ModSecurity Trustwave
This blog has moved! Please update your
bookmarks to

ModSecurity Blog: April 2008

Great talks at OWASP AppSec Europe 2008 in Belgium

Judging from the list of talks alone, it looks like OWASP AppSec Europe in Belgium is going to be a great conference, especially if you are interested in web application firewalls and ModSecurity:

  1. I will be giving a talk on web application firewall evaluation (Evaluation Criteria for Web Application Firewalls), which will be based on the Web Application Firewall Evaluation Criteria (WAFEC) project.
  2. Christian Folini will be discussing the REMO project (Positive ModSecurity rulesets / Input validation).
  3. Alexander Meisel will be talking about how to best use a web application firewall (Best Practices Guide: Web Application Firewalls), which is based on the document of the same name (available in German, as PDF).
  4. Mario Heiderich will be promoting the PHPIDS project (PHPIDS Monitoring attack surface activity).

Ofer Shezaf, the Core Rules guru, and Ryan Barnett, the ModSecurity Community Manager will be there (Ofer will be giving his talk about web hacking trends: Trends in Web Hacking Incidents: What's Hot in 2008), as will be Christian Bockermann (it is rumoured), who has been working on some very interesting software related to ModSecurity.

Finally, Ryan is going to be teaching a two-day ModSecurity training course, which will cover a lot of ground, starting from the basics and into the advanced stuff. This is a great-value course, and I urge you to register if you are a ModSecurity user. You will not only find out about stuff you never knew existed in ModSecurity, but we will also give a thorough overview of various web application security issues.

In the recent survey, many people expressed a desire to meet with other ModSecurity users. Our community is large, but it's very diverse and spread geographically, and probably not yet large enough for regular local meetings. It strikes me that OWASP conferences may be a great opportunity for us to meet twice a year—once in Europe, and then the second time in the US. If you will be coming to the conference in Belgium and you are a ModSecurity user, please send me an email. With enough people interested, we may be able to organise a meeting.

PCI Council clarifies Requirement 6.6, ends ambiguities

If you care about the PCI standard, you should head over to my personal blog, where I have published a summary of the clarifications made by the PCI Council regarding Requirement 6.6 (code reviews and application firewalls).

ModSecurity Community Console v1.0.3 Now Available

I've just released an update to ModSecurity Community Console, our free audit log aggregation solution with support for up to 3 ModSecurity sensors. The focus of this release is the support for part K of the ModSecurity audit log format (list of rules that matched in the transaction being recorded), which was added to ModSecurity in version in 2.5. I also used the opportunity to update the documentation, change the Console to work over SSL by default, and improve performance (by dropping a large number of indexes that were just slowing everything down).

ModSecurity Training at OWASP AppSec Europe

We are excited to announce that a ModSecurity 2-day training class has been added to the upcoming OWASP AppSec Europe Conference set for May 19-20 in Belgium.

We are extremely excited that OWASP has added this class to their training offerings as this allows ModSecurity users a chance to for live training, labs and discussions. The public ModSecurity mailing list is great, however nothing can beat a live environment where users can test out new features of ModSecurity 2.5 and have hands-on challenging labs where they can utilize their new ModSecurity virtual patching-fu to try and fix issues in demo buggy web applications :)

It should be a blast and we are looking forward to meeting many ModSecurity users face-to-face.

FYI - for those ModSecurity users who can't make the trip to this OWASP conference, don't despair!  Keep an eye out for an announcement soon about a live 2-day Mod training offering in the US this summer.

ApacheCon Europe: Web Intrusion Detection with ModSecurity

I've had a pleasure of participating in ApacheCon Europe in Amsterdam this week. Paradoxically, although I've been involved with the Apache web server for years, this was my first ApacheCon conference ever. Meeting the people I've been exchanging emails with for years was priceless. My presentation (Web Intrusion Detection with ModSecurity, available for download now) was well received, judging from the comments I have received afterwards, and from what both Rich and Nick have written in their blogs.


November 2010
Sun Mon Tue Wed Thu Fri Sat
1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30


Atom Feed



Recent Entries