Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trapping Adversaries in the WAF of their Journey #185

Open
3 tasks done
gaurav-gogia opened this issue Nov 16, 2022 · 2 comments
Open
3 tasks done

Trapping Adversaries in the WAF of their Journey #185

gaurav-gogia opened this issue Nov 16, 2022 · 2 comments

Comments

@gaurav-gogia
Copy link

Abstract
Threat hunting, firewall deployment, and configuring those firewalls according to threat feeds needs to be a tight loop. However, coordinating between different teams while handling multiple high priority tickets can be cumbersome. A more proactive approach towards understanding of adversary behaviour can be achieved through deception tech. In this session we’ll learn about web application firewalls, honeypots, and how to build our own deceptive firewall on the layer 7 to trick adversaries into thinking that they have gained access critical data while the blue team tracks their move to learn new attack paths. It’ll be a hands-on session with minimal theory to ensure practical coding and demo parts can be given enough time.

Expected Duration
60 minutes

Track
- Intermediate

Pre-requisite
- Some programming knowledge
- Some knowledge of backend dev/RESTful APIs
- Go programming language installed
- MongoDB installed (optional)

Resources
- What's a WAF?
- What is deception tech?
- CLI WebApp Generator

Slides
Trapping Adversaries in the WAF of their Journey

Preferred Time and mode
Day/Offline

Previous Experience
- NULLCON Goa 2022
- GCCD New Delhi 2022

Contact info
- LinkedIn
- E-mail

Checklist

Place an '[x]' (no spaces) in all the fields you agree to. You can keep the fields blank on which you don't agree

The talk/workshop speaker agrees to,

  • Share the slides, code snippets and other material used during the talk
  • If the talk is recorded, you grant the permission to release the video on ILUGD's YouTube channel(LINK) under CC-BY-4.0 license
  • Not do any hiring pitches during the talk and follow the Code of Conduct(LINK TO COC)

Note

Please do add/upload slides in pdf or an open document format.
People who are using LibreOffice, openOffice etc. should not have any problems viewing it.
@pulsar17
Copy link

Hi @gaurav-gogia we're having a combined meetup with PyDelhi and Rust Delhi on 22nd June - https://www.meetup.com/pydelhi/events/301520830/, would be interested in giving this talk?

@gaurav-gogia
Copy link
Author

Hey @pulsar17, sorry I didn't notice this mention earlier. I guess I'll fill out CFP at a different time. Thanks for considering my talk though.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@gaurav-gogia @pulsar17