ApacheCon Europe: Web Intrusion Detection with ModSecurity
I've had a pleasure of participating in ApacheCon Europe in Amsterdam this week. Paradoxically, ...
Read MoreWeb Application Firewall Concepts
I went through all my ModSecurity Blog posts yesterday, partly to admire myself for blogging ...
Read MoreModSecurity User Survey
With the release of ModSecurity 2.5 yesterday, this seemed like the perfect time to get feedback ...
Read MoreModSecurity 2.5 Released
The final version of ModSecurity 2.5.0, the long awaited next stable version of ModSecurity, is now ...
Read MoreWeb Hacking Incidents Database Annual Report for 2007
Breach Labs which sponsors WHID has issued an analysis of the Web Hacking landscape in 2007 based ...
Read MoreModSecurity 2.5 Status
The ModSecurity 2.5 release is scheduled for early/mid February. With the ModSecurity 2.5 release ...
Read MoreContent Injection Use Case Example
ModSecurity 2.5 introduces a really cool, yet somewhat obscure feature called Content Injection. ...
Read MoreYes, the Tide for Web Application Firewalls is Turning
Some time ago I decided to start a new blog, a place where I would be able to address the topics ...
Read MoreModSecurity Data Formats
I have just added a new section to the ModSecurity v2.5 Reference Manual, describing the data ...
Read MoreSpeaking About ModSecurity at ApacheCon Europe 2008
I will be speaking about ModSecurity at ApacheCon Europe in Amsterdam later this year. I hear ...
Read MoreSQL Injection Attack Infects Thousands of Websites
Here is a snippet from the just released SANS NewsBites letter:
Read MoreSet-based Pattern Matching Example
Large Wordlist Example You will find the greatest benefit of using the set based matching opertors ...
Read MoreOWASP London Chapter December 6th Presentations Now Online
We've had a couple of very interesting presentations on the OWASP London Chapter December 6th ...
Read MoreInitial Release Candidate for ModSecurity 2.5.0 (2.5.0-rc1)
The first release candidate for the ModSecurity 2.5 release is now available. It has been a while ...
Read MoreUsing Transactional Variables Instead of SecRuleRemoveById
Using SecRuleRemoveById to handle false positives The SecRuleRemoveById directive is most often ...
Read MoreModSecurity 2.1.4 Now Available
ModSecurity 2.1.4 is the latest stable release of ModSecurity. The 2.1.4 release includes an ...
Read MoreInstallling ModSecurity
ModSecurity is a really powerful beast. It can do anything you want, at least when what you want ...
Read MoreWASC Distributed Open Proxy Honeypot: Blind SQL Injection Attempt (Update)
As some of you may know, I am heading up the WASC Distributed Open Proxy Honeypot Project. The ...
Read MoreModSecurity Training at OWASP/WASC AppSec 2007
I am very excited to announce that I will be instructing a live 2-day ModSecurity Training class at ...
Read MoreModSecurity 2.1.3 Now Available
ModSecurity 2.1.3 is the latest stable release of ModSecurity. The 2.1.3 release contains some ...
Read MoreWeb Services Security
NIST has released a new guide on securing Web Services. It is a pretty good read for anyone who is ...
Read MoreVirtual Patching During Incident Response: United Nations Defacement
Virtual Patching is a policy for a web application firewall (in this case ModSecurity) that is able ...
Read MoreModSecurity 2.1.2 Released
Today I released ModSecurity 2.1.2. This is the latest stable release of ModSecurity. The 2.1.2 ...
Read MoreOn Your Marks, Get Set, Go: Vulnerability Mitigation Race
In many ways vulnerability remediation is like a Track and Field race and the firing of the ...
Read MoreScallyWhack: ModSecurity Rules Package to Deal with Trac Comment Spam
Michael Renzmann wrote to the ModSecurity mailing list recently announcing project ScallyWhack. ...
Read MoreAnother ModSecurity Development Release
Last week I released the second ModSecurity development release, 2.5.0-dev2, in preparation for the ...
Read MoreApache Process Infection
A very interesting research paper titled "Apache Prefork MPM Vulnerabilities" was released a few ...
Read MoreOptimizing Regular Expressions
As many of you have noticed, the Core Rule Set contains very complex regular expressions. For ...
Read More