WAF are you talking about?Bio: Phillip Maddux is a Trusted AppSec Advisor at Signal Sciences. He has over 10 years of experience in information security, with the majority of that time focused on application security in the financial services sector. In his spare moments he enjoys converting ideas to code and committing them to Github. Abstract: Over the last several years we’ve witnessed, and experienced, an advance towards new approaches in web technologies and the processes to deploy web applications. In this talk, we’ll explore and describe the “Modern Web”, discuss observations on the evolution of the Secure SDLC, recognize existing challenges in achieving real-time threat visibility once web applications are deployed to production, and finally, walk through the concepts such as:
– Attack traffic
– Anomalous traffic
– Dynamic Detection
– Application Instrumentation
– Reduction in mean time to response
which all help to address the challenges in fast paced “agile” development cycles.