This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Thursday, May 21 • 11:55 - 12:40
Maliciously Monetizing AppSec "Feature". It's All About The Money.

Sign up or log in to save this to your schedule and see who's attending!

Although the most common attack techniques are SQLi, Command Injection, RFI and XSS. Our research has found that some uncommon attack techniques are “profit driven” introducing attack sophistication by abusing application features or low Impact vulnerabilities such as: comments, page redirects and content availability. These attack techniques are used in order to promote fake brands, illegal services and attacking a competitors reputation.

Detecting this kind of attacks in real time was challenging, due to the inherent business logic exploited for malicious purposes. Our technique to detect them is anomaly detection with Akamai’s Big Data Platform, using a heuristic and forensic approach.
However, by careful review of the application logs, any affected party could identify these attacks. We will present a few examples of log entries that could be used to identify an attack.

To summarize the presentation we will also recommend on proper actions and mitigations that will help detecting and preventing related incidents.   

avatar for Ezra Caltum

Ezra Caltum

Ezra is an Information Security enthusiast, with experience in the fields of Secure Software Development, Security consulting, Forensics and Red Teaming. He currently serves as a Senior Security Researcher for Akamai's Cloud Security Intelligence platform. | Ezra is one of the organizers of the DC9723 Israel Defcon group, and a volunteer at different Information Security groups in Israel. 
avatar for Or Katz

Or Katz

Principal Security Researcher, Akamai
Or is an application security veteran, with years of experience at industry leading vendors, currently serves as principal security researcher for Akamai's Cloud Security Intelligence platform. Or is a frequent speaker in conferences such as RSA, AppSec and CSA. Or has published several innovative articles and white papers on web applications threat intelligence and defensive techniques.

Thursday May 21, 2015 11:55 - 12:40
Room E103 Amsterdam RAI

Attendees (10)