For those of you who are looking for some hands-on ModSecurity training this Fall, I will be running a 2-day class at the upcoming OWASP AppSecUSA conf -
If you are interested in the following topics, you should consider signing up!
- Effectively using the OWASP ModSecurity CRS
- Using Bayesian Detection
- Virtual Patching
- Setting HoneyTraps
- Spoofing Successful Exploits
- Leveraging 3rd Party IP Reputation
- Identifying Session Hijacking Attacks
- XSS Mitigation with JS Sandboxes
By the way – there may be an opportunity to put these new skills to the test by joining in on the OWASP Capture the Flag (CTF) competition - http://appsecusa.org/2013/activities/ctf/
Still working on details.
Hope to see you there.
ModSecurity Project Leader
OWASP ModSecurity CRS Project Leader
This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information
contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.