logging in or signing up AppSec2005DC Jeremy Poteet In the Line of Fire Barbara Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 77 Category: Product Traini.. License: All Rights Reserved Like it (1) Dislike it (0) Added: August 30, 2007 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript In the Line of Fire:Defending Highly Visible Targets: In the Line of Fire: Defending Highly Visible Targets Jeremy Poteet, CISSP Chief Security Officer, appDefense jpoteet@appdefense.com 636.294.2774 Introduction: Introduction What is a highly visible application? Begin at the beginning Stories from the trenches Hope - it can be done OWASP You might be a highly visible site if …: You might be a highly visible site if … … the press shows up for the deployment of your app … any error message shows up in hundreds of blogs … you can’t count the number of sites whose sole purpose is to list attack plans and provide tools for breaking into your application … every hacker, security want-to-be and activist would love to use your site to make a statement … CNN displays when your site is sluggish on their tickertape What makes a highly visible site: What makes a highly visible site Crown Jewels Money Data Notoriety What it Represents Making a Statement Users + Focus Signature of a highly visible site: Signature of a highly visible site Complex Systems Multiples Technologies Developers Servers Applications Highly volatile Something to lose Highly visible is the same: Highly visible is the same Still web applications Same issues still apply In ideal world, it doesn’t matter Applications don’t always start as highly visible Best practices still apply Highly visible is different: Highly visible is different Time to Impact Coordination Number of Cooks External Visibility Cascading Begin at the Beginning: Begin at the Beginning Learn from the past Only as strong as the foundation Know what is expected Information is your best friend Prepare for failure Dealing With Application Complexity: Dealing With Application Complexity Team based system Geographic systems Custom PDF Generation File Upload and Downloads Memory Leak, Scalability or DOS? Powerful apps = High promotion Quick resolution to issues The Debates: The Debates Highest volume Visibility Outward - Press Outward - Voters Inward - Staff Large volume of data Real time responses Debate timeline changes Walling off failure: Walling off failure Isolating Systems From Impacting Each Other Database Segregation Application Separation Access Toggling Additional Monitoring Scalability Volume of Attacks: Volume of Attacks High Volume usage goes with High Volume attacks Cover Visibility Assist in attacks Convention/Debate/Elections Maximum Impact Caching: Caching Minimize data access and processing Bleed over Client vs. Server Shifting of responsibility Level of Control Complete Architecture Shift: Complete Architecture Shift Rapid Switch Rules Reset Configure Rather than Recode Assume Nothing Contingency Plan Perception: Perception Worst Case Scenario Rising Visibility Increased and Focused Attacks Gut Check Perception is Everything No site is an island: No site is an island Branding Integrated Tools Integrated Sites Feeds Applications are wide ranging Perception and reality must meet Beneath the noise: Beneath the noise Constant Attacks High Volume Pages Concentrated Volume Sub-Pages - Understanding how the application functions Coordinated Attacks Out of Your Control: Out of Your Control Emails from application systematically spammed Data is the system Pandora’s Box Containment Damage Control Data Mines: Data Mines Elaborate system of mines Access Mechanism Used Timestamp Monitoring Tracking Allows the weak link to be located quickly Hope - It Can Be Done: Hope - It Can Be Done No Silver Bullet Requires Creativity Commitment Diligence Begin With the Basics Information is Key OWASP: OWASP Guide Top 10 Specific Tools Put Back In Take the Advantage In the Line of Fire:Defending Highly Visible Targets: In the Line of Fire: Defending Highly Visible Targets Jeremy Poteet, CISSP Chief Security Officer, appDefense jpoteet@appdefense.com 636.294.2774 You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
AppSec2005DC Jeremy Poteet In the Line of Fire Barbara Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINT Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 77 Category: Product Traini.. License: All Rights Reserved Like it (1) Dislike it (0) Added: August 30, 2007 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... Premium member Presentation Transcript In the Line of Fire:Defending Highly Visible Targets: In the Line of Fire: Defending Highly Visible Targets Jeremy Poteet, CISSP Chief Security Officer, appDefense jpoteet@appdefense.com 636.294.2774 Introduction: Introduction What is a highly visible application? Begin at the beginning Stories from the trenches Hope - it can be done OWASP You might be a highly visible site if …: You might be a highly visible site if … … the press shows up for the deployment of your app … any error message shows up in hundreds of blogs … you can’t count the number of sites whose sole purpose is to list attack plans and provide tools for breaking into your application … every hacker, security want-to-be and activist would love to use your site to make a statement … CNN displays when your site is sluggish on their tickertape What makes a highly visible site: What makes a highly visible site Crown Jewels Money Data Notoriety What it Represents Making a Statement Users + Focus Signature of a highly visible site: Signature of a highly visible site Complex Systems Multiples Technologies Developers Servers Applications Highly volatile Something to lose Highly visible is the same: Highly visible is the same Still web applications Same issues still apply In ideal world, it doesn’t matter Applications don’t always start as highly visible Best practices still apply Highly visible is different: Highly visible is different Time to Impact Coordination Number of Cooks External Visibility Cascading Begin at the Beginning: Begin at the Beginning Learn from the past Only as strong as the foundation Know what is expected Information is your best friend Prepare for failure Dealing With Application Complexity: Dealing With Application Complexity Team based system Geographic systems Custom PDF Generation File Upload and Downloads Memory Leak, Scalability or DOS? Powerful apps = High promotion Quick resolution to issues The Debates: The Debates Highest volume Visibility Outward - Press Outward - Voters Inward - Staff Large volume of data Real time responses Debate timeline changes Walling off failure: Walling off failure Isolating Systems From Impacting Each Other Database Segregation Application Separation Access Toggling Additional Monitoring Scalability Volume of Attacks: Volume of Attacks High Volume usage goes with High Volume attacks Cover Visibility Assist in attacks Convention/Debate/Elections Maximum Impact Caching: Caching Minimize data access and processing Bleed over Client vs. Server Shifting of responsibility Level of Control Complete Architecture Shift: Complete Architecture Shift Rapid Switch Rules Reset Configure Rather than Recode Assume Nothing Contingency Plan Perception: Perception Worst Case Scenario Rising Visibility Increased and Focused Attacks Gut Check Perception is Everything No site is an island: No site is an island Branding Integrated Tools Integrated Sites Feeds Applications are wide ranging Perception and reality must meet Beneath the noise: Beneath the noise Constant Attacks High Volume Pages Concentrated Volume Sub-Pages - Understanding how the application functions Coordinated Attacks Out of Your Control: Out of Your Control Emails from application systematically spammed Data is the system Pandora’s Box Containment Damage Control Data Mines: Data Mines Elaborate system of mines Access Mechanism Used Timestamp Monitoring Tracking Allows the weak link to be located quickly Hope - It Can Be Done: Hope - It Can Be Done No Silver Bullet Requires Creativity Commitment Diligence Begin With the Basics Information is Key OWASP: OWASP Guide Top 10 Specific Tools Put Back In Take the Advantage In the Line of Fire:Defending Highly Visible Targets: In the Line of Fire: Defending Highly Visible Targets Jeremy Poteet, CISSP Chief Security Officer, appDefense jpoteet@appdefense.com 636.294.2774