Home page logo

bugtraq logo Bugtraq mailing list archives

ModSecurity 2.0, A Core Rule Set and Console now available
From: "Ofer Shezaf" <OferS () Breach com>
Date: Sun, 29 Oct 2006 13:03:33 -0500

It has been a couple of weeks since we released those, but now that
hardcore ModSecurity users have hopefully found all the bugs, I would
like to announce that the ModSecurity project has three new products for

- ModSecurity 2.0, an open source web application firewall, is finally
officially out. The new release is a major rewrite and includes XML
support, event correlation, transaction scoring, anomaly detection, data
persistence, wealth of anti-evasion functions, regex back-references,
support for sessions, and many more. 

- ModSecurity Core Rule Set is a 1st shot at giving a base protection
out of the box to ModSecurity users. ModSecurity is an application
security engine, but it requires rules to actually provide protection.
The core rule set enables immediately deployment of ModSecurity and is
available under GPL license and supports ModSecurity 2.0.

- ModSecurity console is a web based event aggregator for ModSecurity
that enables you to collect events from multiple ModSecurity
installation, view the events and generate reports based on them. It is
available for free for up to 3 sensors.

All products are available on the ModSecurity web site at
www.modsecurity.org. Support for all these products on a best effort
base from the Community and from Breach Security through the ModSecurity
mailing list.

~ Ofer Shezaf

Ofer Shezaf
CTO, Breach Security

ofers () breach com

  By Date           By Thread  

Current thread:
  • ModSecurity 2.0, A Core Rule Set and Console now available Ofer Shezaf (Oct 31)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]