i promised (thanks to christian folini for his request)
to publish on this list
the WAFSEC 1.0 evaluation matrix for mod_security
that I had made some
time ago. It is here:
My evaluation work is based on using mod_security, together with the REMO policy engine and the jwall audit console.
Comments are welcome. Moreover, if it might be worthwhile, I give right now to mod_security developers the rights to publish this the document, all or in part, on the project web site, eventually integrated and corrected.
this document could be useful to someone, and not so wrong in the content.