[Owasp-modsecurity-core-rule-set] Documenting Attack Detection Methods
ryan.barnett at breach.com
Tue Mar 23 11:30:52 EDT 2010
I wanted to send a note to the list to ask for comments on an idea. I was thinking that
on the OWASP CRS project site -
http://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project - that we
need to have better documentation that explains how the CRS detects certain attack
categories such as SQL Injection, XSS and RFI.
Would that be helpful to users?
If so, what I would like to do is to try and tackle each topic one by one as a discussion
item on the mail-list. Once we have all had a chance to discuss, then I will update the
CRS Project site with the consensus data.
More information about the Owasp-modsecurity-core-rule-set