ModSecurity: Cool Rules Project

["Ryan Barnett" <rcbarnett () gmail com>]

For those of you running ModSecurity,
I wanted to let you all know about the ModSecurity "Cool Rules"
Project (http://www.modsecurity.org/projects/coolRules/index.html)
that I am heading up.

ModSecurity Cool Rules is a community-based effort where ModSecurity
users can openly submit and share their own custom rules that they
created to solve complex or unique issues that are not covered by the
open-source Core Rule set.  These rules can tackle challenges such as
identifying and responding to brute force attacks, tracking
session-based attacks and virtual patches for newly discovered
vulnerabilities.  We will be posting the best rules that we have
received on the ModSecurity project page in the near future.

If you are using ModSecurity and have some "Cool Rules" that you
developed, please let us know about it!  Check out the project webpage
for details.

--
Ryan C. Barnett
ModSecurity Community Manager
Web Application Security Consortium (WASC) Member
CIS Apache Benchmark Project Lead
SANS Instructor, GCIA, GCFA, GCIH, GSNA, GCUX, GSEC
Author: Preventing Web Attacks with Apache

-------------------------------------------------------------------------
Sponsored by: Watchfire

The Twelve Most Common Application-level Hack Attacks
Hackers continue to add billions to the cost of doing business online 
despite security executives' efforts to prevent malicious attacks. This 
whitepaper identifies the most common methods of attacks that we have seen, 
and outlines a guideline for developing secure web applications. 
Download today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008fHe
--------------------------------------------------------------------------