Lifecycle of a security incident: from detection to response
Back-end • March 2019
Lifecycle of a security incident: from detection to response
Explore more
About
Lifecycle of a security incident: from detection to response
About

Starting from a web application that comes with an exploitable critical bug detected during a penetration test by the red team, we will learn how to put in place some countermeasures to detect the attempts to exploit the vulnerability while keeping the system online. This allows us to mitigate the vulnerability risk while software engineers work to fix the problem.
At the same time the blue team will use web server logs to build detection rules that will help in the incident response phase (if there is one).
A full immersion in the activities of a defense team based on a real life experience.

Language
English
Level
Advanced
Length
39 minutes
Type
conference
About the speaker
About the speaker
Giovanni Mellini
Head of "Information, systems and network Security"ENAV S.p.A.
Giovanni merlos Mellini is founder and president of Cyber Saiyan - www.cybersaiyan.it - a no profit organization founded to promote social initiatives to spread cyber security and ethical hacking culture; Cyber Saiyan organizes RomHack - www.romhack.io - a free cyber security conference held yearly in Rome. He is the head of "Information, systems and network Security" in ENAV, the italian air navigation service provider. Sometimes he writes about open source, security and boring stuff on his blog Scubarda - www.scubarda.com
Details
Language
English
Level
Advanced
Length
39 minutes
Type
conference