Proxy Caches and Web Application Security

Posted on October 30th, 2008 by Tim Bass

Proxy Caches and Web Application Security
View SlideShare presentation or Upload your own.

Filed under: Asia Pacific, Complex Event Processing, Cybersecurity, OWASP, Risk Management, Threats and Vulnerabilities, Use Cases | No Comments »

Wall Street Firms Using CEP to Measure and Manage Risk

Posted on October 29th, 2008 by Tim Bass

Oct 27, 2008
By Penny Crosman
URL: http://www.wallstreetandtech.com/showArticle.jhtml?articleID=211300559
One of the many effects of the credit crisis is that Wall Street firms have found a new focus for their complex event processing projects. Although they’re not abandoning CEP-based algorithmic trading, new CEP initiatives are focused on measuring and managing risk.
With its ability to watch and apply business [...]

Filed under: Basel II, Business Rules, CEP News and Events, Complex Event Processing, Cyber-Trading Technologies, Cybersecurity, Risk Management, Use Cases | No Comments »

Comments on Proxy Caches and Web Application Security (OWASP Taipei)

Posted on October 28th, 2008 by Tim Bass

Hello from Taipei.
We just completed an absolutely awesome OWASP conference (over 1200 attendees), OWASP AppSec Asia 2008 - Taiwan. This was a very well managed conference, organized by Wayne Huang, OWASP Taiwan Chapter Leader and Founder and CEO of Armorize.  In a future post, when I get links to other speaker’s presentations, I will talk [...]

Filed under: Complex Event Processing, Cybersecurity, OWASP, Systems Engineering, Threats and Vulnerabilities | 1 Comment »

AF083-022: Visualization for Command and Control of Cyberspace Operations

Posted on October 18th, 2008 by Tim Bass

AF083-022  TITLE: Visualization for Command and Control of Cyberspace Operations
TECHNOLOGY AREAS: Air Platform, Information Systems, Space Platforms, Human Systems
The technology within this topic is restricted under the International Traffic in Arms Regulation (ITAR), which controls the export and import of defense-related material and services. Offerors must disclose any proposed use of foreign nationals, their country [...]

Filed under: Advanced Event Processing, Complex Event Processing, Cybersecurity, Systems Engineering, Use Cases, Visualization | No Comments »

OWASP European Summit - Portugal

Posted on October 15th, 2008 by Tim Bass

Portugal/Algarve - 4th - 7th November 2008
Setting the Web Application Security Agenda for 2009: OWASP Invites You to Join Our Summit in Portugal
http://www.owasp.org/index.php/OWASP_EU_Summit_2008
With the theme ‘Setting the AppSec agenda for 2009′, the OWASP Summit will be a worldwide gathering of OWASP leaders and key industry players to present and discuss the latest OWASP tools, documentation [...]

Filed under: Complex Event Processing, Cybersecurity, OWASP | No Comments »

OWASP AppSec Asia 2008 - Taiwan

Posted on October 14th, 2008 by Tim Bass

Here is the latest on OWASP AppSec Asia 2008 - Taiwan.  I will be giving a talk on Oct 27th about Proxy Caches and Web Application Security–using the recent Google Docs 0-day as an example.
Some of the background for this presentation are Proxy Caches are a Challenging Threat to Internet Security and A New Security [...]

Filed under: Asia Pacific, Complex Event Processing, Cybersecurity, OWASP, Threats and Vulnerabilities | No Comments »

The Motivation Behind Adaptive Analytics and CEP

Posted on October 11th, 2008 by Tim Bass

This is a continuation of The Genesis of Complex Event Processing: Asymmetric Capabilities and CEP, Event Noise and Asymmetric Event Processing where I have been discussing the motivation behind CEP and adaptive analytics in cyberspace.
Around the same time that Professor Luckham and his team was working on CEP applications in network management and security management, [...]

Filed under: Advanced Event Processing, Agents, Analytics, Artificial Intelligence, Blackboard Architecture, CEP News and Events, CEP Terminology, CEP Tutorials, Complex Event, Complex Event Processing, Consulting, Cybersecurity, Detection Theory, Event Cloud, Event Processing, Event Stream Processing, Intrusion Detection, Security Event Management, Sensor Fusion, Systems Engineering, Use Cases | 17 Comments »

Proxy Caches are a Challenging Threat to Internet Security

Posted on October 5th, 2008 by Tim Bass

Proxy caches, combined with poorly written session management code, can easily leads to serious security flaws similar to what we highlighted in A New Security Breach in Google Docs Revealed.
Web developers have no control over proxy caches in the Internet. However, developers do have control of the code they write and their admin teams have [...]

Filed under: Complex Event Processing, Cybersecurity, Threats and Vulnerabilities, Use Cases | No Comments »

OWASP AppSec Asia 2008: Proxy Caches and Web Application Security

Posted on October 3rd, 2008 by Tim Bass

Back to travelling a bit, I have accepted an invitation from Wayne Huang, Chapter Leader, OWASP Taiwan,  to give the following presentation at OWASP AppSec Asia 2008, October 27 - 28, 2008, in Taipei:
Proxy Caches and Web Application Security
Abstract:  Proxy caches, combined with poorly written session management code, can easily lead to serious Internet security [...]

Filed under: Asia Pacific, Complex Event Processing, Cybersecurity, OWASP | No Comments »

Modelling The Global Financial Meltdown

Posted on October 2nd, 2008 by Tim Bass

Yesterday I received a call from Penny Grosman, Senior Editor, Wall Street & Technology.   Penny was interested in my opinion, “Will risk management applications be the next killer app for CEP” on Wall Street.    I enjoyed talking with Penny.  She caught up with me leaving a tailor’s shop in Chiang Mai, so I hope [...]

Filed under: Complex Event, Complex Event Processing, Financial Services, Modelling and Simulation, Risk Management | No Comments »

Next Page »
Copyright © 2007-2008, The CEP Blog, All Rights Reserved.