SlideShare a Scribd company logo

Stories from the Security Operations Center (S.O.C.)

Alert Logic , profile picture
Alert Logic

The document discusses recent web application attacks and how they are detected and mitigated. It describes a WordPress XMLRPC attack on an athletic apparel shop's website as an initial attack vector. This attack allowed the exploitation of a SQL injection vulnerability for data exfiltration. The document emphasizes that web applications are increasingly prevalent targets and that early detection of attacks is important to prevent large-scale breaches. It concludes by explaining how Alert Logic detects threats through intrusion detection, log analysis, and web application firewalls.

Technology
1 of 24
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
Thank you.
STORIES FROM THE SECURITY OPERATIONS CENTER (S.O.C.) Paul Fletcher Cyber Security Evangelist, Alert Logic
Complexity of defending web applications and workloads Web App Attacks OWASP Top 10 Platform / Library Attacks System / Network Attacks
Stories from the Security Operations Center (S.O.C.)
Popular Web Application Attacks Source: blog.sucuri.net
Recent SQL Injection Vulnerabilities
Today’s Attacks Have Several Stages
Initial Attack: Word Press XMLRPC Attack
Initial Attack: Word Press XMLRPC Attack Athletic Apparel Shop Brick & Mortar and e-commerce Application stack Custom code written in XML Word Press content management system MySQL database Detection method Intrusion Detection System (IDS) Log collection and analysis Web Application Firewall (WAF)
Word Press XMLRPC Attack
Word Press XMLRPC Attack
Word Press XMLRPC Attack
Mitigating WP XMLRPC Attacks
Mitigating WP XMLRPC Attacks
Mitigating WP XMLRPC Attacks
Exfiltration: SQL Injection
Exfiltration: SQL Injection Attack
SQL Injection Attack
SQL Injection Attack
What do you see? Attack: Response:
SQL Injection Attack
Impact of Web App Attacks – Key Takeaways • Web Apps are becoming more prevalent in organizations - Use of open source versus traditional applications • Web App attacks are “gateway” attacks - Yahoo breach started with a Word Press hack - 9,000 C&C servers compromised by Word Press hack - Shadow IT • Early Stage Detection - Prevents our customers from dealing with large scale breaches
How Alert Logic Detects Threats
Thank You.

More Related Content

PDF
Realities of Security in the Cloud - CSS ATX 2017
Alert Logic
 
PDF
Stories from the Security Operations Center
Alert Logic
 
PDF
Realities of Security in the Cloud
Alert Logic
 
PDF
Realities of Security in the Cloud
Alert Logic
 
PDF
Security Implications of the Cloud - CSS Dallas Azure
Alert Logic
 
PDF
Protecting Against Web App Attacks
Alert Logic
 
PPTX
CSS 17: NYC - Stories from the SOC
Alert Logic
 
PDF
Security Implications of the Cloud
Alert Logic
 
Realities of Security in the Cloud - CSS ATX 2017
Alert Logic
 
Stories from the Security Operations Center
Alert Logic
 
Realities of Security in the Cloud
Alert Logic
 
Realities of Security in the Cloud
Alert Logic
 
Security Implications of the Cloud - CSS Dallas Azure
Alert Logic
 
Protecting Against Web App Attacks
Alert Logic
 
CSS 17: NYC - Stories from the SOC
Alert Logic
 
Security Implications of the Cloud
Alert Logic
 

What's hot (20)

PDF
Protecting Against Web Attacks
Alert Logic
 
PPTX
CSS 17: NYC - Realities of Security in the Cloud
Alert Logic
 
PPTX
CSS 17: NYC - Protecting your Web Applications
Alert Logic
 
PDF
CSS17: Houston - Protecting Web Apps
Alert Logic
 
PDF
Css sf azure_8-9-17-stories_from_the_soc_paul fletcher_al
Alert Logic
 
PPT
Benefits of web application firewalls
EnclaveSecurity
 
PDF
CSS17: Houston - Stories from the Security Operations Center
Alert Logic
 
PDF
Reality Check: Security in the Cloud
Alert Logic
 
PDF
Reducing Your Attack Surface
Alert Logic
 
PPTX
CSS 17: NYC - Building Secure Solutions in AWS
Alert Logic
 
PPTX
Web Application Security 101
Jannis Kirschner
 
PDF
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
Alert Logic
 
PDF
The Intersection of Security & DevOps
Alert Logic
 
PDF
Managed Threat Detection & Response for AWS Applications
Alert Logic
 
PPTX
Vulnerabilities in modern web applications
Niyas Nazar
 
PPTX
#ALSummit: Live Cyber Hack Demonstration
Alert Logic
 
PDF
Realities of Security in the Cloud
Alert Logic
 
PPTX
#ALSummit: Cyber Resiliency: Surviving the Breach
Alert Logic
 
PDF
Web Application Security 101
Cybersecurity Education and Research Centre
 
PPTX
Web Application Firewall (WAF) DAST/SAST combination
Tjylen Veselyj
 
Protecting Against Web Attacks
Alert Logic
 
CSS 17: NYC - Realities of Security in the Cloud
Alert Logic
 
CSS 17: NYC - Protecting your Web Applications
Alert Logic
 
CSS17: Houston - Protecting Web Apps
Alert Logic
 
Css sf azure_8-9-17-stories_from_the_soc_paul fletcher_al
Alert Logic
 
Benefits of web application firewalls
EnclaveSecurity
 
CSS17: Houston - Stories from the Security Operations Center
Alert Logic
 
Reality Check: Security in the Cloud
Alert Logic
 
Reducing Your Attack Surface
Alert Logic
 
CSS 17: NYC - Building Secure Solutions in AWS
Alert Logic
 
Web Application Security 101
Jannis Kirschner
 
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
Alert Logic
 
The Intersection of Security & DevOps
Alert Logic
 
Managed Threat Detection & Response for AWS Applications
Alert Logic
 
Vulnerabilities in modern web applications
Niyas Nazar
 
#ALSummit: Live Cyber Hack Demonstration
Alert Logic
 
Realities of Security in the Cloud
Alert Logic
 
#ALSummit: Cyber Resiliency: Surviving the Breach
Alert Logic
 
Web Application Security 101
Cybersecurity Education and Research Centre
 
Web Application Firewall (WAF) DAST/SAST combination
Tjylen Veselyj
 
Ad

Similar to Stories from the Security Operations Center (S.O.C.) (20)

PPT
OWASP an Introduction
alessiomarziali
 
PPT
OWASP - Building Secure Web Applications
alexbe
 
PPT
OWASP: Building Secure Web Apps
mlogvinov
 
PPT
2009: Securing Applications With Web Application Firewalls and Vulnerability ...
Neil Matatall
 
PPT
OWASP_Top_10_Introduction_and_Remedies_2017.ppt
jangomanso
 
PPTX
Pentesting With Web Services in 2012
Ishan Girdhar
 
PPTX
OWASP -Top 5 Jagjit
Jagjit Singh Brar
 
PPT
Web Application Security
Jason Leveille
 
PDF
Owasp top 10 web application security hazards - Part 1
Abhinav Sejpal
 
PPT
OWASP Top 10 And Insecure Software Root Causes
Marco Morana
 
PDF
Defending against application level DoS attacks
Chu Xu
 
PPTX
Top Security Threats for .NET Developers
Mikhail Shcherbakov
 
PPT
Web Hacking
Information Technology
 
PPT
[Php Camp]Owasp Php Top5+Csrf
Bipin Upadhyay
 
PDF
Securing your EmberJS Application
Philippe De Ryck
 
PDF
Vulnerability Management In An Application Security World: AppSecDC
Denim Group
 
PDF
Devoid Web Application From SQL Injection Attack
IJRESJOURNAL
 
PPT
Get Ready for Web Application Security Testing
Alan Kan
 
PDF
Radware Hybrid Cloud Web Application Firewall and DDoS Protection
Andy Ellis
 
PDF
Radware Hybrid Cloud WAF Service
Radware
 
OWASP an Introduction
alessiomarziali
 
OWASP - Building Secure Web Applications
alexbe
 
OWASP: Building Secure Web Apps
mlogvinov
 
2009: Securing Applications With Web Application Firewalls and Vulnerability ...
Neil Matatall
 
OWASP_Top_10_Introduction_and_Remedies_2017.ppt
jangomanso
 
Pentesting With Web Services in 2012
Ishan Girdhar
 
OWASP -Top 5 Jagjit
Jagjit Singh Brar
 
Web Application Security
Jason Leveille
 
Owasp top 10 web application security hazards - Part 1
Abhinav Sejpal
 
OWASP Top 10 And Insecure Software Root Causes
Marco Morana
 
Defending against application level DoS attacks
Chu Xu
 
Top Security Threats for .NET Developers
Mikhail Shcherbakov
 
Web Hacking
Information Technology
 
[Php Camp]Owasp Php Top5+Csrf
Bipin Upadhyay
 
Securing your EmberJS Application
Philippe De Ryck
 
Vulnerability Management In An Application Security World: AppSecDC
Denim Group
 
Devoid Web Application From SQL Injection Attack
IJRESJOURNAL
 
Get Ready for Web Application Security Testing
Alan Kan
 
Radware Hybrid Cloud Web Application Firewall and DDoS Protection
Andy Ellis
 
Radware Hybrid Cloud WAF Service
Radware
 
Ad

More from Alert Logic (20)

PDF
Extending Amazon GuardDuty with Cloud Insight Essentials
Alert Logic
 
PDF
Managed Threat Detection and Response
Alert Logic
 
PDF
Extending Amazon GuardDuty with Cloud Insight Essentials
Alert Logic
 
PDF
Security Implications of the Cloud
Alert Logic
 
PDF
The Intersection of Security & DevOps
Alert Logic
 
PDF
The AWS Shared Responsibility Model in Practice
Alert Logic
 
PDF
Security Spotlight: Presidio
Alert Logic
 
PDF
The AWS Shared Responsibility Model in Practice
Alert Logic
 
PDF
Security Spotlight: Rent-A-Center
Alert Logic
 
PDF
The Intersection of Security & DevOps
Alert Logic
 
PDF
Security Spotlight: Presidio
Alert Logic
 
PDF
Security Implications of the Cloud
Alert Logic
 
PDF
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
Alert Logic
 
PDF
Realities of Security in the Cloud
Alert Logic
 
PDF
CSS 2018 Trivia
Alert Logic
 
PDF
The AWS Shared Responsibility Model in Practice
Alert Logic
 
PDF
Realities of Security in the Cloud
Alert Logic
 
PDF
The Intersection of Security and DevOps
Alert Logic
 
PDF
Security Spotlight: The Coca Cola Company
Alert Logic
 
PDF
Reducing Your Attack Surface and Yuor Role in Cloud Workload Protection
Alert Logic
 
Extending Amazon GuardDuty with Cloud Insight Essentials
Alert Logic
 
Managed Threat Detection and Response
Alert Logic
 
Extending Amazon GuardDuty with Cloud Insight Essentials
Alert Logic
 
Security Implications of the Cloud
Alert Logic
 
The Intersection of Security & DevOps
Alert Logic
 
The AWS Shared Responsibility Model in Practice
Alert Logic
 
Security Spotlight: Presidio
Alert Logic
 
The AWS Shared Responsibility Model in Practice
Alert Logic
 
Security Spotlight: Rent-A-Center
Alert Logic
 
The Intersection of Security & DevOps
Alert Logic
 
Security Spotlight: Presidio
Alert Logic
 
Security Implications of the Cloud
Alert Logic
 
Reducing Your Attack Surface & Your Role in Cloud Workload Protection
Alert Logic
 
Realities of Security in the Cloud
Alert Logic
 
CSS 2018 Trivia
Alert Logic
 
The AWS Shared Responsibility Model in Practice
Alert Logic
 
Realities of Security in the Cloud
Alert Logic
 
The Intersection of Security and DevOps
Alert Logic
 
Security Spotlight: The Coca Cola Company
Alert Logic
 
Reducing Your Attack Surface and Yuor Role in Cloud Workload Protection
Alert Logic
 

Recently uploaded (20)

PDF
Security features in Dell, HP, and Lenovo PC systems: A research-based compar...
Principled Technologies
 
PDF
Unlocking the Future- AI Agents Meet Oracle Database 23ai - AIOUG Yatra 2025.pdf
Sandesh Rao
 
PPTX
Agile Chennai 18-19 July 2025 | Emerging patterns in Agentic AI by Bharani Su...
AgileNetwork
 
PDF
Using Anchore and DefectDojo to Stand Up Your DevSecOps Function
Anchore
 
PDF
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 
PDF
NewMind AI Weekly Chronicles - July'25 - Week IV
NewMind AI
 
PPTX
cloud computing vai.pptx for the project
vaibhavdobariyal79
 
PDF
AI-Cloud-Business-Management-Platforms-The-Key-to-Efficiency-Growth.pdf
Artjoker Software Development Company
 
PPTX
Dev Dives: Automate, test, and deploy in one place—with Unified Developer Exp...
AndreeaTom
 
PDF
Brief History of Internet - Early Days of Internet
sutharharshit158
 
PDF
OFFOFFBOX™ – A New Era for African Film | Startup Presentation
ambaicciwalkerbrian
 
PDF
How Open Source Changed My Career by abdelrahman ismail
a0m0rajab1
 
PDF
Doc9.....................................
SofiaCollazos
 
PDF
The Future of Artificial Intelligence (AI)
Mukul
 
PDF
Tea4chat - another LLM Project by Kerem Atam
a0m0rajab1
 
PDF
Structs to JSON: How Go Powers REST APIs
Emily Achieng
 
PDF
Peak of Data & AI Encore - Real-Time Insights & Scalable Editing with ArcGIS
Safe Software
 
PPTX
AI and Robotics for Human Well-being.pptx
JAYMIN SUTHAR
 
PDF
Research-Fundamentals-and-Topic-Development.pdf
ayesha butalia
 
PDF
Automating ArcGIS Content Discovery with FME: A Real World Use Case
Safe Software
 
Security features in Dell, HP, and Lenovo PC systems: A research-based compar...
Principled Technologies
 
Unlocking the Future- AI Agents Meet Oracle Database 23ai - AIOUG Yatra 2025.pdf
Sandesh Rao
 
Agile Chennai 18-19 July 2025 | Emerging patterns in Agentic AI by Bharani Su...
AgileNetwork
 
Using Anchore and DefectDojo to Stand Up Your DevSecOps Function
Anchore
 
AI Unleashed - Shaping the Future -Starting Today - AIOUG Yatra 2025 - For Co...
Sandesh Rao
 
NewMind AI Weekly Chronicles - July'25 - Week IV
NewMind AI
 
cloud computing vai.pptx for the project
vaibhavdobariyal79
 
AI-Cloud-Business-Management-Platforms-The-Key-to-Efficiency-Growth.pdf
Artjoker Software Development Company
 
Dev Dives: Automate, test, and deploy in one place—with Unified Developer Exp...
AndreeaTom
 
Brief History of Internet - Early Days of Internet
sutharharshit158
 
OFFOFFBOX™ – A New Era for African Film | Startup Presentation
ambaicciwalkerbrian
 
How Open Source Changed My Career by abdelrahman ismail
a0m0rajab1
 
Doc9.....................................
SofiaCollazos
 
The Future of Artificial Intelligence (AI)
Mukul
 
Tea4chat - another LLM Project by Kerem Atam
a0m0rajab1
 
Structs to JSON: How Go Powers REST APIs
Emily Achieng
 
Peak of Data & AI Encore - Real-Time Insights & Scalable Editing with ArcGIS
Safe Software
 
AI and Robotics for Human Well-being.pptx
JAYMIN SUTHAR
 
Research-Fundamentals-and-Topic-Development.pdf
ayesha butalia
 
Automating ArcGIS Content Discovery with FME: A Real World Use Case
Safe Software
 

Stories from the Security Operations Center (S.O.C.)