Blogs & Stories

SpiderLabs Blog

Attracting more than a half-million annual readers, this is the security community's go-to destination for technical breakdowns of the latest threats, critical vulnerability disclosures and cutting-edge research.

ModSecurity Status Report

I enjoyed talked about ModSecurity (and web application firewalls) in front of the London OWASP Chapter last night. It's been a while since I talked about ModSecurity. Most of my talks last year were of generic nature, discussing web application firewalls with ModSecurity only mentioned here or there. It was a conscientious effort on my part to help the users make up their own minds. But I think I've done enough of that. It's time to go back to banging on my own drum, so to speak.

My talk, now available from the ModSecurity web site, is a good overview of the current state of ModSecurity. There's a bit of everything in it: why web application firewalls (with use cases), current and future ModSecurity features, and a mention of the related projects. There is only 13 slides in the presentation but it covers a lot of ground.