This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

AppSecEU08 Remo presentation

Revision as of 14:11, 9 October 2012 by Dune73 (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Remo presentation (Positive ModSecurity rulesets / Input validation)

The most widespread approach to rulesets for ModSecurity and Web Application Firewall in general is to use negative rulesets. That is to defend against patterns of known attacks.

Such a "default permit" strategy is inadequate for network firewalls and it will also be inadequate for application layer defense in the long run.

Remo is a simple rule editor, that writes ModSecurity rules which in turn can be used inside a WAF running ModSecurity.

The speech will introduce black- and whitelist approaches and give a brief overview on Remo and the status of the project.

About the Speaker: Christian Folini is an IT consultant based in Switzerland. His work is mostly focussed on Apache and things related to the architecture of multi-tier web applications. Christian Folini works for and holds a PhD in medieval history. He is one of the leaders of the Company of St. George.