DDoS attacks are a well-understood problem in many ways, but the evolution application layer attacks and the arms race between attackers and defenders must be understood to ensure that enterprises have an appropriate and effective response strategy. This talk is meant as a primer to kick-start your organizations DDoS response strategy, and help security practitioners understand both the mechanics of the attack and the vital controls and response actions in play for the enterprise defender:
Quick overview of DoS, DDoS, and Application Layer Attacks
Anatomy of Application Layer DDoS Attacks
Life-cycle for effective DDoS response
Key response roles
The challenge facing the attacker
Common pitfalls in incident analysis
Network traffic analysis technical guidance
In house DDoS mitigations
Vendor managed DDoS Mitigation Service Architectures
Hardening application source code against DDoS attacks
Attack simulations
- Learn the fundamentals involved with defending application layer DDoS attacks
- Understand the DDoS relevant security controls inherent to all networks.
- Explore how managed service offerings for DDoS mitigation work.
About Kevin Nassery
Kevin Nassery is a managing principal at Synopsys where he focuses on application security testing, software security strategy, security metrics, infrastructure security, denial of service issues and vulnerability management. He has spent 18 years in a wide array of security engineering, architecture, operations and leadership roles. He has presented at numerous conferences on security issues ranging from high security network design, to how to influence organizations as a consultant.
