Security Event Triage: Revealing Attacker Methodology in Web Application Events

Focused View

Aaron Rosenmund

2:09:08

8 View

01.Course Overview

01.01.Course Overview.mp4

02:09

02.Defending Against Web Application Attack Techniques

02.01.Introducing the Wide World of Web Apps.mp4

02:36

02.02.Describing the Web Application Problem.mp4

02:39

02.03.Defining Application Securitys Role.mp4

03:25

02.04.Accessing Web Application Attack Information.mp4

03:41

02.05.Winding up to Take a Big Swing at Attack Coverage.mp4

02:07

03.Detecting Attackers with Web Application Firewalls

03.01.Introducing Web Application Firewalls.mp4

03:26

03.02.Understanding the Web Application Layer.mp4

01:53

03.03.Envisioning the On-premises Architecture.mp4

01:58

03.04.Visualizing Command Injection.mp4

01:27

03.05.Detecting Command Injection.mp4

16:07

03.06.Visualizing SQL Injection.mp4

01:52

03.07.Hunting for SQLi.mp4

04:20

03.08.Understanding Cross Site Scripting.mp4

01:49

03.09.Identifying Cross Site Scripting with Azure WAF.mp4

05:38

03.10.Defining Local and Remote File Inclusion Attacks.mp4

01:41

03.11.Blocking Local File Inclusion Vulnerabilities with AWS Firewall.mp4

05:59

03.12.Integrating Web Application Firewall Security with Security Operations.mp4

02:40

04.Log Collection and Analyzing Application Behavior with Logs

04.01.Introducing Behavioral Analysis for Web Applications.mp4

02:02

04.02. Visualizing Web Application Enumeration.mp4

02:09

04.03.Revealing Attacker Enumeration in Web Access Logs.mp4

11:01

04.04.Deciphering Automated Attacker Activity.mp4

02:19

04.05.Describing Denial of Service Behavior.mp4

01:25

04.06.Identifying Advanced DOS Attacks with Machine Learning.mp4

07:23

04.07.Generalizing Denial of Service Behavioral Detections.mp4

01:03

04.08.Understanding Timing Based SQL Injections.mp4

01:37

04.09.Identifying Timing Based SQL Injections.mp4

03:48

04.10.Summarizing Adversary Detections.mp4

01:51

05.Integrating Web Vulnerability Scanning Detections

05.01.Introducing Defensive Use of Web Application Scanning.mp4

02:24

05.02.Integrating Detections into Software Deployment Life Cycle.mp4

04:00

05.03.Understanding Threat of Third Party Software Threat.mp4

02:17

05.04.Using Web Application Attack Tools to Monitor Threat Surface.mp4

07:11

05.05.Specializing in Web Application Vulnerability Analysis.mp4

01:37

05.06.Leveraging Zed Attack Proxy to Test Custom Application.mp4

05:03

06.Operationalizing Web Application Attack Detection

06.01.Distilling the Detection of Web Attack Methods .mp4

01:48

06.02.Assessing the Impacts and Implied Tasks.mp4

04:43

Description

In this course on revealing web application attack methodology, you will explore the use of web application filters, app service logs, and web vulnerability scanners to reveal various advanced attacker techniques and detecting live web exploitations.

What You'll Learn?

Developing the skills necessary for a security analyst to accurately detect and triage adversary tactics and techniques applied to web applications requires experience with web application's baseline behavior and the use of advanced detection capabilities. Neither of which are easy to obtain. In this course, Security Event Triage: Revealing Attacker Methodology in Web Application Events, you will gain the foundation knowledge and experience with web application technologies and attacker methodologies required to protect your vital business functions. First, you will monitor the front door of applications for common attacks with web application firewalls on-premises and on major cloud platforms. Next, you will learn the logic behind hunting for behavioral anomalies generated by more advanced attacker activity and how to create machine learning jobs to identify this behavior in an automated way. Finally, you will discover how to leverage the same tools the attackers use to actively spot holes in your applications that pop up as new builds are released and mitigate the associated risk. When you finish this course, you will have the skills and knowledge of web application attack detection needed to implement continuous monitoring capabilities that protect the enterprise applications on which your organization depends.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Ethical Hacking

Penetration Testing

Information Security

Aaron Rosenmund

Instructor's Courses

Aaron M. Rosenmund is a cyber security operations subject matter expert, with a background in federal and business defensive and offensive cyber operations and system automation. Leveraging his administration and automation experience, Aaron actively contributes to multiple open and closed source security operation platform projects and continues to create tools and content to benefit the community. As an educator & cyber security researcher at Pluralsight, he is focused on advancing cyber security workforce and technologies for business and national enterprises alike. In support of the Air National Guard, he contributes those skills part time in various initiatives to defend the nation in cyberspace. Certifications: GIAC GCIA, GIAC GCED, CCNA Cyber Operations, Pentest+, CySa+, CASP www.AaronRosenmund.com @arosenmund "ironcat"

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.