Thinking Outside the Black Box: COTS Web App Security with Apache

The open-source Apache web server, with its wide array of included and third-party modules, is an often overlooked option for reducing risk in commercial-off-the-shelf (COTS) web applications when accessible via unfriendly networks. This presentation will cover using Apache to facilitate access, improve logging of web COTS, and defend against known and unknown vulnerabilities to web COTS when the time to apply a patch poses an unacceptable risk, as well as how Apache can be used to mitigate the damage of a malware outbreak—all with little added expense, a little Apache savvy, and no sales people.

OUTCOMES:
Understand that security doesn't always require large capital investment or sales people * Get a handful of out-of-the-box, practical security examples * Obtain an alternative perspective on defending web applications