Last Thursday had the opportunity to give a talk on the PHPIDS install I’ve been running on several blogs for awhile. This was the first time I gave it. There’s still a lot of additional research I need to do here and I’m looking forward to updating this talk in the near future. Anyway, here is the talk abstract as well as links to the slides.
“Using PHPIDS to Understand Attacks Trends”
As described by its author, PHPIDS “is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application.” As an open source project it provides web site owners unfamiliar with traditional log analysis an easy way to learn of attacks against their site. This presentation will provide an overview of PHPIDS as well as instructions for incorporating it into your web infrastructure. Specifically, the talk will start with a detailed description of PHPIDS, including its architecture and operational flow. Next, the discussion will turn to the basics of installing, configuring, and testing it for any PHP web application. Finally, the presenter will provide insight into operations and maintenance of PHPIDS from over two years of use, including calibration, signature updates, incident response, and attack trends.
If you were at AppSecDC and got a chance to hear my talk … let me know what you thought! See ya!