[Owasp-modsecurity-core-rule-set] Rule evaluation framework

Christian Folini christian.folini at netnea.com
Mon Mar 28 04:46:49 UTC 2016

Good morning everyone,

Walter Hop has assembled a big list of ideas worth considering when
assessing a single core rule set rule. The list is one of the results of
many, many conversations around the paranoia mode and around
issues pending on github.

I invite you all to take a look and try and think of additional
considerations worth adding:

When talking about the merits of a rule in the future, we can go
through this document like a checklist and decide on that base
afterwards. It makes all the decisions more transparent - and more

This list is awesome!



mailto:christian.folini at netnea.com
twitter: @ChrFolini

More information about the Owasp-modsecurity-core-rule-set mailing list