Course Summary

00:00

welcome back to the course, but

00:02

now it's time to say we're done

00:05

after the last video where we talked about other sources of logs like I, P s I. D s and Web application firewall.

00:12

In this video,

00:13

we'll do a course summary.

00:16

This was a basic course.

00:18

The main objective of this course was to introduce you to log analysis. And since today Web applications are present in our lives,

00:25

this is a good way to start doing log analysis.

00:28

This course was built based off of the routines of offenders and also sock analysts.

00:34

Let's do a brief review of the course topics.

00:38

We had two modules in our course.

00:41

The first was an introduction and a review.

00:43

We started with a course introduction, followed by a Web application review

00:47

where we talked about Web application components like the Web server and clients.

00:51

After we talked about a really important component

00:54

the Web server,

00:55

we talked about Apache, N G, I N X, and I. I s

00:59

also in this lesson. We talked about Web server logs

01:03

to conclude module one. We gave some advice on how to perform a good analysis, and we also touched on some log analysis, mistakes or errors.

01:11

Module two was the module for log analysis.

01:15

The first topic of module to was Web application attacks.

01:19

We discussed vulnerability attacks in the O Wasp Top 10 project.

01:23

In this course, we used the 2017 version of the O Wasp Top 10 projects.

01:29

An important thing here is even if the WASP Top 10 launched a new version, the information about these attacks won't change.

01:37

Some vulnerabilities and attacks have become less popular, and maybe the new type of tax can be found more.

01:42

But that's why it's important to understand Web server logs.

01:47

After this introduction, we started talking about the attacks,

01:51

vulnerability scans, brute force attacks, SQL injection file inclusion, cross site scripting and cross site request forgery.

01:59

For each of these attacks, we gave some directions on how to identify them. For example, the user agent can help a lot. But don't forget that http requests can be crafted.

02:09

Remember to understand what the log means, what the log wants to say to you.

02:15

Remember the questions who, what and when.

02:19

Look for key components of the log like the I P address.

02:22

And don't worry if you don't understand all the log fields,

02:25

log analysis skills improve with practice.

02:29

The more log analysis you do, the better you'll be.

02:31

And after all these attacks and log analysis, we talked about TCP and http Flood, and we discussed how to identify them

02:39

and to finish the course. We talked about two really important tools that help stock analysts. I ps slash i ds and UAF

02:49

to conclude some final words.

02:52

Many helped the course architect Igor Vieira during this course, but he would like to mention three teaching assistance that helped him with this class.

03:00

Thank you.

03:00

He really appreciates the help.

03:04

Ah, final thanks to all the Sai Buri staff. And now

03:07

thank you for watching this course. Igor Vieira really enjoyed the time spent creating this course.

03:14

We hope you really enjoyed this course and we hope it improved your knowledge and motivated you to continue learning

03:20

to continue learning. Please check out the cyber re catalog. There are many great courses.

03:25

If you have any questions or doubts,

03:28

please contact the course architect Igor Vieira.