[Mod-security-developers] OWASP Core Rule Set
Brought to you by:
victorhora,
zimmerletw
Menu
▾
▴
[Mod-security-developers] OWASP Core Rule Set
|
From: Fayyaz, M. <muh...@ba...> - 2015-02-23 11:56:37
|
Guys, I have got two questions if anyone can shed some light : - Apart from the documentation of Core Rule Set, included as part of each rule code file, is there any other documentation resource one can suggest, which should explain the rules in more details. Example: https://www.owasp.org/index.php/ModSecurity_CRS_RuleID-960911 - What approach one should follow to decide the number of rules, from owasp core rule set, should be considered as mandatory rules in respect of QA for a web application. Your help will be much appreciated. Regards Muhammad Fayyaz Engineer BAE Systems Applied Intelligence ___________________________________________________________ BAE Systems Applied Intelligence, Surrey Research Park, Guildford, Surrey, GU2 7RQ. www.baesystems.com/ai<http://www.baesystems.com/ai> Please consider the environment before printing this email. This message should be regarded as confidential. If you have received this email in error please notify the sender and destroy it immediately. Statements of intent shall only become binding when confirmed in hard copy by an authorised signatory. The contents of this email may relate to dealings with other companies under the control of BAE Systems Applied Intelligence Limited, details of which can be found at http://www.baesystems.com/Businesses/index.htm. |
