Difference between revisions of "AppSecEU08 Remo presentation"

From OWASP
Jump to: navigation, search
 
(3 intermediate revisions by one user not shown)
Line 5: Line 5:
 
Such a "default permit" strategy is inadequate for network firewalls and it will also be inadequate for application layer defense in the long run.
 
Such a "default permit" strategy is inadequate for network firewalls and it will also be inadequate for application layer defense in the long run.
  
Remo is a simple rule editor, that writes ModSecurity rules which in turn can be used inside a WAF running ModSecurity.
+
[http://remo.netnea.com Remo] is a simple rule editor, that writes ModSecurity rules which in turn can be used inside a WAF running ModSecurity.
  
 
The speech will introduce black- and whitelist approaches and give a brief overview on Remo and the status of the project.
 
The speech will introduce black- and whitelist approaches and give a brief overview on Remo and the status of the project.
Line 11: Line 11:
 
'''About the Speaker:''' Christian Folini is an IT consultant based in Switzerland.  
 
'''About the Speaker:''' Christian Folini is an IT consultant based in Switzerland.  
 
His work is mostly focussed on Apache and things related to the architecture of multi-tier web applications.
 
His work is mostly focussed on Apache and things related to the architecture of multi-tier web applications.
Christian Folini works for [[http://www.netnea.com][netnea.com]] and holds a PhD in medieval history. He is one of the leaders of the Company of St. George.
+
Christian Folini works for [http://www.netnea.com netnea.com] and holds a [http://www.chronos-verlag.ch/php/book_latest.php?book=978-3-0340-0841-9&type=Kurztext PhD in medieval history]. He is one of the leaders of the [http://www.companie-of-st-george.ch Company of St. George].

Latest revision as of 09:11, 9 October 2012

Remo presentation (Positive ModSecurity rulesets / Input validation)

The most widespread approach to rulesets for ModSecurity and Web Application Firewall in general is to use negative rulesets. That is to defend against patterns of known attacks.

Such a "default permit" strategy is inadequate for network firewalls and it will also be inadequate for application layer defense in the long run.

Remo is a simple rule editor, that writes ModSecurity rules which in turn can be used inside a WAF running ModSecurity.

The speech will introduce black- and whitelist approaches and give a brief overview on Remo and the status of the project.

About the Speaker: Christian Folini is an IT consultant based in Switzerland. His work is mostly focussed on Apache and things related to the architecture of multi-tier web applications. Christian Folini works for netnea.com and holds a PhD in medieval history. He is one of the leaders of the Company of St. George.