Security Event Triage: Revealing Attacker Methodology in Web Application Events

سرفصل های دوره

In this course on revealing web application attack methodology, you will explore the use of web application filters, app service logs, and web vulnerability scanners to reveal various advanced attacker techniques and detecting live web exploitations.

1 - Course Overview

1. Course Overview

2 - Defending Against Web Application Attack Techniques

1. Introducing the Wide World of Web Apps

2. Describing the Web Application Problem

3. Defining Application Securitys Role

4. Accessing Web Application Attack Information

5. Winding up to Take a Big Swing at Attack Coverage

3 - Detecting Attackers with Web Application Firewalls

01. Introducing Web Application Firewalls

02. Understanding the Web Application Layer

03. Envisioning the On-premises Architecture

04. Visualizing Command Injection

05. Detecting Command Injection

06. Visualizing SQL Injection

07. Hunting for SQLi

08. Understanding Cross Site Scripting

09. Identifying Cross Site Scripting with Azure WAF

10. Defining Local and Remote File Inclusion Attacks

11. Blocking Local File Inclusion Vulnerabilities with AWS Firewall

12. Integrating Web Application Firewall Security with Security Operations

4 - Log Collection and Analyzing Application Behavior with Logs

01. Introducing Behavioral Analysis for Web Applications

02. Visualizing Web Application Enumeration

03. Revealing Attacker Enumeration in Web Access Logs

04. Deciphering Automated Attacker Activity

05. Describing Denial of Service Behavior

06. Identifying Advanced DOS Attacks with Machine Learning

07. Generalizing Denial of Service Behavioral Detections

08. Understanding Timing Based SQL Injections

09. Identifying Timing Based SQL Injections

10. Summarizing Adversary Detections

5 - Integrating Web Vulnerability Scanning Detections

1. Introducing Defensive Use of Web Application Scanning

2. Integrating Detections into Software Deployment Life Cycle

3. Understanding Threat of Third Party Software Threat

4. Using Web Application Attack Tools to Monitor Threat Surface

5. Specializing in Web Application Vulnerability Analysis

6. Leveraging Zed Attack Proxy to Test Custom Application

6 - Operationalizing Web Application Attack Detection

1. Distilling the Detection of Web Attack Methods

2. Assessing the Impacts and Implied Tasks

Exercise Files

set-revealing-attacker-methodology-web-application-events.zip

189,000 تومان

افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: PluralSight