ModSecurity The Open Source Web Application Firewall Nov2007, it, security, mod security
[ Pobierz całość w formacie PDF ]
//-->ModSecurityThe Open Source WebApplication FirewallIvan RisticChief EvangelistBreach Security1/30IntroductionBreach SecurityGlobal headquarters inCarlsbad, CaliforniaWeb application securityprovider for over sixyearsLed by experiencedsecurity executivesTrusted by largeenterprise customers• Next-generation web application security solutions for protectingbusiness-critical applications transmitting privileged information.• Resolve security challenges such as identity theft, informationleakage, regulatory compliance, and insecurely coded applications.• Best threat detection in the industry and the most flexibledeployment options available.2/30IntroductionIvan RisticWeb application securityandweb application firewallspecialist.Author ofApache Security.Author ofModSecurity.OWASP London Chapterleader.Officer of theWeb ApplicationSecurity Consortium.►WAFEC project leader.3/30Part 1What are Web Application Firewalls?4/30Problems with Web ApplicationsHow did it all start?HTTP and browsers designed for documentexchange.Web applications built using a number of looselyintegrated technologies.No one thought about security at the time.Most web applications suffer from one type ofproblem or another. It is very difficult to developa reasonably secure web application.Not possible to achieve 100% security.Where are we today?5/30
[ Pobierz całość w formacie PDF ]