Java Floating Point DoS Attack Protection

As many of you may have heard, there is an interesting Java DoS scenario out -

Read More

NASDAQ News Renews Focus (sort of)

Reactive security is a common theme within many organizations and the reaction is usually not ...

Read More

TWSL2011-002: Vulnerabilities in Comcast DOCSIS 3.0 Business Gateways (SMCD3G-CCR)

The SpiderLabs team at Trustwave published a new advisory yesterday, which details three ...

Read More

LOIC DDoS Analysis and Detection

Submitted By Rodrigo Montoro

Read More

Advanced Topic of the Week: Generic Attack Payload Detection

The Inevitable Bypass of Blacklist Filtering Let's face the facts, blacklist filtering as a means ...

Read More

Trustwave's Global Security Report 2011: Web Application Risks

Yesterday, we released Trustwave's Global Security Report 2011 (short registration required). This ...

Read More

Trustwave's Global Security Report 2011- Now Available

Today we released Trustwave's Global Security Report 2011 (short registration required). This marks ...

Read More

SpiderLabs at Black Hat DC 2011

Next week, there will be several members of the SpiderLabs team at Black Hat DC. We'll be ...

Read More

Detecting Malice with ModSecurity: CSRF Attacks

This week's installment of Detecting Malice with ModSecurity will discuss how to detect and prevent ...

Read More

ModSecurity Advanced Topic of the Week: Credit Card Tracking

The just released CRS v2.1.0 includes Credit Card Tracking rules. These will both track legitimate ...

Read More

Welcoming Tom Brennan to SpiderLabs

I am pleased to announce that industry veteran Tom Brennan has joined the SpiderLabs team. If you ...

Read More

Welcome to SpiderLabs Anterior!

SpiderLabs is the advanced security team at Trustwave with a focus on Application Security, ...

Read More

Announcing Release of OWASP ModSecurity Core Rule Set v2.1.0

I am pleased to announce the release of the OWASP ModSecurity Core Rule Set (CRS) v2.1.0. This is a ...

Read More

Anti-Security and the Christmas Day Incident

On the morning of Dec. 25, yet another anti-security eZine was published, its contents this time ...

Read More

(Updated) Advanced Topic of the Week: Handling Authorized Scanning Traffic

Updated - the latest OWASP ModSecurity CRS release has a rules file to handle Authorized ...

Read More

Updated ModSecurity Demonstrations

ModSecurity Demonstration Projects We have a number of different ModSecurity Demonstration projects ...

Read More

thicknet: starting wars and funny hats

Man-in-the-middle attacks are old. Really, really old. Maybe even as old as ancient times, when ...

Read More

CVE-2010-4506 and CVE-2010-4507 Released

The SpiderLabs team published two new advisories today. The first, CVE-2010-4506, was discovered in ...

Read More

New Director of SpiderLabs EMEA Announced

I am very pleased to be able to announce on this blog that the SpiderLabs team has a new Director ...

Read More

Announcing Release of CRS v2.0.9

Greetings everyone,

Read More

Advanced Topic of the Week: Traditional vs. Anomaly Scoring Detection Modes

In the latest SVN trunk version of the CRS (2.0.9), we have implemented the capability for users to ...

Read More

Encrypting Data at Rest

Data should be encrypted at rest and in motion. In this post, I'll discuss encrypting data files ...

Read More

ModSecurity 2.5.13 release candidate

A release candidate of 2.5.13 ModSecurity into the svn repository (branch 2.5.x) is already ...

Read More

Detecting Malice with ModSecurity: IP Forensics

This week's installment of Detecting Malice with ModSecurity will discuss the value of obtaining ...

Read More

Detecting Malice with ModSecurity: GeoLocation Data

I would like to introduce a new blog series entitled - Detecting Malice with ModSecurity and will ...

Read More

ModSecurity Life cycle

We are proud to announce the new release 2.5.13 is under development and will be released next ...

Read More

ModSecurity User Survey Results Released

As a result of the acquisition of Breach Security (and thus ModSecurity) by Trustwave, we thought ...

Read More

Advanced Topic of the Week: Request Header Tagging

Request Header Tagging

Read More