This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "AppSecEU08 Remo presentation"

From OWASP
Jump to: navigation, search
 
(One intermediate revision by the same user not shown)
Line 5: Line 5:
 
Such a "default permit" strategy is inadequate for network firewalls and it will also be inadequate for application layer defense in the long run.
 
Such a "default permit" strategy is inadequate for network firewalls and it will also be inadequate for application layer defense in the long run.
  
Remo is a simple rule editor, that writes ModSecurity rules which in turn can be used inside a WAF running ModSecurity.
+
[http://remo.netnea.com Remo] is a simple rule editor, that writes ModSecurity rules which in turn can be used inside a WAF running ModSecurity.
  
 
The speech will introduce black- and whitelist approaches and give a brief overview on Remo and the status of the project.
 
The speech will introduce black- and whitelist approaches and give a brief overview on Remo and the status of the project.

Latest revision as of 14:11, 9 October 2012

Remo presentation (Positive ModSecurity rulesets / Input validation)

The most widespread approach to rulesets for ModSecurity and Web Application Firewall in general is to use negative rulesets. That is to defend against patterns of known attacks.

Such a "default permit" strategy is inadequate for network firewalls and it will also be inadequate for application layer defense in the long run.

Remo is a simple rule editor, that writes ModSecurity rules which in turn can be used inside a WAF running ModSecurity.

The speech will introduce black- and whitelist approaches and give a brief overview on Remo and the status of the project.

About the Speaker: Christian Folini is an IT consultant based in Switzerland. His work is mostly focussed on Apache and things related to the architecture of multi-tier web applications. Christian Folini works for netnea.com and holds a PhD in medieval history. He is one of the leaders of the Company of St. George.