Technical problems with Youtube for my OWASP ModSecurity presentation starting now. Organizers invite everybody directly into zoom call: us06web.zoom.us/j/85452777497?…

Core Rule Set #CRS is largely underestimated by new OpSec. Thanks for your work ;-)

This is a bit of a portrait of the #OWASP #WAF projects I am co-leading. Translation should be easy if you do not read German. CC Core Rule Set, ModSecurity

Please save the date: we would like to organize a mini-event on June 5, 2024, where we can meet everyone in person and discuss future tasks. The venue is Leuven, Belgium - the exact location has yet to be determined. We will meet around 13:00 and will leave about 18:00.

The CRS project has released version 4.6.0 for CRS 4 and version 3.3.6 for CRS 3. The new releases tackle two multipart file upload bypass methods. All users are requested to update to the new releases. Read more and get the new releases: coreruleset.org/20240829/crs-v…

modsecurity.org/20240830/modse… After a long period, the modsecurity.org website is available again with renewed content and form.

New versions of ModSecurity have been released, see the blog post: modsecurity.org/20240903/new-v…

CVE-2024-46292 was published related to ModSecurity: cve.mitre.org/cgi-bin/cvenam… Here is the team's resolution: modsecurity.org/20241011/about… If you have any question you can ask here: github.com/owasp-modsecur…

CRS will have its first community call on March 17, from 20:30 to 21:30 CET (19:30 UTC / 2:30 p.m. ET) and will be moderated by former CRS co-leader Christian Folini. Register here: coreruleset.org/register/commu…

It's time to move to PCRE2 as default: modsecurity.org/20250217/use-p…

Please update your libmodsecurity3 instances as soon as possible: modsecurity.org/20250225/html-…

Running smooth is great, but running secure is essential. #EasyDCIM v1.15.0 now supports #ModSecurity on #Debian-based systems, giving you a critical edge against evolving cybersecurity risks. See how else our platform helps you outpace threats: easydcim.com/blog/easydcim-… #Firewall

Please take a look at this issue and share your opinions (on GH): github.com/owasp-modsecur…

Happy to announce OWASP Open WAF Day: owasp2025globalappseceu.sched.com/event/1zCJN/op… Feel free to register yourself! #modsecurity #coreruleset #crs #coraza #waf

New version have been released: mod_security2:  github.com/owasp-modsecur… This versions includes a fix against a recently discovered DoS vulnerability: modsecurity.org/20250521/possi… Please upgrade your module!

New version has been released: Nginx connector: github.com/owasp-modsecur… blog post: modsecurity.org/20250521/modse… Please note that the log format has been changed!

New version of mod_security2 have been released:  github.com/owasp-modsecur… This versions includes a fix against a recently discovered (another) DoS vulnerability: modsecurity.org/20250602/dos-v… Please upgrade your module!

A new version of mod_security2 has been released, please check the blog post: modsecurity.org/20250701/dos-v…

A new version of mod_security2 has been released, please check the blog post: modsecurity.org/20250805/impro…

CRS will have its second community call on September 22, from 20:30 to 21:30 CEST (18:30 UTC / 2:30 p.m. ET) and will be moderated by former CRS co-leader Christian Folini. Check more details and register here: luma.com/8yc1p543