Loading…
Thank you for joining us at our 20th Anniversary Event! All sessions were recorded and will be posted in the coming weeks on the OWASP YouTube channel.

We have been working hard to secure the world through challenges and discovery. And now, it’s time to celebrate! Many of you have played a crucial role in the Foundation’s enduring history, and we encourage you to participate in the celebration coming this September! Our theme, Securing the Next 20 Years, is encouraging and exciting as we look ahead to the next 20 years!

Join us for FREE at this live 24-hour global event as we honor the past, celebrate the present, and embrace the future of OWASP and cybersecurity. Hear from world-renowned keynotes and special speakers, and network with your peers. It is FREE to attend, however, registration IS required, to gain access to the session links.

Back To Schedule
Friday, September 24 • 1:30pm - 2:00pm
Looking at 4 years of web honeypot attacks: tactics, techniques and trends

Log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Abstract:
We’ve collected over 9 million events from hundreds of web honeypots around the world for past 52 months. This session will present the results of our analysis of that data to help answer the question: what attacks should I expect?
Using this honeypot data, we’ve been able to identify specific CVEs being targeted in large global attack campaigns. From this, we have clues on attacker tactics regarding which platforms and technologies receive attention time after time, and which fade from usage. This kind of data is vital in building a data-driven defense.
Attendees also learn what kinds of attack are commonplace on the Internet, so the ones targeting them uniquely will stand out. We will explain techniques to investigate and classify web attack log traffic at scale.
To quote Deming: In God we trust. Everyone else, bring data. We’re bringing the data.

Speakers
avatar for Malcolm Heath

Malcolm Heath

Senior Threat Research Evangelist, F5 Networks
Malcolm Heath is a Senior Threat Researcher with F5 Labs. His career has included incident response, program management, penetration testing, code auditing, vulnerability research, and exploit development at companies both very large and very small. Prior to joining F5 Labs, he was... Read More →
avatar for Raymond Pompon

Raymond Pompon

Director F5 Labs, F5 Networks
Raymond Pompon is currently the Director of F5 labs. With over 20 years of experience in Internet security, he has worked closely with Federal law enforcement in cyber‐crime investigations. He was been directly involved in several major intrusion cases including the FBI undercover... Read More →


Friday September 24, 2021 1:30pm - 2:00pm EDT
On-Line