Inquiry On ModSecurity C.R.S. Effectiveness Against A.I.-Based Attacks...
18 views
Skip to first unread message
Michael Bullut
Mar 19, 2026, 5:25:00 AMMar 19
to modsecurity-core...@owasp.org
Good Afternoon Team,
I hope you are all doing well.
I am writing to the list to gather some perspective on the current capabilities and roadmap for the ModSecurity Core Rule Set (C.R.S.) regarding the mitigation of AI-based attacks.
As the threat landscape evolves, we are seeing an uptick in sophisticated, automated attacks - specifically those using Large Language Models (L.L.M.s) to bypass traditional regex-based filters through advanced obfuscation, or "jailbreak" attempts targeting integrated A.I. applications.
While C.R.S. is the industry gold standard for catching "low and slow" attacks and known injection patterns, I am curious about the community’s stance on a few points:
I am writing to the list to gather some perspective on the current capabilities and roadmap for the ModSecurity Core Rule Set (C.R.S.) regarding the mitigation of AI-based attacks.
As the threat landscape evolves, we are seeing an uptick in sophisticated, automated attacks - specifically those using Large Language Models (L.L.M.s) to bypass traditional regex-based filters through advanced obfuscation, or "jailbreak" attempts targeting integrated A.I. applications.
While C.R.S. is the industry gold standard for catching "low and slow" attacks and known injection patterns, I am curious about the community’s stance on a few points:
- Pattern Recognition: Does the current rule logic (e.g., P.L. 1/P.L. 2) adequately handle the highly variable and context-aware nature of AI-generated payloads?
- Rate Limiting vs. Intelligence: Beyond simple DoS protection, are there recommended configurations for identifying the behavioral "fingerprints" of A.I. agents?
- L.L.M. Protection: Is there any work being done on specific rule groups designed to protect application prompts (e.g., preventing prompt injection via H.T.T.P. headers or body content)?
I would love to hear if there are any specific "best practices" or experimental branches that address these modern challenges.
Reply all
Reply to author
Forward
0 new messages