Trapping Adversaries in the WAF of their Journey #185
Description
Abstract
Threat hunting, firewall deployment, and configuring those firewalls according to threat feeds needs to be a tight loop. However, coordinating between different teams while handling multiple high priority tickets can be cumbersome. A more proactive approach towards understanding of adversary behaviour can be achieved through deception tech. In this session we’ll learn about web application firewalls, honeypots, and how to build our own deceptive firewall on the layer 7 to trick adversaries into thinking that they have gained access critical data while the blue team tracks their move to learn new attack paths. It’ll be a hands-on session with minimal theory to ensure practical coding and demo parts can be given enough time.
Expected Duration
60 minutes
Track
- Intermediate
Pre-requisite
- Some programming knowledge
- Some knowledge of backend dev/RESTful APIs
- Go programming language installed
- MongoDB installed (optional)
Resources
- What's a WAF?
- What is deception tech?
- CLI WebApp Generator
Slides
Trapping Adversaries in the WAF of their Journey
Preferred Time and mode
Day/Offline
Previous Experience
- NULLCON Goa 2022
- GCCD New Delhi 2022
Contact info
- LinkedIn
- E-mail
Checklist
Place an '[x]' (no spaces) in all the fields you agree to. You can keep the fields blank on which you don't agree
The talk/workshop speaker agrees to,
- Share the slides, code snippets and other material used during the talk
- If the talk is recorded, you grant the permission to release the video on ILUGD's YouTube channel(LINK) under CC-BY-4.0 license
- Not do any hiring pitches during the talk and follow the Code of Conduct(LINK TO COC)
Note
Please do add/upload slides in pdf or an open document format.
People who are using LibreOffice, openOffice etc. should not have any problems viewing it.