Later this month I will be presenting a free webcast on ModSecurity and how we can make better use of it. This is going to be very close to the presentation that I gave at MIRcon 2013. Some of the ideas that we’ll cover are from what we’ve been calling Tactical Security Ops. In this case, we’ll be focusing on getting up to speed on ModSecurity and using that to our advantage.
The webcast is scheduled for the afternoon of January 23. Information about the webcast is below and you can register at http://ow.ly/slp6N.
Date and Time
Thursday, January 23, 2014 3:00 PM – 4:00 PM EST
ModSecurity is web application firewall module for the Apache, IIS and Nginx web servers and if used properly can provide an enormous amount of detail (beyond the default web server logs) about what attackers are doing against a web server. In this presentation Jason Wood will get attendees familiar with ModSecurity, how it works, what the log formats are, the detection rules available to us and analyzing the data it provides to us. Jason Wood will also discuss strategies for baiting attackers into making themselves stand out from the normal noise of the Internet. This presentation will get attendees more familiar with ModSecurity and prepare them to customize the configuration and rules for their environments.
Jason Wood is a Senior Security Consultant at Secure Ideas. If you are in need of a penetration test or other security consulting services you can contact him at firstname.lastname@example.org or visit the Secure Ideas – Professionally Evil site for services provided.