web app
play

Web App Log Analytics www.roykim.ca roy@roykim.ca Op Open Web - PowerPoint PPT Presentation

August 21, 2019 Web App Log Analytics www.roykim.ca roy@roykim.ca Op Open Web Applica cation tion Secu curity rity Project ject OWASP ModSecurity Core Rule Set (CRS) OWASP Top 10 Most Critical Web Application Security Risks


  1. August 21, 2019 Web App Log Analytics

  2. www.roykim.ca roy@roykim.ca

  3. Op Open Web Applica cation tion Secu curity rity Project ject OWASP ModSecurity Core Rule Set (CRS)

  4. OWASP Top 10 Most Critical Web Application Security Risks A1:2017-Injection A2:2017-Broken Authentication A3:2017-Sensitive Data Exposure A4:2017-XML External Entities (XXE) A5:2017-Broken Access Control A6:2017-Security Misconfiguration A7:2017-Cross-Site Scripting (XSS) A8:2017-Insecure Deserialization A9:2017-Using Components with Known Vulnerabilities A10:2017-Insufficient Logging&Monitoring

  5. * https://www.zaproxy.org/ https://github.com/zaproxy/zap-hud

  6. Case Management Analytics - Alerts Azure Sentinel

  7. Azure Application Gateway An application delivery controller ▪ layer 7 load balancing/routing capabilities ▪ web application firewall. ▪

  8. OWASP ModSecurity Core Rule Set

  9. https://docs.microsoft.com/en-us/azure/azure-monitor/azure-monitor-rebrand#log-analytics-redefinition

  10. Configuration • Penetration Test • Monitoring with Log Analytics • Alert • Security Center, Azure Sentinel • * see appendix slides for demo screenshots

  11. roy@roykim.ca

Recommend


More recommend