Security Event Triage: Revealing Attacker Methodology in Web Application Events

In this course on revealing web application attack methodology, you will explore the use of web application filters, app service logs, and web vulnerability scanners to reveal various advanced attacker techniques and detecting live web exploitations.
Course info
Level
Advanced
Updated
Feb 12, 2020
Duration
2h 8m
Table of contents
Course Overview
Defending Against Web Application Attack Techniques
Detecting Attackers with Web Application Firewalls
Log Collection and Analyzing Application Behavior with Logs
Integrating Web Vulnerability Scanning Detections
Operationalizing Web Application Attack Detection
Description
Course info
Level
Advanced
Updated
Feb 12, 2020
Duration
2h 8m
Description

Developing the skills necessary for a security analyst to accurately detect and triage adversary tactics and techniques applied to web applications requires experience with web application's baseline behavior and the use of advanced detection capabilities. Neither of which are easy to obtain. In this course, Security Event Triage: Revealing Attacker Methodology in Web Application Events, you will gain the foundation knowledge and experience with web application technologies and attacker methodologies required to protect your vital business functions. First, you will monitor the front door of applications for common attacks with web application firewalls on-premises and on major cloud platforms. Next, you will learn the logic behind hunting for behavioral anomalies generated by more advanced attacker activity and how to create machine learning jobs to identify this behavior in an automated way. Finally, you will discover how to leverage the same tools the attackers use to actively spot holes in your applications that pop up as new builds are released and mitigate the associated risk. When you finish this course, you will have the skills and knowledge of web application attack detection needed to implement continuous monitoring capabilities that protect the enterprise applications on which your organization depends.

About the author
About the author

Aaron M. Rosenmund is a cyber security operations subject matter expert, with a background in federal and business defensive and offensive cyber operations and system automation.

More from the author
Elastic Stack: Getting Started
Beginner
1h 41m
Feb 4, 2021
More courses by Aaron Rosenmund
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
[Autogenerated] everyone, My name's Aaron Rosenman and welcome to my course, revealing attacker methodologies and web application events. I am a full time author with Pluralsight, where I focused on research and course creation for incident response and security operations. In the ever advancing field of security operations, you have the near impossible job of understanding not just the concepts of cybersecurity but the ins and outs of network engineering systems, administration, adversary tactics and everything else that falls under the heading of cyber so that you can detect and analyze events on the network systems and applications that you monitor the security of entry. Odd series is designed to quickly expose you to the full spectrum of multi vector attacks, from different threat actors and over a multitude of applications, operating systems and services, so that you can get the experience that you need to separate good from bad and level up quickly. And this course we're going to demonstrate detection for different attacks on web apps, leveraging web applications, firewalls on premises and and as urinated S3 use of machine learning for behavioral anomaly, detection in application logs and the integration of vulnerability scanning tools into the continuous monitoring and detection process. By the end of this course, you not only have a better understanding of what it takes to detect attacks than web applications, but also how many of the a was top 10 attacks look in live environments, as well as how to leverage various defensive capabilities to separate the good from the bad. Before beginning the course, you should be familiar with security fundamentals, and from here you should feel comfortable diving in to other advanced security analysis areas with courses on detecting system anomalies, analyzing live system processes and files in performing tailored, alerting an event triage was seen tools. I hope that you'll join me on this journey to learn web application attack detection with the security event 2D AJ revealing attacker methodology and web application events course at Pluralsight.