This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "File:20170816-Introducing the OWASP ModSecurity Core Rule Set 3-Christian Folini.pdf"

From OWASP
Jump to: navigation, search
(The CRS is a set of generic attack detection rules for use with ModSecurity or compatible web application firewalls that saw a new major release in November 2016 (3.0 -> CRS3). CRS is the 1st line of defense against web application attacks like those s...)
 
(No difference)

Latest revision as of 13:59, 23 August 2017

The CRS is a set of generic attack detection rules for use with ModSecurity or compatible web application firewalls that saw a new major release in November 2016 (3.0 -> CRS3). CRS is the 1st line of defense against web application attacks like those summarized in the OWASP Top Ten and all with a minimum of false alerts.

This talk demonstrates the installation of the rule set and introduces the most important groups of rules. It covers key concepts like anomaly scoring and thresholds, paranoia levels, stricter siblings and the sampling mode. The important handling of false positives is also covered as well as pre-defined lists of rule exclusions for popular web applications helping to avoid false positives.

File history

Click on a date/time to view the file as it appeared at that time.

Date/TimeDimensionsUserComment
current13:59, 23 August 2017 (6.87 MB)Schattenbaum (talk | contribs)The CRS is a set of generic attack detection rules for use with ModSecurity or compatible web application firewalls that saw a new major release in November 2016 (3.0 -> CRS3). CRS is the 1st line of defense against web application attacks like those s...
  • You cannot overwrite this file.

There are no pages that link to this file.