Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Stories from the Security Operations Center

151 views

Published on

Stories from the Security Operations Center

Published in: Technology
  • Be the first to comment

Stories from the Security Operations Center

  1. 1. STORIES FROM THE SECURITY OPERATIONS CENTER (S.O.C.) Paul Fletcher Cyber Security Evangelist, Alert Logic
  2. 2. Complexity of defending web applications and workloads Web App Attacks OWASP Top 10 Platform / Library Attacks System / Network Attacks
  3. 3. Network Topology
  4. 4. Popular Web Application Attacks Source: blog.sucuri.net
  5. 5. Recent SQL Injection Vulnerabilities
  6. 6. Today’s Attacks Have Several Stages
  7. 7. Initial Attack: Word Press XMLRPC Attack
  8. 8. Initial Attack: Word Press XMLRPC Attack Athletic Apparel Shop Brick & Mortar and e-commerce Application stack Custom code written in XML Word Press content management system MySQL database Detection method Intrusion Detection System (IDS) Log collection and analysis Web Application Firewall (WAF)
  9. 9. Word Press XMLRPC Attack
  10. 10. Word Press XMLRPC Attack
  11. 11. Word Press XMLRPC Attack
  12. 12. Mitigating WP XMLRPC Attacks
  13. 13. Mitigating WP XMLRPC Attacks
  14. 14. Mitigating WP XMLRPC Attacks
  15. 15. Exfiltration: SQL Injection
  16. 16. Exfiltration: SQL Injection Attack
  17. 17. SQL Injection Attack
  18. 18. SQL Injection Attack
  19. 19. What do you see? Attack: Response:
  20. 20. SQL Injection Attack
  21. 21. Impact of Web App Attacks – Key Takeaways • Web Apps are becoming more prevalent in organizations - Use of open source versus traditional applications • Web App attacks are “gateway” attacks - Yahoo breach started with a Word Press hack - 9,000 C&C servers compromised by Word Press hack - Shadow IT • Early Stage Detection - Prevents our customers from dealing with large scale breaches
  22. 22. How Alert Logic Detects Threats
  23. 23. Thank You.

×