Attending a SANS conference for a training is a very rewarding opportunity, it is quite expensive but you receive the best quality training with very qualified instructors with a lot […]
Adopting OWASP CRS for your web site/app
Intro to the Core Rule Set OWASP ModSecurity Core Rule Set (CRS) is a set of attack and anomaly detection rules to protect web applications. The CRS in its latest […]
ModSecurity, ELK and A10:2017
ModSecurity as a WAF ModSecurity is open source has many awesome features and often is used as a reference and as a component of some WAF’s. The 2017 Magic Quadrant […]
Java serialization RCE detection
Java serialization Remote Command Execution detection ModSecurity rules In 2015 a interesting article published by Foxglove Security team put a vulnerability that exploited Java serialization on the spotlight, which was […]
WAF, yes, but why?
Web application firewalls (WAF) are being adopted by many as the first line of defense for their applications and platforms, that is good no doubt but there are several questions […]
New project
Welcome to the ModSecurity Positive rule set site! The project purpose is to provide an easy way to write your own custome modsecruity rules without having to be an expert […]