BCS Cybercrime Forensics specialist group.
Watch the video
Synopsis
The CRS is a set of generic attack detection rules for use with ModSecurity or compatible web application firewalls. CRS is the 1st line of defense against web application attacks like those summarized in the OWASP Top Ten and all with a minimum of false alerts.
This talk demonstrates the installation of the rule set and introduces the most important groups of rules.
It covers key concepts like anomaly scoring and thresholds, paranoia levels, stricter siblings and the sampling mode. The important handling of false positives is also covered as well as pre-defined lists of rule exclusions for popular web applications helping to avoid false positives.
About the speaker
Christian Folini is a security engineer and open source enthusiast. He holds a Ph.D. in medieval history and enjoys defending castles across Europe.
Unfortunately, defending medieval castles is not a big business anymore and he turned to defending web servers, which he finds equally challenging.
He brings more than ten years of experience with ModSecurity configuration in high-security environments, DDoS defense, and threat modeling.
Christian Folini is the author of the second edition of the ModSecurity Handbook and the best-known teacher on the subject. He co-leads the OWASP ModSecurity Core Rule Set project and serves as the program chair of the "Swiss Cyber Storm" conference, the prime security conference in Switzerland.
Our events are for adults aged 16 years and over.
For overseas delegates who wish to attend the event, please note that BCS does not issue invitation letters.
This event is brought to you by: BCS Cybercrime Forensics specialist group
