The #OWASP #ModSecurity Core Rule Set team is pleased to announce the release of #CRS3 version 3.3.5. This is a security release that mitigates CVE-2023-38199: a potential impedance mismatch vulnerability from requests with multiple Content-Type headers. coreruleset.org/20230724/crs-v…

libModSecurity3 is affected by DoS vulnerability CVE-2023-38285. This also affects OWASP CRS / Core Rule Set users. Here is our take: coreruleset.org/20230802/libmo… Note: Users of the ModSec2 release line a (-> Apache) are not affected.

🎉 Christian Folini kicking off this year's swisscyberstorm. I'm sooo much looking forward to a day full of amazing talks 🎉 #SCS23

After a detour lasting 18 months, the CRSv4 RC2 is out. The @OWASP #ModSecurity Core Rule Set team is proud to bring you detection capabilities exceeding everything else on the planet. Please test this throughly and help us with false positives. coreruleset.org/20231026/crs-v… #CRS4

It’s finally here: the Core Rule Set Retreat 2023 in #Budapest, #Hungary! For the next week, we have a lot to discuss and to work (and to drink). Egészségére!

It's Core Rule Set developer retreat time 🎉 Looking forward to an exciting week 🤩

A new portrait of one of the Core Rule Set core team's member: in an interview we published recently on our blog, Andrew Howe talks about how he came to join the project. coreruleset.org/20231109/meet-… #OWASP #ModSecurity #waf #crs #itsec #itsecurity

Meet the CRS team: As a South American, Felipe Zipitra has a special status in the Core Rule Set core team. The Uruguayan played basketball which taught him all about the value of teamwork. Read Felipe‘s portrait on the CRS blog: coreruleset.org/20231130/meet-… #waf #crs #itsecurity

On November 5–12, the Core Rule Set core team met in #Budapest for the annual retreat. Much work was done in that week, but, of course, there was a lot of fun activities, too. Read our blog: Day 1: coreruleset.org/20231105/unive… Days 2–7: coreruleset.org/20231128/discu… #ModSecurity #waf #crs

Great news! ModSecurity will join the OWASP® Foundation family. 🎉

Exciting OWASP® Foundation news! Trustwave Transfers ModSecurity Custodianship to OWASP Cc Christian Folini Franziska Bühler ModSecurity Core Rule Set owasp.org/blog/2024/01/0…

This is fantastic. I started to build ModSecurity in 2002, full time in 2004. Twenty years later, it’s not only open source but open governance. I couldn’t have imagined a better outcome.

Valentine’s Day present from the first Core Rule Set chat of 2024: #CRS v4 to be released on Wednesday, February 14! In other news: due to a lack of capacity, CRS will skip this year’s Google Summer of Code. See the chat agenda with decisions here: github.com/coreruleset/co…

Let CRS4 be your valentine! The @OWASP CRS / Core Rule Set team is proud to release CRS 4.0. Years in the making, it brings your WAF the best detection ever and a new plugin architecture. Read more at coreruleset.org/20240214/let-c… #CRS4 #CRS3 #WAF no more #WAFBypass #bugbountytips

Exciting news! CRS4 is released 🌹🎉

Rest in love and peace, dear Walter 🕯

Today, the Core Rule Set has released #CRS v4.1.0. The new release is the first according to the new monthly release schedule and brings a couple of new features and fixes. Read the changelog here: github.com/coreruleset/co… #waf #CyberSecurity #owasp

I'm so happy and relieved to share that I provisionally passed my Certified Cloud Security Professional #CCSP exam today 🎉🍾💃 All the learning and hard work paid off!! Now, I'm looking forward to free time and free weekends again 🧘‍♀️

Meet the CRS team: Programming and entrepreneurship run in Jozef Sudolsky's family. When not working for his company or the Core Rule Set, he's in the gym or his garden. His office is his daughter's playroom. Read the portrait: coreruleset.org/20240507/meet-… #waf #crs #itsecurity #owasp

Congratulations to Core Rule Set co-lead Felipe Zipitría, winner of this year's WASPY Award! "Project Person of the Year" – you earned it. Don't know Felipe? Read here: coreruleset.org/20231130/meet-… Congrats to the other winners Martin Knobloch and Shruti Kulkarni. And thanks to OWASP® Foundation!