BalCCon2k24

Dev Ally, Zero-Days Foe
2024-09-20, 16:15–17:15 (Europe/Belgrade), Tesla

Traditional AppSec techniques such as testing, scanning, and code reviews are essential but often unable to protect against zero-day vulnerabilities before they are discovered and disclosed. In this talk, we will explore how Runtime Application Self-Protection (RASP) technologies can provide real-time behavioral monitoring and protection for applications during execution. We will dive into the limitations of pre-deployment security and explain why runtime protection is necessary. Furthermore, we will discuss the main components and architecture of a RASP solution, highlighting its key features and benefits. Attendees will gain insights into various RASP techniques, including behavioral analysis, anomaly detection, and machine learning, which are crucial for detecting unknown threats. Real-world examples of RASP preventing zero-day exploits and unknown attacks will be shared, showcasing its effectiveness in safeguarding applications. Lastly, we will provide best practices for implementing and integrating RASP into the CI/CD pipeline and DevOps workflow.


Modifications can be made upon request by the organizer

  1. Appsec ecosystem
  2. Continuous improvement and security testing
  3. SBOM & SCA
  4. Tooling cons and pros
  5. SAST/DAST/IAST limitations
  6. What is RASP
  7. RASP benefits
  8. RASP vs SAST/DAST/IAST
  9. RASP approach
  10. RASP steps
  11. RASP architecture
  12. Use cases
  13. RASP pre-deployment
  14. RASP modes
  15. Techniques
  16. Implementation
  17. RASP in-action
  18. RASP vs WAF
  19. Conclusion
  20. Q&A Session
Ali

Ali is a security researcher with over a decade of experience working in tech fields. Currently, he is application security lead at Canon EMEA. Ali is a regular speaker or trainer at industry conferences and events such as: Confidence Conf 2020 , Hack In The Box 2023 AMS, DefCon 3x, IEEE AI-ML-Workshop-2021, SSD TyphoonCon 2x, c0c0n, BSides Toronto, Budapest, Calgary, Newcastle, Barcelona, OWASP Ottawa chapter, LeHack2022, NoNameCon, YASCon, COUNTERMEASURE Conference, DragonCon, COSAC 2022, Hacktivity, DefCon Holland, etc. Moreover, he was a trainer at OWASP Summer of Security 2020, 2021 July training, and reviewer for Springer Cluster Computing Journal as well as the 2021 Global AppSec U.S. event.