SpiderLabs Blog

February 05, 2007 | SpiderLabs Anterior

I have just packaged and released ModSecurity for Apache v2.1.0-rc7, in ...

January 30, 2007 | SpiderLabs Anterior

This is a listing of Web Application Vulnerabilities that were released by SANS ...

January 23, 2007 | SpiderLabs Anterior

Jeremiah Grossman gives an excellent overview of the top Web hacks of 2006. If ...

January 03, 2007 | SpiderLabs Anterior

Following a question on the core rule set on the ModSecuirty mailing list, I ...

December 28, 2006 | Trustwave SpiderLabs

A recent posting on the ModSecurity mailing list by K.C. Li is a very good ...

December 07, 2006 | Trustwave SpiderLabs

In response to many of the common questions and issues posted to the mail-list, ...

October 24, 2006 | SpiderLabs Anterior

A while ago Federico Biancuzzi contacted me to ask if I'd be interested to give ...

August 18, 2006 | SpiderLabs Anterior

A significant event occurred on the mod-security-users mailing list in July: a ...

August 17, 2006 | SpiderLabs Anterior

I was asked recently to investigate performance of an ModSecurity installation ...

August 14, 2006 | SpiderLabs Anterior

Last week I spent some time stress-testing Apache 2.2.3 configured to work as a ...

August 07, 2006 | SpiderLabs Anterior

You can tell that I am too busy when I take almost three months to blog about ...

July 24, 2006 | SpiderLabs Anterior

Back in March 2006 I was approached by Forrester Research and invited to ...

July 12, 2006 | SpiderLabs Anterior

I just came across this and can't help but make a note about it: A web hosting ...

July 04, 2006 | SpiderLabs Anterior

I love the command line, I do. But there are some tasks where this type of user ...

June 28, 2006 | SpiderLabs Anterior

One of the things I realy dislike in ModSecurity 1.x is that its anti-evasion ...

June 27, 2006 | SpiderLabs Anterior

It's very well known (and even widely accepted) that our current web ...

June 13, 2006

Some of you may remember I wrote about impedance mismatch that occurs between ...

June 13, 2006 | SpiderLabs Anterior

Yury Zaytsev wrote to me recently to tell me about his experiences in jailing ...

May 23, 2006 | SpiderLabs Anterior

I have been awfully quiet recently, having made my last post to this blog in ...

March 28, 2006 | SpiderLabs Anterior

I was recently involved with a project where we needed to configure an Apache ...

March 08, 2006 | SpiderLabs Anterior

It's that time of year again, when I get to work on new features (instead of ...

March 07, 2006 | SpiderLabs Anterior

I have just released ModSecurity for Apache 1.9.3-rc1, a release candidate, as ...

February 25, 2006 | SpiderLabs Anterior

I spent some time this week at the EUSecWest conference here in London. ...

January 26, 2006 | SpiderLabs Anterior

(IN)SECURE Magazine Issue 1.5 has just been published. I wrote the cover story, ...

January 09, 2006 | SpiderLabs Anterior

If you are a ModSecurity user you may have noticed that I am distributing ...

December 23, 2005 | SpiderLabs Anterior

Some ModSecurity users like to run really large rule sets, where the number of ...

December 02, 2005 | SpiderLabs Anterior

My article ("What's New in ModSecurity"), which describes the most important ...

November 28, 2005 | SpiderLabs Anterior

One of the major improvements in the next release of ModSecurity (v2.0) will be ...