I wanted to send this out to the mail-list in case you were not aware -
The reason I am sending this is that there is a direct benefit here between DAST tools (such as Cenzic) and important that intelligence into a WAF (such as ModSecurity) for virtual patching. Here are two past blog posts I did on the DAST -> WAF topic
using two open source DAST tools -
I wanted to let the ModSecurity user community know that Trustwave SpiderLabs now has a commercial integration offering with Cenzic HailStorm and ModSecurity WAF. If you are using both Cenzic and ModSecurity and are interested in more information about
this commercial service, please contact me directly via email.
Lead Security Researcher, SpiderLabs
Trustwave | SMART SECURITY ON DEMAND
This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information
contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.