Explore a comprehensive conference talk on identifying web application performance bottlenecks and potential security vulnerabilities through HTTP request analysis. Learn about the HTTP Time Bandit tool, designed to pinpoint resource-consuming pages in web applications by submitting a series of regular requests and analyzing the gathered data. Discover how this information can be used for both performance optimization and potential DOS/DDOS attacks. Gain insights into the tool's testing and attacking capabilities through live demonstrations on various targets. Delve into topics such as exotic authority, formal methods, Linux examples, graph symmetry, load balancers, proxy servers, protection services, baseline security, and resource consumption. Understand the motivations behind this approach, evasion techniques, and recommended usage scenarios. Examine the implications for CPU-intensive processes and explore potential future developments in this field.