Introduction to the OWASP ModSecurity Core Rule Set

Explore the fundamentals of web application security in this 44-minute webinar presented by Christian Folini at Nullcon. Delve into the OWASP ModSecurity Core Rule Set (CRS), a powerful open-source tool designed to protect web applications from a wide range of attacks. Learn about the concept of Web Application Firewalls (WAFs), the ModSecurity engine, and key CRS features such as paranoia levels, stricter siblings, and anomaly scoring. Witness a live demonstration of the ruleset's detection capabilities and gain insights into managing false positives, custom responses, and rule updates in enterprise environments. Benefit from Folini's extensive experience in high-security ModSecurity configuration, DDoS defense, and threat modeling as he bridges complex technical concepts with his unique background in medieval history.

Introduction
Christian Folini
Why use a Web Application Firewall
What is ModSecurity
Rules on Top
How does it work
Levels of paranoia
How does that look
Confirmed
Anomaly Scoring
Demo
Problem false positives
Summary
Questions
Custom Response
Rule Updates
How to manage this on enterprise level
Karraza
Dust
payload
antiautomation
plugins