Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Web Application Honeypot Threat Intelligence - Techniques and Implementation

OWASP Foundation via YouTube

Overview

Explore the world of web application honeypots and threat intelligence in this 31-minute OWASP Foundation talk by Adrian Winckles, Director of Cyber Security & Networking Research Group at Anglia Ruskin University. Dive into the OWASP Web Application Honeypot Project, designed to identify and report emerging attacks against web applications. Learn about the collection, storage, and analysis of threat intelligence data, and discover how honeypots can provide realistic targets to entice attackers while revealing their tools and techniques. Examine the use of ModSecurity-based Web Application Firewall technology with OWASP's Core Rule Set, and understand how intelligence data is converted to STIX/TAXII format or visualized using ELK. Gain insights into the project's goals of creating globally distributed honeypots, aggregating attack techniques, and developing educational information for application writers. Explore the rich dataset available for post-attack forensics and incident response, and delve into topics such as WAF implementation, Mod Security, proof of concept layouts, and future project stages.

Syllabus

Intro
Why OWASP Web Honeypots (Part 2)?
Consider the WAF - Web Application Firewall
The WAF as a Honeypot or Probe?
Mod Security - An Open Source Web Application Firewall
Original Project
Proof of Concept Layout (in Docker format)
Honey Traps
Proposed Next Stages

Taught by

OWASP Foundation

Reviews

Start your review of Web Application Honeypot Threat Intelligence - Techniques and Implementation

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.