Category:OWASP AppSensor Project
From OWASP
| This project has produced a book that can be downloaded or purchased. Feel free to browse the full catalog of available OWASP books. |
| PROJECT IDENTIFICATION | |||||||
|---|---|---|---|---|---|---|---|
| Project Name | OWASP AppSensor Project - Detect and Respond to Attacks from Within the Application | ||||||
| Short Project Description |
Real Time Application Attack Detection and Response Overview We use guards, cameras and alarm systems to defend banks and stores. Why don't we do the same for our online applications? The AppSensor project defines a conceptual framework that offers prescriptive guidance to implement intrusion detection and automated response into an existing application. Current efforts are underway to create the AppSensor tool which can be utilized by any existing application interested in adding detection and response capabilities. Detection AppSensor defines 42 different detection points which can be used to identify a malicious attacker. Response AppSensor provides guidance on how to response once a malicious attacker has been identified. Possible actions include: logging out the user, locking the account or notifying an administrator. Defending the Application An attacker often requires numerous probes and attack attempts in order to locate an exploitable vulnerability within the application. By using AppSensor it is possible to identify and eliminate the threat of an attacker before they are able to successfully identify an exploitable flaw. | ||||||
| Project key Information | Project Leader Michael Coates | Project Contributors Eric Sheridan Randy Janida | Mailing list Subscribe here Use here | License Creative Commons Attribution Share Alike 3.0 | Project Type Documentation | Sponsor OWASP SoC 08 | |
| Release Status | Main Links | Related Projects |
|---|---|---|
|
AppSensor Beta Release 1.1 - Now Available!
|
|
Summer of Code 2008 Project!
Overview
If you walk into a bank and try opening random doors, you will be identified, led out of the building and possibly arrested. However, if you log into an online banking application and start looking for vulnerabilities no one will say anything. This needs to change!
As critical applications continue to become more accessible and inter-connected, it is paramount that critical information is sufficiently protected. We must also realize that our defenses may not be perfect. Given enough time, attackers can identify security flaws in the design or implementation of an application.
In addition to implementing layers of defense within an application, we must identify malicious individuals before they are able to identify any gaps in our defenses. The best place to identify malicious activity against the application is within the application itself. Network based intrusion detection systems are not appropriate to handle the custom and intricate workings of an enterprise application and are ill-suited to detect attacks focusing on application logic such as authentication, access control, etc. This project will create the framework which can be used to build a robust system of attack detection, analysis, and response within an enterprise application
Project Lead
Michael Coates (michael.coates [at] aspectsecurity [dot] com)
Project Roadmap
Current: v1.2 in the works, demo application in development
May, 2009 - AppSec EU Poland - Presentation (PPT) (Video) (first half only)
January, 2009 - v1.1 Released - Beta Status
November, 2008 - AppSensor Talk at OWASP Portugal
November, 2008 - v1.0 Released - Beta Status
April 16, 2008 - Project Begins
This category currently contains no pages or media.
