Back To Schedule
Tuesday, January 24 • 2:30pm - 3:20pm
Uninvited Guests on the World's Wild Web: Understanding Malicious Web Bots with OWASP Handbook

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Day in and day out, web applications are subject to unwanted automated usage. These events often relate to misuse of inherent valid functionality, rather than the attempted exploitation of unmitigated vulnerabilities. Example of these events include click fraud, comment spamming, content scraping, password cracking, and many more. 

Without common language and terminology between architects and developers architects, business owners and engineers, builders and defenders, and security vendors and buyers, misunderstandings do happen, and they can be costly. The OWASP project on Automated Threats to Web Applications has produced an ontology providing a common language to facilitate clear communication and help tackle the issues. The project identifies symptoms of these issues and discusses countermeasures against them. 

One product of the project is the OWASP Automated Threat Handbook, which has recently been updated. As with all OWASP materials, the book is free to download and use. This talk will help you navigate the swampland of malicious web automation using the handbook as guide, along with examples from the real world. It will also offer advice, and discussion, on countermeasure techniques usable by builders and defenders alike of web applications. 

This OWASP project is intended to be an information hub for web application owners, builders and defenders, providing practical resources to help them protect their web properties against unwanted automated processes. The project seeks input from the industry -- and the audience -- to continuously improve its impact on real-world unwanted web automation problems. 

avatar for Tin Zaw

Tin Zaw

Director, Security Solutions, Verizon
The author resides in sunny southern California, where he seeks a Zen state of mind amid the chaotic mix of technology, society and cyber threats. Wanting to make the world safer online, he gave up his beloved programming job to focus on cyber security. He is a former president of... Read More →

Tuesday January 24, 2017 2:30pm - 3:20pm PST
Marion Davies Guest House