Course Summary

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Time
2 hours 5 minutes
Difficulty
Beginner
CEU/CPE
3
Video Transcription
00:00
welcome back to the course, but
00:02
now it's time to say we're done
00:05
after the last video where we talked about other sources of logs like I, P s I. D s and Web application firewall.
00:12
In this video,
00:13
we'll do a course summary.
00:16
This was a basic course.
00:18
The main objective of this course was to introduce you to log analysis. And since today Web applications are present in our lives,
00:25
this is a good way to start doing log analysis.
00:28
This course was built based off of the routines of offenders and also sock analysts.
00:34
Let's do a brief review of the course topics.
00:38
We had two modules in our course.
00:41
The first was an introduction and a review.
00:43
We started with a course introduction, followed by a Web application review
00:47
where we talked about Web application components like the Web server and clients.
00:51
After we talked about a really important component
00:54
the Web server,
00:55
we talked about Apache, N G, I N X, and I. I s
00:59
also in this lesson. We talked about Web server logs
01:03
to conclude module one. We gave some advice on how to perform a good analysis, and we also touched on some log analysis, mistakes or errors.
01:11
Module two was the module for log analysis.
01:15
The first topic of module to was Web application attacks.
01:19
We discussed vulnerability attacks in the O Wasp Top 10 project.
01:23
In this course, we used the 2017 version of the O Wasp Top 10 projects.
01:29
An important thing here is even if the WASP Top 10 launched a new version, the information about these attacks won't change.
01:37
Some vulnerabilities and attacks have become less popular, and maybe the new type of tax can be found more.
01:42
But that's why it's important to understand Web server logs.
01:47
After this introduction, we started talking about the attacks,
01:51
vulnerability scans, brute force attacks, SQL injection file inclusion, cross site scripting and cross site request forgery.
01:59
For each of these attacks, we gave some directions on how to identify them. For example, the user agent can help a lot. But don't forget that http requests can be crafted.
02:09
Remember to understand what the log means, what the log wants to say to you.
02:15
Remember the questions who, what and when.
02:19
Look for key components of the log like the I P address.
02:22
And don't worry if you don't understand all the log fields,
02:25
log analysis skills improve with practice.
02:29
The more log analysis you do, the better you'll be.
02:31
And after all these attacks and log analysis, we talked about TCP and http Flood, and we discussed how to identify them
02:39
and to finish the course. We talked about two really important tools that help stock analysts. I ps slash i ds and UAF
02:49
to conclude some final words.
02:52
Many helped the course architect Igor Vieira during this course, but he would like to mention three teaching assistance that helped him with this class.
03:00
Thank you.
03:00
He really appreciates the help.
03:04
Ah, final thanks to all the Sai Buri staff. And now
03:07
thank you for watching this course. Igor Vieira really enjoyed the time spent creating this course.
03:14
We hope you really enjoyed this course and we hope it improved your knowledge and motivated you to continue learning
03:20
to continue learning. Please check out the cyber re catalog. There are many great courses.
03:25
If you have any questions or doubts,
03:28
please contact the course architect Igor Vieira.
03:30
Thank you and we'll see you in the next course
Identifying Web Attacks Through Logs

This course will review web application infrastructure, web servers, and the logs associated with them. We will also simulate 10 attack scenarios and identify the attack through logs that are generated by the web server.

Instructed By