packet-rat
commented
9 years ago [+1] With a qualifier*
The complete list of Detection Points, along with details for each, can be found:
https://www.owasp.org/index.php/AppSensor_DetectionPoints
- This list focuses solely on Application Layer Detection Points. Yep, if they can't gain or maintain control of your systems (or access to data via same), then you have mitigated the risk. But as a "Network-centric Analyst", one can reasonably and equally argue that if they can't get to your system, service, and/or application, then any known, or more importantly unknown, vulnerabilities are irrelevant.
The actual concern here is that we would need to find similar constructs/ represented in similar context for Network Layer Detection Points. In other words, the specific enumerations consolidated from multiple sources/domains and commingled would need to maintain the same "sense" and "tense".
Does anyone know of any similarly expressed representations of Network Layer Detection Points?
As always, good find Jerome! Have you incorporated these Detection Points into XORCISM yet? ;-)
Patrick Maroney Cell: (609)841-5104
On Feb 22, 2015, at 2:25 AM, Jerome Athias notifications@github.com wrote:
We should consider using the OWASP AppSensor Project Enumerations
current location: https://www.owasp.org/images/0/02/Owasp-appsensor-guide-v2.pdf Chapter "Detection Points", Table 30, Page 125
— Reply to this email directly or view it on GitHub.
johnwunder
We should consider using the OWASP AppSensor Project Enumerations
current location: https://www.owasp.org/images/0/02/Owasp-appsensor-guide-v2.pdf Chapter "Detection Points", Table 30, Page 125