Ivan,

We will use this information to see what need to be improved.

Thanks

Breno Silva

On Thu, Jul 26, 2012 at 8:54 PM, Ivan Ristic <ivan.ristic@gmail.com> wrote:
Yesterday I gave my talk on protocol-level evasion of web application
firewalls, using ModSecurity as an example. I think you will find it
very relevant, especially if you're deploying virtual patches in your
environment. There are also other tips on how to securely use
ModSecurity.

This is the blog post, and the paper and the slides can be downloaded
from there:

https://community.qualys.com/blogs/securitylabs/2012/07/25/protocol-level-evasion-of-web-application-firewalls

--
Ivan Ristić

------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
mod-security-users mailing list
mod-security-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/