ModSecurity Breach

ModSecurity Blog

« What's the Score of the Game? | Main | What's the Score of the Game - Part 2: Web Security Metrics »

ModSecurity Training at Blackhat USA

We are excited to announce that Breach Security will be running the 2-day ModSecurity Bootcamp class at this year's Blackhat conference in Las Vegas, NV!  We are currently scheduled for 1 session on August 2nd - 3rd, however if there is enough interest we might expand and add another class during the week. 

Our goal is to have something for everyone. If you are a new user, then this will get you up to speed quickly with the basics of Mod, the Core Rules, etc... If you are an intermediate user, we will have some good topic coverage for common "gotchas" with rule writing and log analysis tips and tricks. And for advanced users, we have some sections dealing with the more complex and newer Mod 2.5 features (persistent collections with custom variables for identify brute force attacks, etc...).

The culmination on the afternoon of day 2 is an open "Virtual Patching" lab where we will front-end the OWASP WebGoat application and then try and use ModSecurity to address each vulnerability in the individual labs. This will be truly challenging for all participants as there are some labs that are pretty straight forward rules to prevent injection types of vulns. There are others, however, that are much more challenging to address “externally” with a WAF – so the advanced folks can try out their Mod Rules King-Fu!!!

I hope to see you all in Vegas.

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00e5512c9d3a883300e552824ebe8833

Listed below are links to weblogs that reference ModSecurity Training at Blackhat USA:

The comments to this entry are closed.

Calendar

November 2010
Sun Mon Tue Wed Thu Fri Sat
1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30

Feeds

Atom Feed

Search

Categories

Recent Entries

Archives