Anti-Security and the Christmas Day Incident
December 29, 2010
On the morning of Dec. 25, yet another anti-security eZine was published, its ...
(Updated) Advanced Topic of the Week: Handling Authorized Scanning Traffic
December 21, 2010 | Ryan Barnett
Updated - the latest OWASP ModSecurity CRS release has a rules file to handle ...
Updated ModSecurity Demonstrations
December 16, 2010
ModSecurity Demonstration Projects We have a number of different ModSecurity ...
thicknet: starting wars and funny hats
December 13, 2010 | nosteve
Man-in-the-middle attacks are old. Really, really old. Maybe even as old as ...
CVE-2010-4506 and CVE-2010-4507 Released
December 11, 2010 | Josh Grunzweig
The SpiderLabs team published two new advisories today. The first, ...
New Director of SpiderLabs EMEA Announced
December 09, 2010 | SpiderLabs Anterior
I am very pleased to be able to announce on this blog that the SpiderLabs team ...
Announcing Release of CRS v2.0.9
November 18, 2010 | SpiderLabs Anterior
Greetings everyone,
Advanced Topic of the Week: Traditional vs. Anomaly Scoring Detection Modes
November 18, 2010 | SpiderLabs Anterior
In the latest SVN trunk version of the CRS (2.0.9), we have implemented the ...
Encrypting Data at Rest
November 16, 2010
Data should be encrypted at rest and in motion. In this post, I'll discuss ...
ModSecurity 2.5.13 release candidate
November 05, 2010 | SpiderLabs Anterior
A release candidate of 2.5.13 ModSecurity into the svn repository (branch ...
Detecting Malice with ModSecurity: IP Forensics
November 03, 2010 | SpiderLabs Anterior
This week's installment of Detecting Malice with ModSecurity will discuss the ...
Detecting Malice with ModSecurity: GeoLocation Data
October 27, 2010 | SpiderLabs Anterior
I would like to introduce a new blog series entitled - Detecting Malice with ...
ModSecurity Life cycle
October 22, 2010 | SpiderLabs Anterior
We are proud to announce the new release 2.5.13 is under development and will ...
ModSecurity User Survey Results Released
October 21, 2010
As a result of the acquisition of Breach Security (and thus ModSecurity) by ...
Advanced Topic of the Week: Request Header Tagging
October 21, 2010
Request Header Tagging
Welcome Aboard Breno Silva
October 13, 2010 | SpiderLabs Anterior
I am excited to announce that Breno Silva has joined Trustwave's SpiderLabs ...
Advanced Topic of the Week: Preventing Malicious PDF File Uploads
October 06, 2010 | SpiderLabs Anterior
Many reports have indicated that malicious PDFs that exploit flaws in Adobe's ...
Advanced Topic of the Week: XSS Defense via Content Injection
September 28, 2010
Introduction In last week's post on Identifying Improper Output Handling, we ...
Advanced Topic of the Week: Identifying Improper Output Handling (XSS Flaws)
September 21, 2010
A Topic Presents Itself
Advanced Topic of the Week: Validating SessionIDs
September 14, 2010 | SpiderLabs Anterior
This week's topic discusses how to validate application SessionIDs submitted by ...
WASC WHID Bi-Annual Report for 2010
September 09, 2010 | SpiderLabs Anterior
The Web Hacking Incident Database (WHID) is a project dedicated to maintaining ...
Advanced Topic of the Week: Real-time Blacklist Lookups
September 07, 2010 | SpiderLabs Anterior
This week's feature is the effective use of Real-time Blacklist lookups (@rbl).
Advanced Topic of the Week: Transformation Functions
September 01, 2010 | SpiderLabs Anterior
This week's feature is the effective use of Transformation functions.
OWASP ModSecurity CRS Project Promoted to Release Quality
August 30, 2010 | SpiderLabs Anterior
I am excited to announce that the OWASP ModSecurity Core Rule Set (CRS) has ...
OWASP ModSecurity Core Rule Set (CRS) v2.0.8 Released
August 27, 2010 | SpiderLabs Anterior
Greetings everyone, I wanted to announce the availability of the OWASP ...
Advanced Topic of the Week: Validating Byte Ranges
August 24, 2010
We are starting a new blog post series here on the ModSecurity site called ...
What's up @ ModSecurity?
August 11, 2010
Since Black Hat and DEFCON we have been busying building teams and aligning ...
ModSecurity Happy Hour @ Black Hat USA
July 21, 2010 | SpiderLabs Anterior
ModSecurity Community,