14.4.2021 Introduction ModSecurity CRS | Einladung zum OWASP Hamburg Stammtisch / Invitation to OWASP Hamburg Stammtisch

17 views
Skip to first unread message

Dirk Wetter

unread,
Mar 30, 2021, 3:10:54 PM3/30/21
to germany...@owasp.org
Moin!

The OWASP Hamburg Stammtisch will have its next online event in a bit more
than two weeks. Presenting language will be English again.

Now we are at the defender-side of the table. Modsecurity is a cool thing
but the rule set is maybe not as easy to deal with so this is an opportunity
to get first hand info from Christian Folini. He co-leads the
OWASP ModSecurity Core Rule Set project.

TLDR:
======
Title: "ModSecurity Core Rule Set (CRS)"
Speaker: Christian Folini
Location: Online, please check the link the day before
Start: 14th of April 2021, 7:00 pm (CET)
Networking: Stick around afterwards if you like.


Abstract:
=========
This is a basic introduction to the OWASP ModSecurity Core Rule Set
(CRS). The talk presents ModSecurity as an open source web application
firewall, runs an installation demo for CRS, presents important group
of rules and explains the core concepts like anomaly scoring, paranoia
levels and strict siblings along the way.

Traditionally, the OWASP ModSecurity Core Rule Set, an OWASP flagship
project, has been hard to use. However, the release of CRS 3.0 in 2017
and the advancements made up to CRS 3.4 successfully removed most of the
false positives in the default installation


Bio:
====
Christian Folini is a security engineer and open source enthusiast. He
holds a PhD in medieval history and enjoys defending castles across
Europe. Unfortunately, defending medieval castles is not a big
business anymore and so, he turned to defending web applications, which
he finds equally challenging. He brings more than ten years of experience
with ModSecurity configuration in high security environments, DDoS defense
and threat modeling.

Christian Folini is the author of the second edition of the ModSecurity
Handbook and the best known teacher on the subject. He serves as the program
chair of the "Swiss Cyber Storm" conference, the prime security conference
in Switzerland. He is a frequent speaker at conferences, where he tries to
use his background in the humanities to explain hardcore technical topics
to audiences of different backgrounds.


How to participate
==================
OWASP Hamburg Meetup subscribers who RSVP'd for the event will see the conference
URL and can join the video conference directly. Attentions: I'll update the invite
URL like a day before. The one which meetup currently displays is subject to change.

If you don't want to login into meetup: no problem. Just reply to this
e-mail and I'll send you the link beforehand. Let me know whether German would
work for you too.


Our OWASP "Stammtisch"
=========================
Our meeting is about web applications and their (in)security and/or about IT security
in general. People come together who care as a hobby or in their job about information
security: developers, managers, pentesters and everybody else who's interested. The
atmosphere is open and relaxed. Who's coming to sell products or services: Please move
on, this is not the right place. OWASP is about education and sharing (mostly)
technical information.

Feel free to forward our meetup URL to your colleagues or friends. They are welcome, too.
Participation is free and open -- as the O in OWASP.


Cheers, Dirk



--
OWASP Volunteer
Send me encrypted mails (Key ID 0x4D9CA7F2E2FA20B3)

Javan Rasokat

unread,
Mar 31, 2021, 5:23:50 AM3/31/21
to Germany chapter, di...@owasp.org
Two days ago Cloudflare announced that they upgraded to CRS 3.3 and introduced the CRS "paranoia levels": https://blog.cloudflare.com/new-cloudflare-waf/
I would definitely be interested to hear Christians opinion on that!
And of course version 3.3 vs. 3.4 :-)

Looking forward to it.

Dirk Wetter

unread,
Apr 13, 2021, 4:45:11 AM4/13/21
to germany...@owasp.org
Hi,

this is a reminder for tommorows presentation of Christian's
ModSecurity CRS introduction.

For all who like to participate and want to not use meetup please
reply to me only. I'll send the video URL to join (we're using this
time the BBB service from https://cyber4edu.org which is GDPR
friendly).

Cheers, Dirk
Reply all
Reply to author
Forward
0 new messages