[Owasp-modsecurity-core-rule-set] CRS Documentation Effort

Ryan Barnett RBarnett at trustwave.com
Mon Nov 15 10:52:45 EST 2010


Greetings everyone,
We (Trustwave SpiderLabs) are planning to work on the CRS documentation - http://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project#tab=Documentation

If you want to help in the effort, please let me know.  One of the first items we will be focusing on is to create the Rule ID documentation pages.  These pages will follow the Rule ID template listed here -
http://www.owasp.org/index.php/ModSecurity_CRS_Rule_Description_Template

If you have any comments about the Rule ID Templates (are we missing any important items, etc...), please let me know.

I will be sending out individual emails when each Rule ID documentation template is created.  The email will contain the Rule ID in the Subject line so that we can better track the discussions.  One of the big items that we want to get a better handle on is the False Positive (FP) rates of individual rules.  If you are running into a FP with a specific rule we are discussing, please let us know why it as a FP – so that we can fix the issue.

Keep an eye our for these emails!

-Ryan




More information about the Owasp-modsecurity-core-rule-set mailing list