by Anton Chuvakin | May 3, 2012 | 8 Comments
…definition. As I am working on my research project related to denial of service mitigation, I come across the concept of “application DoS.” Sadly, just as many things in security industry, labeled with "application something" (application security monitoring anybody?), this one is not clearly defined. This lack of clarity leads to missed requirements and misplaced [...]
Category: application Denial of Service security Tags: Denial of Service, DoS, security
by Anton Chuvakin | March 15, 2012 | 3 Comments
As I mentioned in “Many Faces of Application Security Monitoring,” the industry has not yet figured out what application security monitoring (ASM) is yet. For that reason, a lot of the guidance, while useful, stays at high-level and does not dive to details. This also leads to a weird kind of disconnect in conversations since [...]
Category: application monitoring security Tags: application security, security, security monitoring
by Anton Chuvakin | February 2, 2012 | 20 Comments
Everybody knows what “network security monitoring” actually is (even if not everybody is DOING it…). There is a whole book on the subject. In addition, there is a shared understanding in security community about it. Specifically, NSM includes various logs/alerts, packets, flows, session captures, etc. However, what is “application security monitoring” (ASM)? As I am [...]
Category: application monitoring security Tags: application security, security, security monitoring
