07 January, 2014

Webcast: Defending Against Web App Attacks Using ModSecurity

Jason Wood
Author: Jason Wood
Share:
 

Later this month I will be presenting a free webcast on ModSecurity and how we can make better use of it.  This is going to be very close to the presentation that I gave at MIRcon 2013.  Some of the ideas that we will cover are from what we’ve been calling Tactical Security Ops.  In this case, we’ll be focusing on getting up to speed on ModSecurity and using that to our advantage.

The webcast is scheduled for the afternoon of January 23.  Information about the webcast is below and you can register at http://ow.ly/slp6N.

Date and Time
Thursday, January 23, 2014 3:00 PM – 4:00 PM EST

Description

ModSecurity is web application firewall module for the Apache, IIS and Nginx web servers and if used properly can provide an enormous amount of detail (beyond the default web server logs) about what attackers are doing against a web server. In this presentation Jason Wood will get attendees familiar with ModSecurity, how it works, what the log formats are, the detection rules available to us and analyzing the data it provides to us. Jason Wood will also discuss strategies for baiting attackers into making themselves stand out from the normal noise of the Internet. This presentation will get attendees more familiar with ModSecurity and prepare them to customize the configuration and rules for their environments.

Registration Link
http://ow.ly/slp6N

Jason Wood is a Senior Security Consultant at Secure Ideas. If you are in need of a penetration test or other security consulting services you can contact him at jason@secureideas.com or visit the Secure Ideas – Professionally Evil site for services provided.

Join the Professionally Evil newsletter

Related Resources