Securing eCommerce with Data Metrics

While the need for application logging and proper forensics information has been important after a security incident, it is not frequently used in proactive security. This talk will explore the ways that application logging, data, and metrics can be taken advantage of to create effective defenses for web applications. We query Hadoop for actual threshold numbers used for detecting attacks, proactively monitor for phishing attacks based on our own web server logs, respond in real-time to cross-site scripting attacks by hooking JavaScript methods, among other security countermeasures mined from big data. This presentation will help you build new defense strategies for your applications based on the data you are able to collect.