How quickly does your application respond to security threats?

Most applications rely on security logs (assuming they are present) sent to a monitoring repository, where they are correllated against other activity, analyzed for risk, and responded to when the monitoring team has time.

At that point, an attacker may already have breached the application, or gotten enough information to come back later. Instead, what if we allowed the application to block malicious activity automatically before it had time to become an issue?

In this session, I will present several strategies for developing traps and pitfalls within an application that can catch hacker behavior, and even block the offending user, before any damage is done.