SpiderLabs Blog

July 24, 2008

There are three aspects of the ModSecurity Rule Language we are not very happy ...

July 24, 2008 | SpiderLabs Anterior

A revised version (but still a draft) of the Enough With Default Allow in Web ...

July 15, 2008 | SpiderLabs Anterior

The title of this blog post is also the title of a research paper we are ...

July 08, 2008 | SpiderLabs Anterior

We all agree that cross-site scripting is a serious problem, but what continues ...

July 03, 2008 | SpiderLabs Anterior

We receive questions about ModSecurity running on HP-UX from time to time, but ...

June 19, 2008 | SpiderLabs Anterior

As you may know, ModSecurity is licensed under GPL version 2. This license has ...

June 06, 2008 | Trustwave SpiderLabs

In case you missed it, Breach Security has teamed up with WhiteHat Security so ...

June 05, 2008 | SpiderLabs Anterior

OWASP AppSec Europe 2008 in Ghent, which I wrote about in a previous post, ...

May 31, 2008 | SpiderLabs Anterior

In my earlier post entitled "What's the Score of the Game?" I presented the ...

May 27, 2008 | SpiderLabs Anterior

We are excited to announce that Breach Security will be running the 2-day ...

May 21, 2008 | SpiderLabs Anterior

We, as the webappsec community, should try and move away from "Holy Wars" ...

May 09, 2008 | SpiderLabs Anterior

ModSecurity 2.6 will likely be the last branch before ModSecurity 3. The 2.6 ...

May 09, 2008 | SpiderLabs Anterior

Quite a few people have asked about the performance differences between using ...

May 07, 2008 | SpiderLabs Anterior

In my previous post, in which I was commenting on the OWASP AppSec agenda, I ...

April 15, 2008 | SpiderLabs Anterior

We are excited to announce that a ModSecurity 2-day training class has been ...

April 15, 2008 | SpiderLabs Anterior

I've just released an update to ModSecurity Community Console, our free audit ...

April 11, 2008 | SpiderLabs Anterior

I've had a pleasure of participating in ApacheCon Europe in Amsterdam this ...

March 11, 2008

I went through all my ModSecurity Blog posts yesterday, partly to admire myself ...

February 22, 2008

With the release of ModSecurity 2.5 yesterday, this seemed like the perfect ...

February 21, 2008 | SpiderLabs Anterior

The final version of ModSecurity 2.5.0, the long awaited next stable version of ...

February 18, 2008 | SpiderLabs Anterior

Breach Labs which sponsors WHID has issued an analysis of the Web Hacking ...

January 30, 2008 | SpiderLabs Anterior

The ModSecurity 2.5 release is scheduled for early/mid February. With the ...

January 25, 2008

ModSecurity 2.5 introduces a really cool, yet somewhat obscure feature called ...

January 22, 2008

Some time ago I decided to start a new blog, a place where I would be able to ...

January 11, 2008 | SpiderLabs Anterior

I have just added a new section to the ModSecurity v2.5 Reference Manual, ...

January 09, 2008 | SpiderLabs Anterior

I will be speaking about ModSecurity at ApacheCon Europe in Amsterdam later ...

January 08, 2008 | SpiderLabs Anterior

Here is a snippet from the just released SANS NewsBites letter:

January 02, 2008 | SpiderLabs Anterior

Large Wordlist Example You will find the greatest benefit of using the set ...