OSCOM4 Web Security Talks
I will be giving two talks at the forthcoming OSCOM4 conference in Zurich. The third track of the conference this year is an Apache track. It seems to be a lightweight ApacheCon Europe, hopefully as an introduction for the real thing in 2005. Anyway, the registration for OSCOM4 is now open so go and register if you are interested.
My talks will be about web security - no surprise there. The first talk, Threat Modeling for Web Applications will discuss what the real dangers to web applications are. Sure, web security is/was a big hit in 2004 but many people seem to be protecting from the wrong things. In the talk I will present a lightweight methodology how to determine what the biggest threats are, and how to guard against them.
The second talk, Challenges of Web Intrusion Detection, will look at the possible strategies to monitor web application usage in real time, detect and prevent attacks. IDS/IPS systems can exist on different levels (network, application, operating system) but the idea I want to put through is one of integration. Applications are often best equipped to detect anomalies. They just need to be integrated with an IDS system to make it work better. I am pretty sure mod_security will be a large part of this talk.