SpiderLabs Blog

November 18, 2010 | SpiderLabs Anterior

Greetings everyone,

November 18, 2010 | SpiderLabs Anterior

In the latest SVN trunk version of the CRS (2.0.9), we have implemented the ...

November 16, 2010 | Admin

Data should be encrypted at rest and in motion. In this post, I'll discuss ...

November 05, 2010 | SpiderLabs Anterior

A release candidate of 2.5.13 ModSecurity into the svn repository (branch ...

November 03, 2010 | SpiderLabs Anterior

This week's installment of Detecting Malice with ModSecurity will discuss the ...

October 27, 2010 | SpiderLabs Anterior

I would like to introduce a new blog series entitled - Detecting Malice with ...

October 22, 2010 | SpiderLabs Anterior

We are proud to announce the new release 2.5.13 is under development and will ...

October 21, 2010 | Admin

As a result of the acquisition of Breach Security (and thus ModSecurity) by ...

October 21, 2010 | Admin

Request Header Tagging

October 13, 2010 | SpiderLabs Anterior

I am excited to announce that Breno Silva has joined Trustwave's SpiderLabs ...

October 06, 2010 | SpiderLabs Anterior

Many reports have indicated that malicious PDFs that exploit flaws in Adobe's ...

September 28, 2010 | Admin

Introduction In last week's post on Identifying Improper Output Handling, we ...

September 21, 2010 | Admin

A Topic Presents Itself

September 14, 2010 | SpiderLabs Anterior

This week's topic discusses how to validate application SessionIDs submitted by ...

September 09, 2010 | SpiderLabs Anterior

The Web Hacking Incident Database (WHID) is a project dedicated to maintaining ...

September 07, 2010 | SpiderLabs Anterior

This week's feature is the effective use of Real-time Blacklist lookups (@rbl).

September 01, 2010 | SpiderLabs Anterior

This week's feature is the effective use of Transformation functions.

August 30, 2010 | SpiderLabs Anterior

I am excited to announce that the OWASP ModSecurity Core Rule Set (CRS) has ...

August 27, 2010 | SpiderLabs Anterior

Greetings everyone, I wanted to announce the availability of the OWASP ...

August 24, 2010 | Admin

We are starting a new blog post series here on the ModSecurity site called ...

August 11, 2010 | Admin

Since Black Hat and DEFCON we have been busying building teams and aligning ...

April 22, 2010 | SpiderLabs Anterior

There was a recent blog article stating that ModSecurity can be bypassed by ...

July 19, 2009 | SpiderLabs Anterior

Just a quick note to let everyone know that a 2-day ModSecurity training class ...

March 12, 2009 | SpiderLabs Anterior

ModSecurity versions 2.5.8 and 2.5.9 have been released to fix two ...

December 22, 2008 | SpiderLabs Anterior

In a previous post I showed how you can use both ModSecurity and Apache ...

December 20, 2008 | SpiderLabs Anterior

If you are unfamiliar with what the HTTPOnly cookie flag is or why your web ...

October 29, 2008 | SpiderLabs Anterior

I spent the last week importing ModSecurity's source code repository into ...

October 10, 2008 | SpiderLabs Anterior

In a few weeks' time I will present my favourite talk, Web Intrusion Detection ...