Loading…
Welcome to the full schedule of the OWASP AppSec Research EU 2013 training days. You’ll find the schedule for the conference days at http://sched2013.appsec.eu
Back To Schedule
Wednesday, August 21 • 9:30am - 5:30pm
Tactical Defense with ModSecurity

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

While application flaws should ideally be fixed in the source code, this is often not a feasible task for various reasons. Web application firewalls are often deployed as an additional layer of security that can monitor, detect and prevent attacks before they reach the web application. ModSecurity, an extremely popular open source web application firewall, is often used to help protect web applications against known and unknown vulnerabilities alike. This two-day boot-camp training is designed for people who want to quickly learn how to configure and deploy ModSecurity in the most effective manner possible. The course will cover topics such as the powerful ModSecurity rules language, extending functionality via the embedded Lua engine and managing suspicious events via AuditConsole. Documented hands-on labs help students understand the inner workings of ModSecurity and how to deploy ModSecurity securely. By leveraging the flexibility within ModSecurity, attendees will be able to write effective rules to mitigate complex web vulnerabilities. The bootcamp will cover the following topics:


  1. Introduction to Modsecurity

  2. Deployment Options and Deployment Issues

  3. ModSecurity Installation

  4. ModSecurity Rules Language Primer

    • Variables, Transformation Functions

    • Chain for Complex Rules

    • Persistent Collections

    • Anomaly Scoring, Rule Debugging


  5. OWASP Core Rule Set Overview

  6. Lua – Extending the Rules

  7. Handling False Positives and Creating Exceptions

  8. Rule Writing Tips, Cool Rules for Complex Problems 9. Virtual Patching Overview

  9. AuditConsole Installation, Configuration and Usage:

    • Multi-User Site Management

    • Automatic archiving of audit-data

    • Generating audit-data Reports, Report customization

    • Realtime Block List Management



Speakers
avatar for Christian Bockermann

Christian Bockermann

Starting with Linux/network security in 1996, Christian Bockermann has been working in computer security for over 10 years. While working as a Java web-application developer for several years he started concentrating on web-security as major subject. Alongside to working as a research... Read More →


Wednesday August 21, 2013 9:30am - 5:30pm CEST
Alsterpanorama II Emporio