Hello, Back in June, I presented the Core Rules and the new Paranoia Mode at the Area41 conference in Zurich, Switzerland. The video of my presentation is now online:
https://www.youtube.com/watch?v=o25wJH169aA&index=23&list=PLv-PXy2JVvit4wCSlKLJsrKZHMUOekhEa The first half is an introduction into WAFs, ModSecurity and the Core rules. At minute 14 starts an on-stage demo of CRS Anomaly Scoring featuring Little Bobby Tables and limbo dancing storm troopers. The second half is dedicated to the Paranoia Mode presenting first results of a productive site running the early June development version of the CRS v3.0.0. There are no more dancing storm troopers - not even expensive watches - in this part of the presentation, but a lot of xkcd style graphs and numbers that really rock. A guy in the audience asked (not really understandable in the video) why there was such a small gap in the anomaly score between the higher paranoia levels. The reason was that the higher PL had not been populated in early June very much. This has changed in the meantime and the gap is widening now fast. In fact we have made huge steps since early June. Walter Hop's work on remote command execution is awesome (pull request pending) and Chaim is heading for a formal release candidate in the next few weeks. In case you like the presentation, I'd appreciate if you let me know. Best, Christian -- https://www.feistyduck.com/training/modsecurity-training-course mailto:christian.fol...@netnea.com twitter: @ChrFolini _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
