Explore the evolution of ModSecurity as a universal cross-platform web protection tool in this Black Hat USA 2012 conference talk. Learn how ModSecurity expanded from being the leading free open source web application firewall for Apache to now supporting IIS and nginx servers. Discover the tool's capabilities in early attack detection and vulnerability mitigation using the MSRC response process and CVE-2011-3414 as examples. Gain insights into leveraging the OWASP ModSecurity Core Rule Set for detecting 0-day attacks across Apache, IIS, and nginx servers. Presented by Greg Wroblewski and Ryan Barnett, this 42-minute talk offers valuable knowledge for web security professionals seeking comprehensive protection across multiple platforms.
Overview
Syllabus
Black Hat USA 2012 - ModSecurity as Universal Cross-Platform Web Protection Tool
Taught by
Black Hat