Showing 5 results for: February 2004 ×ModSecurity ×

Web Application Security Consortium Announced

A new organisation has just been announced: the Web Application Security Consortium. The consortium, formed by leading web security companies (Application Security, KaVaDo, Sanctum, SPI Dynamics, Inc. and WhiteHat Security) aims to establish web application security standards, and the terminology...

Paper on passive information gathering

TechicalInfo.Net is an excellent resource for Web Security information. Gunter Ollmann has provided a set of great papers, observations, and links to information gathering tools available on the Internet. The latest addition to this collection is a Passive Information Gathering...

AVDL Committee Draft is out

This morning I got news of AVDL becoming a Committee Draft; you can get it here. AVDL (Application Vulnerability Desciription Language) wants to establish a standard communication protocol between entities with different roles, involved in application vulnerability discovery, management, and...

JIRA license for ModSecurity

I am very happy to announce that I've been granted a free JIRA license to use with ModSecurity! I am grateful to SourceForge for their facilities but, face it, the quality is not that good. Also, since recently I am...

Free Apache hardening utility

Syhunt, a security tool company from Brazil, have released a free Apache configuration hardening utility. The utility feeds on Apache or PHP configuration files, and gives warnings and suggestions how to make the configuration more secure. I especially like the...