Showing 4 results for: July 2011 ×ModSecurity Rules ×

ModSecurity SQL Injection Challenge: Lessons Learned

This is a post-mortem blog post to discuss the successful Level II evasions found by participants during the recent ModSecurity SQL Injection Challenge. First of all, I would like to thank all those people that participated in the challenge. All...

Announcing Release of OWASP ModSecurity Core Rule Set v2.2.1

I am pleased to announce the release of the OWASP CRS v2.2.1. This is a significant update with regards to SQL Injection protections. Trustwave's SpiderLabs Team conducted an analysis/review of the SQL Injection Challenge Level II evasions - http://www.modsecurity.org/demo/challenge.html and...