At Black Hat USA 2005, we introduced the concept of a "self-defending web applications" and marked the initial launch of Project Parægis.
The talk proposed moving security logic from the network perimeter into the application layer, allowing applications to become aware of their execution context and respond dynamically to threats.
Key areas discussed:
- The limitations of perimeter-based security for logical application flaws.
- Architecture for runtime instrumentation and context-aware validation.
- Demonstration of the Parægis open-source framework.