Many Faces of Application Security Monitoring
Everybody knows what “network security monitoring” actually is (even if not everybody is DOING it…). There is a whole book on the subject. In addition, there is a shared understanding in security...
View ArticleMore on Application Security Monitoring
As I mentioned in “Many Faces of Application Security Monitoring,” the industry has not yet figured out what application security monitoring (ASM) is yet. For that reason, a lot of the guidance, while...
View ArticleWanted Dead or Alive: Application DoS Attack
…definition. As I am working on my research project related to denial of service mitigation, I come across the concept of “application DoS.” Sadly, just as many things in security industry, labeled...
View ArticleMany Faces of Application Security Monitoring
Everybody knows what “network security monitoring” actually is (even if not everybody is DOING it…). There is a whole book on the subject. In addition, there is a shared understanding in security...
View ArticleMore on Application Security Monitoring
As I mentioned in “Many Faces of Application Security Monitoring,” the industry has not yet figured out what application security monitoring (ASM) is yet. For that reason, a lot of the guidance, while...
View ArticleWanted Dead or Alive: Application DoS Attack
…definition. As I am working on my research project related to denial of service mitigation, I come across the concept of “application DoS.” Sadly, just as many things in security industry, labeled...
View ArticleWhy SIEMs F*cked Up Application Log Analysis?
This is going to be a short one: why do you think the SIEM vendors f*cked up application log analysis so badly? Think about it, SIEM technology started roughly in 1997, so 20 years ago. 20 years is...
View Article2012 Redux: What Is Application Security Monitoring?
Now, when you hear a phrase “application security monitoring”, what picture comes to mind? For me, nothing does… As I said in February 2012, “the industry has not yet figured out what application...
View ArticleWebinar Q&A from Modern Network Threat Detection and Response
As promised, here is my lightly edited Q&A from a recent webinar called “Modern Network Threat Detection and Response.” Questions about vendors are removed, and some are edited for clarity. Q: I...
View Article
More Pages to Explore .....