A Behavior Based Approach to Web Application Security

Track: Security
Skill Level: Intermediate
Room: Room A314
Time Slot: Tue 2/16, 4:00 PM
Tags: threat intelligence , security
Abstract

It’s 2015, and it’s about time we started expecting more from our security systems. We often have static security controls that punish good users and only mildly annoy malicious ones. Good security looks for ways to increase security while decreasing friction and controls for legitimate users. Our security environments should be able to respond to the moment and adapt as things change. We need to stop showing a captchas just because we’re too lazy to figure out if someone is a bot. We need to rely more on the data that we have to make informed decisions about the intentions of users and respond in kind. Join Aaron as he walks through the ideas behind building a dynamic security response system and how to integrate it into your software. You will be introduced to easy ways to catch bad behavior as well as some tools that will help you get started.

Aaron Bedra

Aaron is the creator of Repsheet, an open source threat intelligence framework. He is the co-author of Programming Clojure, 2nd Edition and a frequent open source contributor.