Software Engineering Institute | Carnegie Mellon University

SEI Insights


Vulnerability Insights

"Network Monitoring for Web-Based Threats" Released

Posted on by in

The CERT Network Situational Awareness (NetSA) team has published an SEI technical report on monitoring web-based threats.

The report draws on related work such as OWASP but comes from a different point of view. While OWASP is focused on developing web applications securely, this report focuses more on situations where you don't have that control, but you need to protect servers and clients from web-based threats. The report may help you answer the following questions:

  • What kinds of network monitoring do you need to do?
  • How do you identify the attacks?
  • How do you prevent them at the network level?

At more than 100 pages, the report is as comprehensive as we could make it and still get it out in a (relatively) timely manner.

About the Author

Sid Faber

Contact Sid Faber
Visit the SEI Digital Library for other publications by Sid
View other blog posts by Sid Faber