ModSecurity Trustwave
This blog has moved! Please update your
bookmarks to

ModSecurity Blog: February 2006

ModSecurity Elevator Pitch at EUSecWest

I spent some time this week at the EUSecWest conference here in London. EUSecWest is a highly-technical security conference. Organised by the same people that are doing CanSecWest, this is the first time they had a conference here in Europe. From what I hear, they liked it, so it's likely there will be another one next year.

The organisers were kind to invite me to give a short vendor talk: ten minutes of me explaining why ModSecurity is the best thing since sliced bread, followed by ten minutes of the audience asking questions. (You'll find the slides for my talk here: ModSecurity Elevator Pitch). Now, I am not your typicall vendor, but I jumped at the opportunity and it was fun. An advantage of doing an open source product is your audience can't complain about the price, especially when there's optional commercial support to go with the product. I thought the audience liked my proposal. Perhaps that's because I was "selling" ModSecurity to do tasks it really can do :)

Archive of Amit Klein's Work

Amit Klein is at it again with the release of his new paper Domain Contamination. The paper discusses how the HTTP caching mechanisms we have in wide use today work equally well for distribution and preservation of malicious content.

In case you are not familiar with Amit's work, he is one of the most productive web application security researchers I know. But up until last week there was not a single place where you could find his papers. So I decided to collect them and upload them to (With his permission, of course.)


November 2010
Sun Mon Tue Wed Thu Fri Sat
1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30


Atom Feed



Recent Entries