Dear all, The OWASP ModSecurity Core Rule Set project is proud to present its own website:
https://www.coreruleset.org The information about CRS has been scattered over almost half a dozen sites (OWASP wiki, Spiderlabs blog, github, modsecurity.org, netnea.com website, etc.) during the years and new users have a hard time finding the documentation they need. The idea of the project is to establish coreruleset.org website as the go-to place for all things CRS. We thank Walter Hop for the work he invested into this site on behalf of our project. An open source project needs a logo and following the success of the CRS3 release poster, we decided that it's time to come up with a professional logo for CRS. Hugo Costa, who also designed the release poster, has created our new logo. The logo comes with several different variants. The full blown version is this: https://coreruleset.org/assets/uploads/2017/08/CRS-logo-full__size-820x350.png A simpler version is this one with only the symbol plus CRS: https://coreruleset.org/assets/uploads/2017/08/CRS-logo-CRS__size-512x710.png So what's the idea of the logo? We have the OWASP wasp in the center. The wasp is protecting itself, but there is an outer ring made up from three sectors. This is the 1st line of defense, the Core Rule Set. Three sectors because of CRS3. "The 1st Line of Defense" is also our claim. "Claim" is a marketing term that tries to transport the core message of a product. Our idea is that CRS should be be installed on every webserver as a simple yet effective security measure that takes out 80% of the attacks with minimal hassle - like a "1st Line of Defense". But back to the website. The information you will find so far is very limited. But it is meant to grow fast as there are many sources we can pull from and a lot of knowledge in the team. We have the plan to publish blog posts regularly and we welcome interested community members to share their knowledge, tricks, success stories or newsworthy items on our blog. Kirk Jackson makes a start with a summary of his solution to apply CRS only to an individual parameter on a single path: https://coreruleset.org/20170821/running-crs-rules-only-on-certain-parameters/ Project lead Chaim Sanders explains the idea behind the new FTW project, a Framework for Testing WAFs that we started to use as a base for our CRS unit tests: https://coreruleset.org/20170810/testing-wafs-ftw-version-1-0-released/ Please help us spread the word about our new website and about CRS in general. Feel free to use our logo in your presentations or on your website. There is a zip file with all variants in multiple sizes at https://www.owasp.org/index.php/ModSecurity_CRS_Logo We will put this on the new site too as soon as we receive the SVG version of the logo. Best regards, Christian Folini, for the CRS team -- ModSecurity courses Oct 2017 in London and Zurich https://www.feistyduck.com/training/modsecurity-training-course https://www.feistyduck.com/books/modsecurity-handbook/ mailto:christian.fol...@netnea.com twitter: @ChrFolini -- ModSecurity courses Oct 2017 in London and Zurich https://www.feistyduck.com/training/modsecurity-training-course https://www.feistyduck.com/books/modsecurity-handbook/ mailto:christian.fol...@netnea.com twitter: @ChrFolini _______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
