Web Intrusion Detection with ModSecurity (english)

Ivan Ristic

giovedì 7 – ore 12:00

Intrusion detection is a well-known network security technique. By employing network monitoring security personnel observe network traffic, detecting attacks and anomalies in real-time. Web intrusion detection applies the same techniques to the HTTP protocol, making them suitable to tackle the complex security issues so common in today's web applications. This session will start with an overview of web intrusion detection and web application firewalls, discussing their place in the overall protection strategy. In the second part of the talk Ivan will discuss ModSecurity, the open source web application firewall. ModSecurity is, in the nutshell, an effective real-time HTTP traffic analyser. It can be deployed either embedded, in the Apache HTTP server, or standalone in reverse proxy mode. Now in its fifth year of development, ModSecurity is mature, robust and flexible. It is by far the most widely deployed web application firewall and a de-facto standard in this space.

Ivan Ristic is an entrepreneur, writer, programmer and web security specialist. He is the principal author of ModSecurity, the open source intrusion detection and prevention engine for web applications. His book, Apache Security (http://www.apachesecurity.net), is a concise yet comprehensive web security guide for the Apache web server. Ivan is an active participant in the web application security community, officer the Web Application Security Consortium and the leader of the OWASP London Chapter. He works for Breach Security (http://www.breach.com), the leader in the web application firewall market.

< Owning the Business | Infosecurity08 | STRESS: Piattaforma multilayer per l'analisi della sicurezza di applicativi ed apparati di rete >