I have already received some direct emails with questions about the
class, so I thought that I would reply to the list.
One question was - who is the target audience for this class? New
users, intermediate or advanced?
Our goal is to have something for everyone. If you are a new user, then
this will get you up to speed quickly with the basics of Mod, the Core
Rules, etc... If you are an intermediate user, we will have some good
topic coverage for common "gotchas" with rule writing and log analysis
tips and tricks. And for advanced users, we have some sections dealing
with the more complex and newer Mod 2.5 features (persistent collections
with custom variables for identify brute force attacks, etc...).
The culmination on the afternoon of day 2 is an open "Virtual Patching"
lab where we will front-end the OWASP WebGoat application and then try
and use ModSecurity to address each vulnerability in the individual
labs. This will be truly challenging for all participants as there are
some labs that are pretty straight forward rules to prevent injection
types of vulns. There are others, however, that are much more
challenging to address "externally" with a WAF - so the advanced folks
can try out their Mod Rules King-Fu!!!
I hope this info helps.
From: Ryan Barnett
Sent: Tuesday, May 27, 2008 11:58 AM
Subject: ModSecurity Boot-camp Training at Blackhat US
We have great news :-) For all of the ModSecurity users who could not
make the trip over to Belgium last week for the ModSecurity training at
the OWASP AppSec EU conference, don't despair. The 2-day, ModSecurity
boot-camp training class has been adding to the Blackhat US conference
in Las Vegas on August 2nd and 3rd!
Here are the important links for the class on the BH site -
Class Overview -
Registration Page - https://commerce.blackhat.com/bh_usa_2008
I hope to see you all there.
Ryan C. Barnett
ModSecurity Community Manager
Breach Security: Director of Application Security
Web Application Security Consortium (WASC) Member
CIS Apache Benchmark Project Lead
SANS Instructor, GCIA, GCFA, GCIH, GSNA, GCUX, GSEC
Author: Preventing Web Attacks with Apache