Will Woodson | Senior Security Engineer

Will Woodson | Senior Security Engineer
Will's background is in security operations, working in the financial services sector and as a federal employee in engineering & analytical roles. He holds several industry certifications including a CISSP and is active in multiple information security community groups.
Find me on:

Recent Posts

Using the Web App Kill Chain to Identify & Neutralize Threats

Posted by Will Woodson | Senior Security Engineer on Sep 11, 2018 12:11:02 PM

There is an ongoing debate among security professionals surrounding the most effective ways to monitor, detect, classify, and ultimately, block malicious threats. Up to this point, the majority of security solutions hang their hats on monitoring and reacting to binary attacks or action. While this approach may provide the peace of mind that nearly every malicious attack will be blocked, it also results in ample false positives and disruption to legitimate prospect or customer web traffic. The frustration from security teams has prompted the search for another way. Enter, The Web Application Kill Chain

Read More

Topics: Web, Application & Hybrid Cloud Security

Combatting Botnet Traffic with Behavioral Analysis: Part III

Posted by Will Woodson | Senior Security Engineer on Jul 12, 2018 11:54:37 AM

In the first two parts of this series we discussed methods to identify and block a few different types of botnet traffic, namely commodity comment/form spam and slightly more targeted attacks like distributed password guessing. This final part covers a slightly different way of analyzing malicious web traffic: grouping attackers based on their behavioral characteristics.

Read More

Topics: Threat Intelligence

Combatting Botnet Traffic with Behavioral Analysis: Part II

Posted by Will Woodson | Senior Security Engineer on Jun 28, 2018 11:28:17 AM

The previous post in this series discussed comment spam, one of the most pervasive forms of 'botnet' web traffic and accordingly, one of the least targeted varieties of attack. Part II will discuss a more serious form of botnet traffic: Targeted attacks that are coordinated centrally and distributed across multiple actors in an attempt to avoid security controls.

Read More

Topics: Threat Intelligence

Combatting Botnet Traffic with Behavioral Analysis: Part I

Posted by Will Woodson | Senior Security Engineer on Jun 6, 2018 7:25:47 AM

The following is the first post in a three-part series surrounding bot detection and neutralization based on botnet analysis. The series will begin by addressing commodity form/comment spam. 

One of the unfortunate realities of running a site on the Internet is the amount of "background noise" -- the automated, unsophisticated, poorly targeted attacks, which make up the bulk of malicious web traffic. For the sake of this series, we're calling this 'botnet' traffic. 

Botnet traffic can be a nuisance, no doubt, but it isn't necessarily interesting or deserving of action until viewed in aggregate. The posts in this series describe methods for identifying and blocking botnet traffic, and aggregating this data, each through a different case:
 
1. Identifying Bot Behavior - Form Spam 
2. Bot Behavior - Distributed Attacks
3. Behavioral Analysis - Grouping Bot Actors
 
Read More

Topics: Threat Intelligence

Threat X Labs - Blog

Arm yourself with information and insights on the latest cybersecurity trends to defend against today's most advanced cyber criminals with articles from the leader in SaaS-based web application firewall solutions.

Subscribe Here!

Recent Posts

Follow Me