SlideShare a Scribd company logo

Web Intrusion Detection

Abhishek Singh
Abhishek Singh

This document summarizes a talk on web intrusion detection using ModSecurity. The talk discusses the state of web security and intrusion detection, introduces ModSecurity as an open source web application firewall, and discusses how to detect and prevent application attacks. The talk overview includes discussing the problems with web security, different approaches to web intrusion detection including network-based, log-based and web application firewalls, and features of ModSecurity like audit logging and rule-based detection of attacks. The document provides examples of simple and advanced ModSecurity rules.

Technology
1 of 49
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection
Web Intrusion Detection

More Related Content

What's hot (20)

PDF
CCNP Security-IPS
mohannadalhanahnah
 
PDF
[OWASP Poland Day] Web App Security Architectures
OWASP
 
PDF
Defending Workstations - Cyber security webinar part 2
F-Secure Corporation
 
PDF
Cyber security webinar part 1 - Threat Landscape
F-Secure Corporation
 
PDF
Certificate Pinning in Mobile Applications
Luca Bongiorni
 
PDF
CCNP Security-Firewall
mohannadalhanahnah
 
PPTX
Sandboxing
Lan & Wan Solutions
 
PPTX
Pro Tips for Power Users – Palo Alto Networks Live Community and Fuel User Gr...
PaloAltoNetworks
 
PDF
Check Point SandBlast and SandBlast Agent
MarketingArrowECS_CZ
 
PPTX
Cisco umbrella youtube
Dhruv Sharma
 
PDF
Talk2 esc2 muscl-wifi_v1_2b
Sylvain Martinez
 
PPTX
Pxosys Webinar Amplify your Security
🏆Ruben Cocheno💭
 
PPTX
BlueHat v17 || Raising the Bar: New Hardware Primitives for Exploit Mitigations
BlueHat Security Conference
 
PDF
iOS malware: what's the risk and how to reduce it
Cyber Security Alliance
 
PDF
Check point response to Cisco NGFW competitive
Moti Sagey מוטי שגיא
 
PPTX
Building Up Network Security: Intrusion Prevention and Sourcefire
Global Knowledge Training
 
PDF
Check Point mission statement
Moti Sagey מוטי שגיא
 
PDF
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Anant Shrivastava
 
PDF
DEF CON 27 - workshop ANTHONY ROSE - introduction to amsi bypasses and sandbo...
Felipe Prado
 
PPTX
Advanced OSSEC Training: Integration Strategies for Open Source Security
AlienVault
 
CCNP Security-IPS
mohannadalhanahnah
 
[OWASP Poland Day] Web App Security Architectures
OWASP
 
Defending Workstations - Cyber security webinar part 2
F-Secure Corporation
 
Cyber security webinar part 1 - Threat Landscape
F-Secure Corporation
 
Certificate Pinning in Mobile Applications
Luca Bongiorni
 
CCNP Security-Firewall
mohannadalhanahnah
 
Sandboxing
Lan & Wan Solutions
 
Pro Tips for Power Users – Palo Alto Networks Live Community and Fuel User Gr...
PaloAltoNetworks
 
Check Point SandBlast and SandBlast Agent
MarketingArrowECS_CZ
 
Cisco umbrella youtube
Dhruv Sharma
 
Talk2 esc2 muscl-wifi_v1_2b
Sylvain Martinez
 
Pxosys Webinar Amplify your Security
🏆Ruben Cocheno💭
 
BlueHat v17 || Raising the Bar: New Hardware Primitives for Exploit Mitigations
BlueHat Security Conference
 
iOS malware: what's the risk and how to reduce it
Cyber Security Alliance
 
Check point response to Cisco NGFW competitive
Moti Sagey מוטי שגיא
 
Building Up Network Security: Intrusion Prevention and Sourcefire
Global Knowledge Training
 
Check Point mission statement
Moti Sagey מוטי שגיא
 
Owasp Mobile Risk Series : M3 : Insufficient Transport Layer Protection
Anant Shrivastava
 
DEF CON 27 - workshop ANTHONY ROSE - introduction to amsi bypasses and sandbo...
Felipe Prado
 
Advanced OSSEC Training: Integration Strategies for Open Source Security
AlienVault
 

Viewers also liked (7)

PPTX
Apache mod security 3.1
Hai Dinh Tuan
 
PPTX
WAF in Scale
Alexey Sintsov
 
PDF
OWASP ModSecurity Core Rules Paranoia Mode
Christian Folini
 
PDF
Introduction to Mod security session April 2016
Rahul
 
PDF
Protecting TYPO3 With Suhosin And Modsecurity
Xavier Perseguers
 
PDF
Bypassing Web Application Firewalls
OWASP (Open Web Application Security Project)
 
PPTX
Secure Your Apps with NGINX Plus and the ModSecurity WAF
NGINX, Inc.
 
Apache mod security 3.1
Hai Dinh Tuan
 
WAF in Scale
Alexey Sintsov
 
OWASP ModSecurity Core Rules Paranoia Mode
Christian Folini
 
Introduction to Mod security session April 2016
Rahul
 
Protecting TYPO3 With Suhosin And Modsecurity
Xavier Perseguers
 
Bypassing Web Application Firewalls
OWASP (Open Web Application Security Project)
 
Secure Your Apps with NGINX Plus and the ModSecurity WAF
NGINX, Inc.
 
Ad

Similar to Web Intrusion Detection (20)

PDF
01_Metasploit - The Elixir of Network Security
Harish Chaudhary
 
PPTX
B&W Netsparker overview
Marusya Maruzhenko
 
PPTX
Cyber Security Solution presentation.pptx
Ahmad Shukri
 
PPTX
Web Application Vulnerabilities
Preetish Panda
 
PDF
Ceh v8 labs module 03 scanning networks
Asep Sopyan
 
PPTX
Securing your Cloud Environment v2
ShapeBlue
 
PPTX
Top Application Security Trends of 2012
DaveEdwards12
 
PPTX
Security_Testing_Presentation
Razil Shaik
 
PDF
The Market for Cyber Weapons - NATO Cooperative Cyber Defence Centre of Exce...
SignalSEC Ltd.
 
PDF
Stranger Danger: Your Java Attack Surface Just Got Bigger | JBCNConf 2022
Brian Vermeer
 
PDF
Secure Application Development in the Age of Continuous Delivery
Black Duck by Synopsys
 
PPTX
Secure Application Development in the Age of Continuous Delivery
Tim Mackey
 
PDF
Client-Side Penetration Testing Presentation
Chris Gates
 
PPT
Web Based Security
John Wiley
 
PDF
Application Security Guide for Beginners
Checkmarx
 
PDF
Complete Endpoint protection
xband
 
PPT
Penetration Testing Basics
Rick Wanner
 
PDF
Essentials of Web Application Security: what it is, why it matters and how to...
Cenzic
 
PPTX
Java application security the hard way - a workshop for the serious developer
Steve Poole
 
PDF
Solvay secure application layer v2015 seba
Sebastien Deleersnyder
 
01_Metasploit - The Elixir of Network Security
Harish Chaudhary
 
B&W Netsparker overview
Marusya Maruzhenko
 
Cyber Security Solution presentation.pptx
Ahmad Shukri
 
Web Application Vulnerabilities
Preetish Panda
 
Ceh v8 labs module 03 scanning networks
Asep Sopyan
 
Securing your Cloud Environment v2
ShapeBlue
 
Top Application Security Trends of 2012
DaveEdwards12
 
Security_Testing_Presentation
Razil Shaik
 
The Market for Cyber Weapons - NATO Cooperative Cyber Defence Centre of Exce...
SignalSEC Ltd.
 
Stranger Danger: Your Java Attack Surface Just Got Bigger | JBCNConf 2022
Brian Vermeer
 
Secure Application Development in the Age of Continuous Delivery
Black Duck by Synopsys
 
Secure Application Development in the Age of Continuous Delivery
Tim Mackey
 
Client-Side Penetration Testing Presentation
Chris Gates
 
Web Based Security
John Wiley
 
Application Security Guide for Beginners
Checkmarx
 
Complete Endpoint protection
xband
 
Penetration Testing Basics
Rick Wanner
 
Essentials of Web Application Security: what it is, why it matters and how to...
Cenzic
 
Java application security the hard way - a workshop for the serious developer
Steve Poole
 
Solvay secure application layer v2015 seba
Sebastien Deleersnyder
 
Ad

More from Abhishek Singh (20)

ODP
Cobbler Summit - Automated Xen VM Deployment
Abhishek Singh
 
PDF
Mapreduce - Simplified Data Processing on Large Clusters
Abhishek Singh
 
PPT
Web Server Clustering - OSSCAMP
Abhishek Singh
 
ODP
Happy Independence Day To All Indians
Abhishek Singh
 
PDF
Scaling a Rails Application from the Bottom Up
Abhishek Singh
 
PPT
test
Abhishek Singh
 
ODP
How to Charm a Woman
Abhishek Singh
 
PDF
Xen_and_Rails_deployment
Abhishek Singh
 
ODP
India's Smallest Car Ever
Abhishek Singh
 
ODP
Software BABA
Abhishek Singh
 
ODP
Make Over Of An Orange
Abhishek Singh
 
ODP
Cute Friendship Quotes
Abhishek Singh
 
ODP
Series of Cool Pics Part 3
Abhishek Singh
 
ODP
Series of Cool Pictures Part 2
Abhishek Singh
 
ODP
Name Confusion
Abhishek Singh
 
ODP
Series Of Cool Picutres Part 1
Abhishek Singh
 
ODP
KUbuntu
Abhishek Singh
 
PDF
Monit
Abhishek Singh
 
PDF
Fun
Abhishek Singh
 
PPT
Namste London
Abhishek Singh
 
Cobbler Summit - Automated Xen VM Deployment
Abhishek Singh
 
Mapreduce - Simplified Data Processing on Large Clusters
Abhishek Singh
 
Web Server Clustering - OSSCAMP
Abhishek Singh
 
Happy Independence Day To All Indians
Abhishek Singh
 
Scaling a Rails Application from the Bottom Up
Abhishek Singh
 
test
Abhishek Singh
 
How to Charm a Woman
Abhishek Singh
 
Xen_and_Rails_deployment
Abhishek Singh
 
India's Smallest Car Ever
Abhishek Singh
 
Software BABA
Abhishek Singh
 
Make Over Of An Orange
Abhishek Singh
 
Cute Friendship Quotes
Abhishek Singh
 
Series of Cool Pics Part 3
Abhishek Singh
 
Series of Cool Pictures Part 2
Abhishek Singh
 
Name Confusion
Abhishek Singh
 
Series Of Cool Picutres Part 1
Abhishek Singh
 
KUbuntu
Abhishek Singh
 
Monit
Abhishek Singh
 
Fun
Abhishek Singh
 
Namste London
Abhishek Singh
 

Recently uploaded (20)

PDF
Using FME to Develop Self-Service CAD Applications for a Major UK Police Force
Safe Software
 
PPTX
Webinar: Introduction to LF Energy EVerest
DanBrown980551
 
PPT
Interview paper part 3, It is based on Interview Prep
SoumyadeepGhosh39
 
PDF
Why Orbit Edge Tech is a Top Next JS Development Company in 2025
mahendraalaska08
 
PDF
Presentation - Vibe Coding The Future of Tech
yanuarsinggih1
 
PDF
Blockchain Transactions Explained For Everyone
CIFDAQ
 
PDF
Timothy Rottach - Ramp up on AI Use Cases, from Vector Search to AI Agents wi...
AWS Chicago
 
PDF
SWEBOK Guide and Software Services Engineering Education
Hironori Washizaki
 
PDF
Complete JavaScript Notes: From Basics to Advanced Concepts.pdf
haydendavispro
 
PDF
CIFDAQ Token Spotlight for 9th July 2025
CIFDAQ
 
PDF
Reverse Engineering of Security Products: Developing an Advanced Microsoft De...
nwbxhhcyjv
 
PPTX
UiPath Academic Alliance Educator Panels: Session 2 - Business Analyst Content
DianaGray10
 
PDF
How Startups Are Growing Faster with App Developers in Australia.pdf
India App Developer
 
PDF
HCIP-Data Center Facility Deployment V2.0 Training Material (Without Remarks ...
mcastillo49
 
PDF
Chris Elwell Woburn, MA - Passionate About IT Innovation
Chris Elwell Woburn, MA
 
PDF
HubSpot Main Hub: A Unified Growth Platform
Jaswinder Singh
 
PDF
SFWelly Summer 25 Release Highlights July 2025
Anna Loughnan Colquhoun
 
PDF
Achieving Consistent and Reliable AI Code Generation - Medusa AI
medusaaico
 
PDF
CIFDAQ Market Insights for July 7th 2025
CIFDAQ
 
PDF
Transcript: New from BookNet Canada for 2025: BNC BiblioShare - Tech Forum 2025
BookNet Canada
 
Using FME to Develop Self-Service CAD Applications for a Major UK Police Force
Safe Software
 
Webinar: Introduction to LF Energy EVerest
DanBrown980551
 
Interview paper part 3, It is based on Interview Prep
SoumyadeepGhosh39
 
Why Orbit Edge Tech is a Top Next JS Development Company in 2025
mahendraalaska08
 
Presentation - Vibe Coding The Future of Tech
yanuarsinggih1
 
Blockchain Transactions Explained For Everyone
CIFDAQ
 
Timothy Rottach - Ramp up on AI Use Cases, from Vector Search to AI Agents wi...
AWS Chicago
 
SWEBOK Guide and Software Services Engineering Education
Hironori Washizaki
 
Complete JavaScript Notes: From Basics to Advanced Concepts.pdf
haydendavispro
 
CIFDAQ Token Spotlight for 9th July 2025
CIFDAQ
 
Reverse Engineering of Security Products: Developing an Advanced Microsoft De...
nwbxhhcyjv
 
UiPath Academic Alliance Educator Panels: Session 2 - Business Analyst Content
DianaGray10
 
How Startups Are Growing Faster with App Developers in Australia.pdf
India App Developer
 
HCIP-Data Center Facility Deployment V2.0 Training Material (Without Remarks ...
mcastillo49
 
Chris Elwell Woburn, MA - Passionate About IT Innovation
Chris Elwell Woburn, MA
 
HubSpot Main Hub: A Unified Growth Platform
Jaswinder Singh
 
SFWelly Summer 25 Release Highlights July 2025
Anna Loughnan Colquhoun
 
Achieving Consistent and Reliable AI Code Generation - Medusa AI
medusaaico
 
CIFDAQ Market Insights for July 7th 2025
CIFDAQ
 
Transcript: New from BookNet Canada for 2025: BNC BiblioShare - Tech Forum 2025
BookNet Canada