The OWASP ModSecurity Core Rule Set (CRS) is a set of generic attack detection rules for use with ModSecurity or compatible web application firewalls. The CRS aims to protect web applications from a wide range of attacks, including the ones described by the OWASP Top Ten project, with a minimum of false alerts.
This presentation introduces the audience to the concept of a web application firewall (WAF) and describes the open-source WAF engine ModSecurity. The talk presents CRS with its key features like paranoia levels, the concept of stricter siblings, and anomaly scoring. It demonstrates the excellent detection abilities of the ruleset.