We all use monitoring - after all, we all want to ensure that our applications are working as expected. But can hackers use it to exploit our application? Join me to explore different ways to exploit application monitoring tools, and what mitigations we can use.
14. @omerlh
Threat Modeling
● What are we building?
● What can go wrong?
● What are we doing about it?
● Did we do a good job?
15. @omerlh
White-box Monitoring
Monitoring based on metrics exposed by the internals of the system, including
logs, interfaces like the Java Virtual Machine Profiling Interface, or an HTTP
handler that emits internal statistics.
60. @omerlh
Key Take Away
● Monitoring is just code
● Careful when exposed to the internet
● Use cache when possible
● Conduct threat model for black-box
monitoring