Brought to you by Full Stack Boston - RSVP here
Cloud application developers are given a constant stream of instructions on how to make their applications secure: Reject weak passwords. Sanitize input. Use secure cookies. Use TLS. Audit your code. But, even developers who follow these guidelines still see their applications compromised because applications always have vulnerabilities.
Vulnerabilities do not have to result in application compromise, however. If we can detect attacks as they occur, they can be stopped before they do significant damage. Systems for detecting attacks are knows as intrusion detection systems (IDS). Intrusion detection was first proposed in the 1970's, and today widely used systems such as Snort and Bro detect intrusions on thousands of networks. Currently deployed IDS cannot protect against most application-level vulnerabilities; however, the techniques of intrusion detection can be used by developers to protect their applications.
This talk will explain the fundamentals of intrusion detection and how they have been used to protect systems. It will also discuss the future and how developers can use application-level intrusion detection to provide active protection for their systems.
Attendees will receive an intrusion detection "getting started" kit to help them put the insights of the presentation into practice.