[OWASP-Switzerland] Fwd: OWASP Switzerland Meeting - Wednesday, August 16th 2017

Robert Schneider robert.schneider at owasp.org
Sun Jul 23 12:58:34 UTC 2017


Hi everyone,


I’d like to invite you to our next OWASP Switzerland meeting. If you want
to attend, please make sure to *register* for the event through the Meetup
registration
<https://www.meetup.com/de-DE/OWASPSwitzerland/events/241771446/>. Seats
are limited.



*Introducing the OWASP ModSecurity Core Rule Set 3.0*



*Topic*

The CRS is a set of generic attack detection rules for use with ModSecurity
or compatible web application firewalls that saw a new major release in
November 2016 (3.0 -> CRS3). CRS is the 1st line of defense against web
application attacks like those summarized in the OWASP Top Ten and all with
a minimum of false alerts.

This talk demonstrates the installation of the rule set and introduces the
most important groups of rules. It covers key concepts like anomaly scoring
and thresholds, paranoia levels, stricter siblings and the sampling mode.
The important handling of false positives is also covered as well as
pre-defined lists of rule exclusions for popular web applications helping
to avoid false positives.


*Speaker*

Christian Folini is a partner at netnea AG in Berne, Switzerland. He holds
a PhD in medieval history and enjoys defending castles across Europe.
Unfortunately, defending medieval castles is no big business anymore and
Christian turned to defending web servers which he thinks equally
challenging. With his background in humanities, Christian is able to bridge
the gap between techies and non-techies. He brings more than ten years
experience in this role, specialising in Apache / ModSecurity
configuration, DDoS defense and threat modeling.

Christian is a frequent committer to the OWASP ModSecurity Core Rules
project, vice president of Swiss Cyber Experts (a public private
partnership), program chair of the Swiss Cyber Storm conference and many
other things.


*When*

Wednesday, August 16th 2017


*Where*

Tbd: but in Zürich ;)


*Agenda*

17:30 - Doors will open

18:00 - Welcome and short introduction

18:20 - Talk and Q&A

19:30 - Dinner


*Who*

As usual, all our meetings are open to everyone and free of charge.


*Afterwards*

If you still would like to grab a bite afterwards, simply stay a little
longer after the meeting and we will form up a group of hungry and
discussion-friendly people. ;)



Look forward to seeing you there. :)


Regards,

Rob




*Btw. Save the date*

Monday, October 16th 2017 - DevOps
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-switzerland/attachments/20170723/4c245aa4/attachment.html>


More information about the Owasp-Switzerland mailing list