Latest Web Hacking Incident Database (WHID) Entries (3)
April 25, 2011 | Ryan Barnett
These are the lastest entries added by SpiderLabs to the Web Application ...
ModSecurity Advanced Topic of the Week: Integrating IDS Signatures
April 21, 2011 | Ryan Barnett
Snort Web Attack Rules You may be familiar with the Emerging Threats project. ...
Latest Web Hacking Incident Database (WHID) Entries (4)
April 18, 2011 | Ryan Barnett
These are the lastest entries added by SpiderLabs to the Web Application ...
ModSecurity 2.6.0-rc1 is now available
April 18, 2011 | Ryan Barnett
The ModSecurity Development Team is pleased to announce the availability of ...
Securing the Fifth Domain
April 13, 2011 | SpiderLabs Anterior
In May 2010, the final disappearance of the line between physical and virtual ...
ModSecurity Advanced Topic of the Week: Integrating Content Security Policy (CSP)
April 13, 2011 | Ryan Barnett
Mozilla's Content Security Policy (CSP) Mozilla has developed a fantastic ...
Latest Web Hacking Incident Database (WHID) Entries (5)
April 11, 2011
These are the lastest entries added by SpiderLabs to the Web Application ...
CSS and XSS in Melodious Harmony
April 07, 2011
Web application penetration testers, have you ever run into a situation where ...
ModSecurity Advanced Topic of the Week: Malware Link Removal
April 06, 2011
This is a follow-up post to ModSecurity Advanced Topic of the Week: Malware ...
Analysis of LizaMoon: Stored XSS via SQL Injection
April 05, 2011 | Ryan Barnett
Blended Attacks
Latest Web Hacking Incident Database (WHID) Entries(6)
April 04, 2011 | Ryan Barnett
These are the lastest entries added by SpiderLabs to the Web Application ...
Defective By Design? - Certificate Revocation Behavior In Modern Browsers
April 04, 2011 | Paul Kehrer
With the recent fraudulent certificate incident involving one of Comodo's RAs ...
ModSecurity Update: Increasing Community Involvement
March 30, 2011
New Licensing Trustwave is commited to the development of the ModSecurity ...
ModSecurity Advanced Topic of the Week: New Community Contribution - cmdLine Transformation Function
March 30, 2011
Community Contribution - cmdLine This week's topic highlights a community ...
SpiderLabs Radio Updated - Hack It! Edition for February 2011
March 29, 2011
A new SpiderLabs Radio - Hack It! Edition podcast has been uploaded.
Latest Web Hacking Incident Database (WHID) Entries(7)
March 28, 2011 | Ryan Barnett
These are the lastest entries added by SpiderLabs to the Web Application ...
Detecting Malice with ModSecurity: Open Proxy Abuse
March 25, 2011 | Ryan Barnett
This week's installment of Detecting Malice with ModSecurity will discuss how ...
ModSecurity Advanced Topic of the Week: Malware Link Detection
March 17, 2011 | Ryan Barnett
Planting of Malware Planting of malware links into legitimate websites in order ...
WASC WHID Semi-Annual Report for 2010: July - December
March 14, 2011
SpiderLabs just released our WASC Web Hacking Incident Database (WHID) ...
ModSecurity Advanced Topic of the Week: Inbound/Outbound Correlation
March 11, 2011 | Ryan Barnett
Alert Management - Correlated Events One important alert management issue for ...
TWSL2011-003: Vulnerabilities in Avocent Cyclades ACS Web Manager
March 11, 2011 | Josh Grunzweig
The SpiderLabs team at Trustwave published a new advisory today, which details ...
Mobile Visability Limitation? There's an App for that.
March 08, 2011 | Josh Grunzweig
Last July myself and Christian Papathanasiou presented a DEF CON 18 talk ...
thicknet: Griefing Boss Hogg
March 04, 2011 | nosteve
Most things I do seem really awesome at the time. Like the time I was at the ...
ModSecurity Advanced Topic of the Week: Passive Vulnerability Scanning Part 1 - OSVDB Checks
February 23, 2011 | Ryan Barnett
One of the most under-appreciated capabilities of web application firewalls ...
Network Encryption in Modern Relational Database Management Systems
February 23, 2011 | Martin Rakhmanov
In this post I'll continue on the topic of data encryption (see my previous ...
ModSecurity Advanced Topic of the Week: Real-time Application Profiling
February 17, 2011 | SpiderLabs Anterior
One of the key feature differentiators between ModSecurity and other commercial ...
Java Floating Point DoS Attack Protection
February 15, 2011 | Ryan Barnett
As many of you may have heard, there is an interesting Java DoS scenario out -
NASDAQ News Renews Focus (sort of)
February 07, 2011
Reactive security is a common theme within many organizations and the reaction ...