ModSecurity 2.0 with Ivan Ristic | Search for a title, author or keyword | ||||||||
ModSecurity 2.0 with Ivan Ristic Federico Biancuzzi interviewed Ivan Ristic to discuss the new logging system, events tracking and correlation, filtering AJAX or AFLAX applications, and just-in-time patching for closed source applications. Ivan Ristic is a respected security expert and book author, known especially for his contributions to the web application firewall field and the development of ModSecurity, an open source web application firewall. Ivan Ristic is also involved with the Open Web Application Security Project ( OWASP ) and the Web Application Security Consortium ( WASC ). ModSecurity makes full HTTP transaction logging possible, allowing complete requests and responses to be logged. In addition to providing logging facilities, ModSecurity can monitor the HTTP traffic in real time in order to detect attacks. In this case, ModSecurity operates as a web intrusion detection tool, allowing you to react to suspicious events that take place at your web systems. Some of the major 2.0 version improvements include: five processing phases ( request headers, request body, response headers, response body, and logging ); transaction variables: this can be used to store pieces of data, create a transaction anomaly score, and so on; data persistence ( can be configured any way you want although most people will want to use this feature to track IP addresses, application sessions, and application users ); support for anomaly scoring and basic event correlation; Regular Expression back-references; there are now many functions that can be applied to the variables ( where previously one could only use regular expressions ); XML support.
|
|||||||||
ModSecurity 2.0 with Ivan Ristic | Disclaimer: this link points to content provided by other sites. |