Big Data Intelligence (Harnessing Petabytes of WAF statistics to Analyze & Improve Web Protection in the Cloud)

Schedule Speakers

Wednesday, November 20 • 4:00 pm - 4:50 pm

Presentation Title: "Big Data Intelligence" 

Subtitle: "Harnessing Petabytes of WAF statistics to Analyze & Improve Web Protection in the Cloud"

As web application attacks turn into massive campaigns against large corporations across the globe, web application firewall data increases exponentially, leaving security experts with a big data mess to analyze. Pinpointing real attacks in a sea of security event noise becomes an almost impossible tedious task. In this presentation, we will unveil a unique platform for collecting, analyzing and distilling Petabytes of WAF security intelligence information. Using the collected data, we will discuss the OWASP ModSecurity Core Rule Set project's accuracy, and reveal common attack trends, as well as our impressions and suggestions for how to wisely make the best out of the CRS project.

Topic covered in this presentation:

  • Using Big Data for analyzing web application security trends
    • Akamai's Cloud Security Intelligence (CSI) platform - collecting Petabytes of WAF events with near-real time analysis capabilities
    • Sample data analysis - Top 10 web application attacks and trends, as collected by the system
    • Short demo of a unique user interface for navigating and analyzing big WAF data (SARA - Security Analytics Research Application)
  • Measuring the accuracy of the OWASP CRS project?
    • Analyzing the accuracy of CRS - precision, recall & accuracy statistics against real world traffic
    • Frequent real world false positives scenarios, and how to remediate them
    • Top 10 triggering rules statistics

Presentation Length: 45 minutes

Speakers:
Ory Segal

Information about my history in the security industry can be found in the reflection blog post done on me: http://myappsecurity.blogspot.co.il/2007/04/reflection-on-ory-segal.html I have been a part of the security industry since 1996, and was closely involved in building some of the leading products in the web application security industry, such as Sanctum's AppShield & AppScan (now IBM). During the years I have published many research papers and technical articles.

An application and information security veteran and an experienced product management, software marketing and technology professional with over 15 years of experience. Ory is a recognized expert in web application security - actively engaged in application security research, product development and product management for market leading products. An officer of the Web Application Security Consortium (WASC), contributing member in several key industry initiatives such as: NIST Web Application Scanner Focus Group (SAMATE), OWASP and MITRE CWE, CWSS, CWRAF and SANS Top 25.

and Tsvika Klein

Rich experience as a speaker in industry conferences and technical panels such as OWASP and academia.

Product Manager, Akamai Cloud Security, CISSP. An application and data security veteran, with years of experience in the web application security industry. Currently serves as the Product Manager for Akamai's Cloud Security Intelligence platform.

See more of: Presentations
www.appsecusa.org
<< Previous Presentation | Next Presentation >>