Defensive Coding Reloaded: A Guide To Active Web Application Defence

Date:

When considering defending and protecting web applications, rarely do we speak about what the web applications themselves can actively do when under attack. Built-in detection and response capabilities can be a highly effective and underutilized method to mitigate attacks and to act as a canary for malicious activity.

In this talk, I’m going to introduce the concept of application intrusion detection and highlight the techniques available to make web applications attack-aware. Furthermore, I will also illustrate ongoing research on how developers can take advantage of their frameworks and language-level mechanisms to get started.