Are your web applications secure? Do you know how to lock downnew web applications when they are placed into production? Do youknow if attackers are trying to break into your site and steal dataor cause other harm? The solutions in this book provide answers tothese critical questions and increase your ability to thwartmalicious activity within your web applications.
Each recipe includes background data explaining how the attackworks, an ingredients list, and step-by-step directions. You'lllearn how to prepare for attacks, analyze web transactions formalicious activity, and respond with the best solutions.ModSecurity, a versatile, open source web application firewallmodule for Apache, Microsoft IIS, and Nginx web server platforms,is used to demonstrate each defensive technique.
Implement full HTTP auditing for incident response
Utilize virtual patching processes to remediate identifiedvulnerabilities
Deploy web tripwires (honeytraps) to identify malicioususers
Detect when users are acting abnormally
Analyze uploaded files and web content for malware
Recognize when web applications leak sensitive user ortechnical data