This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Project Information:template Securing WebGoat using ModSecurity"

From OWASP

Jump to: navigation, search

Revision as of 13:05, 19 June 2008

PROJECT IDENTIFICATION
Project Name	OWASP Securing WebGoat using ModSecurity Project
Short Project Description	The purpose of this project is to create custom Modsecurity rulesets that, in addition to the Core Set, will protect WebGoat 5.1 from as many of its vulnerabilities as possible (the goal is 90%) without changing one line of source code. To ensure that it will be a complete 'no touch' on WebGoat and its environment, ModSecurity will be configured on Apache server as a remote proxy server. For those vulnerabilities that cannot be prevented (partially or not at all), I will document my efforts in attempting to protect them. Business logic vulnerabilities will be particularly challenging to solve.
Email Contacts	Project Leader Stephen Evans	Project Contributors (if applicable) Name&Email	Mailing List/Subscribe Mailing List/Use	First Reviewer Ivan Ristic & Breach Group	Second Reviewer Christian Folini	OWASP Board Member X

PROJECT MAIN LINKS
(If appropriate, links to be added)

RELATED PROJECTS
OWASP WebGoat Project

SPONSORS & GUIDELINES
Sponsor - OWASP Summer of Code 2008	Sponsored Project/Guidelines/Roadmap

ASSESSMENT AND REVIEW PROCESS
Review/Reviewer	Author's Self Evaluation (applicable for Alpha Quality & further)	First Reviewer (applicable for Alpha Quality & further)	Second Reviewer (applicable for Beta Quality & further)	OWASP Board Member (applicable just for Release Quality)
50% Review	Objectives & Deliveries reached? Yes/No (To update) --------- See&Edit:50% Review/Self-Evaluation (A)	Objectives & Deliveries reached? Yes/No (To update) --------- See&Edit: 50% Review/1st Reviewer (C)	Objectives & Deliveries reached? Yes/No (To update) --------- See&Edit: 50%Review/2nd Reviewer (E)	X
Final Review	Objectives & Deliveries reached? Yes/No (To update) --------- Which status has been reached? Season of Code - (To update) --------- See&Edit: Final Review/SelfEvaluation (B)	Objectives & Deliveries reached? Yes/No (To update) --------- Which status has been reached? Season of Code - (To update) --------- See&Edit: Final Review/1st Reviewer (D)	Objectives & Deliveries reached? Yes/No (To update) --------- Which status has been reached? Season of Code - (To update) --------- See&Edit: Final Review/2nd Reviewer (F)	X

Retrieved from "https://wiki.owasp.org/index.php?title=Project_Information:template_Securing_WebGoat_using_ModSecurity&oldid=32005"

@@ Line 11: / Line 11: @@
   | style="width:14%; background:#cccccc" align="center"|Project Leader<br>[mailto:stephencraig.evans(at)gmail.com '''Stephen Evans''']
   | style="width:14%; background:#cccccc" align="center"|Project Contributors<br>(if applicable)<br>[mailto:name(at)name '''Name&Email''']
-  | style="width:14%; background:#cccccc" align="center"|[https://lists.owasp.org/mailman/listinfo/owasp-webgoat-using-modsecurity Mailing List/Subscribe]<br>[mailto:Owasp-WebGoat-using-ModSecurity(at)lists.owasp.org '''Mailing List/Use''']
+  | style="width:14%; background:#cccccc" align="center"|[https://lists.owasp.org/mailman/listinfo/owasp-webgoat-using-modsecurity '''Mailing List/Subscribe''']<br>[mailto:Owasp-WebGoat-using-ModSecurity(at)lists.owasp.org '''Mailing List/Use''']
   | style="width:14%; background:#cccccc" align="center"|First Reviewer<br>[mailto:[email protected] '''Ivan Ristic &<br>Breach Group''']
   | style="width:14%; background:#cccccc" align="center"|Second Reviewer<br>[mailto:christian.folini(at)netnea.com '''Christian Folini''']

Difference between revisions of "Project Information:template Securing WebGoat using ModSecurity"

Revision as of 13:05, 19 June 2008

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Reference

Tools