OWASP-Hamburg Stammtisch: Vortrag (online) zu OWASP ModSecurity Core Rule Set 4: May 9, 6:30pm CEST

17 views
Skip to first unread message

Dirk Wetter

unread,
Apr 27, 2022, 5:09:05 AMApr 27
to germany...@owasp.org

Moin,

der OWASP Hamburg Stammtisch freut sich auf ein weiteres Online-Event -- in English. And what we have to present is pretty interesting.

We welcome again Christian Folini, project lead for the OWASP Core Ruleset, as our guest. As the title indicates there's a new CRS release coming up. Christian explains what that is about. Presentation language is English probably, as mentioned. It would be great though if you could answer the question in the RSVP accordingly.


TL:DR;)

-------

Title: "What's new with the ModSecurity Core Rule Set 4.0"
Speaker: Christian Folini
Location: Online, link is available 1-2 days before
Start: 9th of May 2022, 6:30 pm (CEST)
Networking: Stick around afterwards a bit. Grab a soda, beer, a wine or the like.


Abstract

--------

Building on the basic introduction to the OWASP ModSecurity Core Rule Set (CRS) presentation from April 2021, this talk will present an overview of the upcoming CRS 4.0 release. We will look at new features like the
plugin functionality, new rules and important changes.

The talk will also cover the situation around ModSecurity and the emerging alternative WAF engine Coraza.


Bio

---

Christian Folini is a security engineer and open source enthusiast. He
holds a PhD in medieval history and enjoys defending castles across
Europe. Unfortunately, defending medieval castles is not a big
business anymore and so, he turned to defending web applications, which he finds equally challenging. He brings more than ten years of experience with ModSecurity configuration in high security environments, DDoS defense and threat modeling. Christian Folini is the author of the second edition of the ModSecurity
Handbook and the best known teacher on the subject. He serves as the program chair of the "Swiss Cyber Storm" conference, the prime security conference in Switzerland. He is a frequent speaker at conferences, where he tries to use his background in the humanities to explain hardcore technical topics to audiences of different backgrounds.


How to participate

------------------

As always participation is free, no strings attached. If you want to attend you either will see at Meetup (https://www.meetup.com/OWASP-Hamburg-Stammtisch/events/285386836/) the event URL at the RHS and are able to join the video conference directly -- when you rsvp'd. I'll update the invite URL ~ 1-2 days before. THE ONE WHICH YOU SEE NOW IS NOT CORRECT. Also you would need a PIN which will be added then.

Alternatively if you send me an e-mail I am happy to send you 1-2 days before the access information.


Please make sure when the talk starts your video and audio is off.



Our OWASP "Stammtisch"

----------------------

Our meeting is about web applications and their (in)security and/or about IT security in general. People come together who care as a hobby or in their job about information security: developers, managers, pentesters and everybody else who's interested. The atmosphere is open and relaxed. Who's coming to sell products or services: Move on, this is not the right place. OWASP is about education and sharing (mostly) technical information.
Feel free to forward our meetup URL to your colleagues or friends. They are welcome, too. Participation is free and open -- as the O in OWASP.


Cheers, Dirk



-- 
OWASP Volunteer
Send me encrypted mails (Key ID 0x4D9CA7F2E2FA20B3)

Dirk Wetter

unread,
May 8, 2022, 5:15:39 AMMay 8
to germany...@owasp.org
Reminder: Das wäre dann morgen.

Schönen Gruß, Dirk

Dirk Wetter

unread,
May 9, 2022, 9:31:16 AMMay 9
to germany...@owasp.org

Moin,

leider ist der Sprecher erkrankt.

Wir verschieben das Ganze auf den 19.5. Mehr folgt.

Schönen Start in die Woche

Dirk

Dirk Wetter

unread,
May 17, 2022, 10:00:59 AMMay 17
to germany...@owasp.org
Moin in die Runde,

wie angekündigt haben wir das Ganze 1:1 auf übermorgen (Donnerstag geschoben): https://www.meetup.com/OWASP-Hamburg-Stammtisch/events/285798450/

Sag mir Bescheid, wenn du dabei sein willst. Wenn du auf Meetup dein RSVP nicht hinterlassen möchtest, verschicke ich auf Nachfrage gerne die Zugangsdaten.



As indicated we postponed the presentation below to the day after tomorrow, i.e. Thursday. See also here: https://www.meetup.com/OWASP-Hamburg-Stammtisch/events/285798450/

If you don’t want to RSVP @ Meetup I am happy to send you the access information upon request.



Thanks, Dirk
Reply all
Reply to author
Forward
0 new messages