting the 'web' into webRTC
 
Troubleshooting Live Java Web Applications
Troubleshooting Live Java Web ApplicationsTroubleshooting Live Java Web Applications
Troubleshooting Live Java Web Applications
 
LogStash - Yes, logging can be awesome
LogStash - Yes, logging can be awesomeLogStash - Yes, logging can be awesome
LogStash - Yes, logging can be awesome
 
112 portfpres.pdf
112 portfpres.pdf112 portfpres.pdf
112 portfpres.pdf
 
Petr Dvořák: Mobilní webové služby pohledem iPhone developera
Petr Dvořák: Mobilní webové služby pohledem iPhone developeraPetr Dvořák: Mobilní webové služby pohledem iPhone developera
Petr Dvořák: Mobilní webové služby pohledem iPhone developera
 
- Webexpo 2010
- Webexpo 2010- Webexpo 2010
- Webexpo 2010
 
AppForum 2014 Boost Hybrid App Performance
AppForum 2014 Boost Hybrid App PerformanceAppForum 2014 Boost Hybrid App Performance
AppForum 2014 Boost Hybrid App Performance
 

More from Iftach Ian Amit

Cyber Risk Quantification - CyberTLV
Cyber Risk Quantification - CyberTLVCyber Risk Quantification - CyberTLV
Cyber Risk Quantification - CyberTLVIftach Ian Amit
 
BSidesTLV Closing Keynote
BSidesTLV Closing KeynoteBSidesTLV Closing Keynote
BSidesTLV Closing KeynoteIftach Ian Amit
 
Advanced Data Exfiltration - the way Q would have done it
Advanced Data Exfiltration - the way Q would have done itAdvanced Data Exfiltration - the way Q would have done it
Advanced Data Exfiltration - the way Q would have done itIftach Ian Amit
 
Infecting Python Bytecode
Infecting Python BytecodeInfecting Python Bytecode
Infecting Python BytecodeIftach Ian Amit
 
Cheating in Computer Games
Cheating in Computer GamesCheating in Computer Games
Cheating in Computer GamesIftach Ian Amit
 
Telecommunication basics dc9723
Telecommunication basics dc9723Telecommunication basics dc9723
Telecommunication basics dc9723Iftach Ian Amit
 
Stuxnet - the worm and you
Stuxnet - the worm and youStuxnet - the worm and you
Stuxnet - the worm and youIftach Ian Amit
 
Pushing in, leaving a present, and pulling out slowly without anyone noticing
Pushing in, leaving a present, and pulling out slowly without anyone noticingPushing in, leaving a present, and pulling out slowly without anyone noticing
Pushing in, leaving a present, and pulling out slowly without anyone noticingIftach Ian Amit
 
Mesh network presentation
Mesh network presentationMesh network presentation
Mesh network presentationIftach Ian Amit
 
Advanced Data Exfiltration
Advanced Data ExfiltrationAdvanced Data Exfiltration
Advanced Data ExfiltrationIftach Ian Amit
 
LD_PRELOAD Exploitation - DC9723
LD_PRELOAD Exploitation - DC9723LD_PRELOAD Exploitation - DC9723
LD_PRELOAD Exploitation - DC9723Iftach Ian Amit
 
An intoroduction to the IS-IS IGP routing protocol
An intoroduction to the IS-IS IGP routing protocolAn intoroduction to the IS-IS IGP routing protocol
An intoroduction to the IS-IS IGP routing protocolIftach Ian Amit
 

More from Iftach Ian Amit (20)

Cyber Risk Quantification - CyberTLV
Cyber Risk Quantification - CyberTLVCyber Risk Quantification - CyberTLV
Cyber Risk Quantification - CyberTLV
 
Devsecops at Cimpress
Devsecops at CimpressDevsecops at Cimpress
Devsecops at Cimpress
 
BSidesTLV Closing Keynote
BSidesTLV Closing KeynoteBSidesTLV Closing Keynote
BSidesTLV Closing Keynote
 
Bitcoin
BitcoinBitcoin
Bitcoin
 
Sexy defense
Sexy defenseSexy defense
Sexy defense
 
Cyber state
Cyber stateCyber state
Cyber state
 
Advanced Data Exfiltration - the way Q would have done it
Advanced Data Exfiltration - the way Q would have done itAdvanced Data Exfiltration - the way Q would have done it
Advanced Data Exfiltration - the way Q would have done it
 
Infecting Python Bytecode
Infecting Python BytecodeInfecting Python Bytecode
Infecting Python Bytecode
 
Exploiting Second life
Exploiting Second lifeExploiting Second life
Exploiting Second life
 
Dtmf phreaking
Dtmf phreakingDtmf phreaking
Dtmf phreaking
 
Cheating in Computer Games
Cheating in Computer GamesCheating in Computer Games
Cheating in Computer Games
 
Telecommunication basics dc9723
Telecommunication basics dc9723Telecommunication basics dc9723
Telecommunication basics dc9723
 
Stuxnet - the worm and you
Stuxnet - the worm and youStuxnet - the worm and you
Stuxnet - the worm and you
 
Pushing in, leaving a present, and pulling out slowly without anyone noticing
Pushing in, leaving a present, and pulling out slowly without anyone noticingPushing in, leaving a present, and pulling out slowly without anyone noticing
Pushing in, leaving a present, and pulling out slowly without anyone noticing
 
Mesh network presentation
Mesh network presentationMesh network presentation
Mesh network presentation
 
Html5 hacking
Html5 hackingHtml5 hacking
Html5 hacking
 
Advanced Data Exfiltration
Advanced Data ExfiltrationAdvanced Data Exfiltration
Advanced Data Exfiltration
 
LD_PRELOAD Exploitation - DC9723
LD_PRELOAD Exploitation - DC9723LD_PRELOAD Exploitation - DC9723
LD_PRELOAD Exploitation - DC9723
 
An intoroduction to the IS-IS IGP routing protocol
An intoroduction to the IS-IS IGP routing protocolAn intoroduction to the IS-IS IGP routing protocol
An intoroduction to the IS-IS IGP routing protocol
 
Turtles dc9723
Turtles dc9723Turtles dc9723
Turtles dc9723
 

Recently uploaded

[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Exploring ChatGPT Prompt Hacks To Maximally Optimise Your Queries
Exploring ChatGPT Prompt Hacks To Maximally Optimise Your QueriesExploring ChatGPT Prompt Hacks To Maximally Optimise Your Queries
Exploring ChatGPT Prompt Hacks To Maximally Optimise Your QueriesSanjay Willie
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Visualising and forecasting stocks using Dash
Visualising and forecasting stocks using DashVisualising and forecasting stocks using Dash
Visualising and forecasting stocks using Dashnarutouzumaki53779
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 

Recently uploaded (20)

[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Exploring ChatGPT Prompt Hacks To Maximally Optimise Your Queries
Exploring ChatGPT Prompt Hacks To Maximally Optimise Your QueriesExploring ChatGPT Prompt Hacks To Maximally Optimise Your Queries
Exploring ChatGPT Prompt Hacks To Maximally Optimise Your Queries
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Visualising and forecasting stocks using Dash
Visualising and forecasting stocks using DashVisualising and forecasting stocks using Dash
Visualising and forecasting stocks using Dash
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 

Armorizing applications