Security Event Triage: Revealing Attacker Methodology in Web Application Events

In this course on revealing web application attack methodology, you will explore the use of web application filters, app service logs, and web vulnerability scanners to reveal various advanced attacker techniques and detecting live web exploitations.
Course info
Level
Advanced
Updated
Feb 12, 2020
Duration
2h 8m
Table of contents
Course Overview
Defending Against Web Application Attack Techniques
Detecting Attackers with Web Application Firewalls
Log Collection and Analyzing Application Behavior with Logs
Integrating Web Vulnerability Scanning Detections
Operationalizing Web Application Attack Detection
Description
Course info
Level
Advanced
Updated
Feb 12, 2020
Duration
2h 8m
Description

Developing the skills necessary for a security analyst to accurately detect and triage adversary tactics and techniques applied to web applications requires experience with web application's baseline behavior and the use of advanced detection capabilities. Neither of which are easy to obtain. In this course, Security Event Triage: Revealing Attacker Methodology in Web Application Events, you will gain the foundation knowledge and experience with web application technologies and attacker methodologies required to protect your vital business functions. First, you will monitor the front door of applications for common attacks with web application firewalls on-premises and on major cloud platforms. Next, you will learn the logic behind hunting for behavioral anomalies generated by more advanced attacker activity and how to create machine learning jobs to identify this behavior in an automated way. Finally, you will discover how to leverage the same tools the attackers use to actively spot holes in your applications that pop up as new builds are released and mitigate the associated risk. When you finish this course, you will have the skills and knowledge of web application attack detection needed to implement continuous monitoring capabilities that protect the enterprise applications on which your organization depends.

About the author
About the author

Aaron M. Rosenmund is a cyber security operations subject matter expert, with a background in federal and business defensive and offensive cyber operations and system automation.

More from the author
OS Analysis with HELK
Intermediate
29m
Jul 21, 2020
More courses by Aaron Rosenmund
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
everyone. My name's Aaron Rosenman and welcome to buy course revealing attacker methodologies in Web application events. I am a full time author with Puralsight, where I focus on research and course creation for instant response and security operations. In the ever advancing field of security operations, you have the near impossible job of understanding not just the concepts of cybersecurity but the ins and outs of network engineering systems, administration, adversary tactics and everything else that falls under the heading of cyber so that you can detect an analyze events on the network systems and applications that you monitor the security of entry. AJ series is designed to quickly expose you to the full spectrum of multi vector attacks from different threat actors and over a multitude of applications. Operating systems and service is that you can get the experience that you need to separate good from bad and level up quickly. And this course we're gonna demonstrate detections for different attacks on Web ABS, leveraging Web application firewalls on premises and in as your native US, the use of machine learning for behavioral anomaly, detection in application logs and the integration of vulnerability scanning tools into the continuous monitoring and detection process. By the end of this course, you not only have a better understanding of what it takes to detect attacks on Web applications, but also how many of the OSS top 10 attacks look in live environments, as well as how to leverage various defensive capabilities to separate the good from the bat before beginning the course, you should be familiar with security fundamentals, and from here you should feel comfortable diving into other advanced security analysis areas with courses on detective system anomalies, analyzing live system processes and files in performing tailored, alerting an event triage was seen tools. I hope that you'll join me on this journey to learn Web application attack detection with the security event triage, revealing attacker methodology and Web application events course at Pluralsight.