SpiderLabs Blog

September 01, 2010 | SpiderLabs Anterior

This week's feature is the effective use of Transformation functions.

August 30, 2010 | SpiderLabs Anterior

I am excited to announce that the OWASP ModSecurity Core Rule Set (CRS) has ...

August 27, 2010 | SpiderLabs Anterior

Greetings everyone, I wanted to announce the availability of the OWASP ...

August 24, 2010

We are starting a new blog post series here on the ModSecurity site called ...

August 11, 2010

Since Black Hat and DEFCON we have been busying building teams and aligning ...

July 21, 2010

ModSecurity Community,

April 22, 2010 | SpiderLabs Anterior

There was a recent blog article stating that ModSecurity can be bypassed by ...

November 13, 2009

I presented on the OWASP ModSecurity Core Rule Set (CRS) Project yesterday here ...

July 19, 2009 | SpiderLabs Anterior

Just a quick note to let everyone know that a 2-day ModSecurity training class ...

March 12, 2009 | SpiderLabs Anterior

ModSecurity versions 2.5.8 and 2.5.9 have been released to fix two ...

December 22, 2008 | SpiderLabs Anterior

In a previous post I showed how you can use both ModSecurity and Apache ...

December 20, 2008 | SpiderLabs Anterior

If you are unfamiliar with what the HTTPOnly cookie flag is or why your web ...

October 30, 2008

This year, the OWASP's Summer of Code event contains one project that's of ...

October 29, 2008 | SpiderLabs Anterior

I spent the last week importing ModSecurity's source code repository into ...

October 10, 2008 | SpiderLabs Anterior

In a few weeks' time I will present my favourite talk, Web Intrusion Detection ...

September 11, 2008 | SpiderLabs Anterior

I will be giving the updated version of our ModProfiler presentation this ...

September 08, 2008 | SpiderLabs Anterior

Several years ago, a few more than I'd like to admit, I realised our chances ...

August 27, 2008 | SpiderLabs Anterior

I am happy to announce that we've just launched a public issue tracking ...

August 07, 2008 | SpiderLabs Anterior

Before I talk to the title of this post, I have to provide a little back story. ...

August 04, 2008 | SpiderLabs Anterior

The ModSecurity Log Collector (mlogc) is used to send ModSecurity audit log ...

August 01, 2008

We have just released ModSecurity 2.5.6 to address several issues with ...

July 29, 2008 | SpiderLabs Anterior

Although Solaris has been supported as a platform for ModSecurity since the ...

July 24, 2008

There are three aspects of the ModSecurity Rule Language we are not very happy ...

July 24, 2008 | SpiderLabs Anterior

A revised version (but still a draft) of the Enough With Default Allow in Web ...

July 15, 2008 | SpiderLabs Anterior

The title of this blog post is also the title of a research paper we are ...

July 08, 2008 | SpiderLabs Anterior

We all agree that cross-site scripting is a serious problem, but what continues ...

July 03, 2008 | SpiderLabs Anterior

We receive questions about ModSecurity running on HP-UX from time to time, but ...

June 19, 2008 | SpiderLabs Anterior

As you may know, ModSecurity is licensed under GPL version 2. This license has ...