Blogs & Stories

SpiderLabs Blog

Attracting more than a half-million annual readers, this is the security community's go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.

ModSecurity Console Now Available

ModSecurity Console ScreenshotI love the command line, I do. But there are some tasks where this type of user interface is simply not enough. Monitoring ModSecurity is one of them. Sifting through gigabytes of log files looking for clues and trying to correlate events is not an experience I can recommend to anyone. Therefore it gives me great pleasure to announce the immediate availability of ModSecurity Console (v1.0.0-rc-2) for both testing and deployment. It's a daemon application that collects audit log entries from remote ModSecurity sensors. It also comes with an embedded web server and a database engine to power the web-based user interface. It has a number of features you'd expect from a product of this type - I am not going to rave about them here even though I am pretty excited about the whole thing.

I am excited because the imminent stable release of ModSecurity Console is a milestone for me and for Thinking Stone. I had designed the console several years ago but it wasn't until this year, when Thinking Stone took off, that we started the development. It's almost a surreal feeling to see this thing, which I've kept in my head for so long, actually working in real life.

As for Thinking Stone, the excitement comes from the fact that we are now going to see whether the business model I have adopted (continue to provide ModSecurity for free, charge a reasonable sum for the add-on product) is going to work. I know we have a very large user base. The challenge now is converting enough of them from users to customers.

P.S. You can download ModSecurity Console from Thinking Stone Network straight away.