Installling ModSecurity
ModSecurity is a really powerful beast. It can do anything you want, at least when what you want ...
Read More
WASC Distributed Open Proxy Honeypot: Blind SQL Injection Attempt (Update)
As some of you may know, I am heading up the WASC Distributed Open Proxy Honeypot Project. The ...
Read MoreModSecurity Training at OWASP/WASC AppSec 2007
I am very excited to announce that I will be instructing a live 2-day ModSecurity Training class at ...
Read MoreModSecurity 2.1.3 Now Available
ModSecurity 2.1.3 is the latest stable release of ModSecurity. The 2.1.3 release contains some ...
Read MoreWeb Services Security
NIST has released a new guide on securing Web Services. It is a pretty good read for anyone who is ...
Read MoreVirtual Patching During Incident Response: United Nations Defacement
Virtual Patching is a policy for a web application firewall (in this case ModSecurity) that is able ...
Read MoreModSecurity 2.1.2 Released
Today I released ModSecurity 2.1.2. This is the latest stable release of ModSecurity. The 2.1.2 ...
Read MoreOn Your Marks, Get Set, Go: Vulnerability Mitigation Race
In many ways vulnerability remediation is like a Track and Field race and the firing of the ...
Read MoreScallyWhack: ModSecurity Rules Package to Deal with Trac Comment Spam
Michael Renzmann wrote to the ModSecurity mailing list recently announcing project ScallyWhack. ...
Read MoreAnother ModSecurity Development Release
Last week I released the second ModSecurity development release, 2.5.0-dev2, in preparation for the ...
Read MoreApache Process Infection
A very interesting research paper titled "Apache Prefork MPM Vulnerabilities" was released a few ...
Read MoreOptimizing Regular Expressions
As many of you have noticed, the Core Rule Set contains very complex regular expressions. For ...
Read MoreManaging ModSecurity Alerts: More Console Tuning
In a previous Blog entry, I outlined a number of steps that you could take to increase performance ...
Read MoreExtended Validation Certificates: A Change for the Better (But Not Enough)
On June 12th, 2007, the CA/Browser Forum (a group that consists of leading certificate authorities ...
Read MoreUniversal PDF XSS Revisited
The Universal PDF XSS vulnerability was a tipping point for most people involved with web ...
Read MoreModSecurity Rule for Full-width/Half-width Unicode Evasion Detection
You have probably heard it by now, but US-CERT released a Vulnerability Note last week entitled ...
Read MoreModSecurity 2.2.0 Development Releases
Hello all. As this is my first official blog entry, let me first start off with a short ...
Read MoreModSecurity Console Performance Tuning
Help, my ModSecurity Community Console is not responding!" Perhaps you have seen this type of email ...
Read MoreModSecurity Migration Matrix
For all of you who are using ModSecurity 1.x and looking for information on migrating to Mod 2.x, ...
Read MoreWebinar Featuring WHID on the Top Trends in Web Application Threats
On April 11th I'm going to present a webinar on web application security, with a twist. The Webinar ...
Read MoreRegular Expression Development Tools
Since ModSecurity is based on regular expressions. Writing rules requires developing and testing ...
Read More2.1/1.x Rule Differences For Identifying Missing/Empty Headers and Variables
There are certain scenarios where you might want to create white-listed ModSecurity rulesets which ...
Read MoreModSecurity Console: Purpose and Deployment
If you have more then 1 ModSecurity installation, you have undoubtedly run into issues with ...
Read MoreModSecurity ASCIIZ Evasion
It has been brought to our attention that a fault in the ModSecurity parsing code has been ...
Read MoreModSecurity Status Report
I enjoyed talked about ModSecurity (and web application firewalls) in front of the London OWASP ...
Read MoreHandling False Positives and Creating Custom Rules
It is inevitable; you will run into some False Positive hits when using web application firewalls. ...
Read MoreDealing with Impedance Mismatch
In my previous post I described a potential problem with web application firewalls protecting web ...
Read MoreTesting Core Rules Protection For An Example SQL Injection Vulnerability
SANS released their 6th edition of the @RISK Weekly News Letter. In it, there were a total of 44 ...
Read More