In a few weeks' time I will present my favourite talk, Web Intrusion Detection with ModSecurity, at the ApacheCon US 2008 in New Orleans: Intrusion detection is a well-known network security technique--it introduces monitoring and correlation devices to networks, enabling...

I will be giving the updated version of our ModProfiler presentation this Sunday (14th) at the OWASP Israel 2008 conference. ModProfiler has seen a release or two since Black Hat (where it was announced) so I can now speak with...

Several years ago, a few more than I'd like to admit, I realised our chances for writing completely secure web applications are extremely slim; virtually non-existent. We can certainly try—and many are making heroic efforts—but nothing good can come out...

Back in May, at AppSec OWASP in Ghent, I listened to Alexander Meisel (who was presenting on behalf of OWASP Germany) talk about best practices for web application firewall deployment. The interesting talk was backed by a larger document, which...

I am happy to announce that we've just launched a public issue tracking facility for ModSecurity. It's available at https://www.modsecurity.org/tracker/. We've selected JIRA for this purpose, not only because it is the best issue tracking product our there, but also...

Before I talk to the title of this post, I have to provide a little back story. I have had an ongoing DRAFT blog post whose subject was basically a rant against many vendors who were unwilling to offer vulnerability...

The ModSecurity Log Collector (mlogc) is used to send ModSecurity audit log data to a console or Breach Security appliance. The final packaged release of ModSecurity 2.5.6 did not contain the mlogc source as it should have. This means that...

Breach Security (also known as the company behind ModSecurity) is organising an OWASP/WASC party at Black Hat US again this year, but if you are a ModSecurity user we are going to call it a ModSecurity party. See below for...

We have just released ModSecurity 2.5.6 to address several issues with transformation caching: the subsystem is unstable, can crash your server server, and is even susceptible to evasion in certain circumstances. Although the issues have all been fixed in 2.5.6...

Although Solaris has been supported as a platform for ModSecurity since the very beginning, it has now become part of Sun's Cool Stack: Cool Stack is a collection of some of the most commonly used open source applications optimized for...