ModSecurity 2.0, A Core Rule Set and Console now available
It has been a couple of weeks since we released those, but now that
hardcore ModSecurity users have hopefully found all the bugs, I would
like to announce that the ModSecurity project has three new products for
free:
- ModSecurity 2.0, an open source web application firewall, is finally
officially out. The new release is a major rewrite and includes XML
support, event correlation, transaction scoring, anomaly detection, data
persistence, wealth of anti-evasion functions, regex back-references,
support for sessions, and many more.
- ModSecurity Core Rule Set is a 1st shot at giving a base protection
out of the box to ModSecurity users. ModSecurity is an application
security engine, but it requires rules to actually provide protection.
The core rule set enables immediately deployment of ModSecurity and is
available under GPL license and supports ModSecurity 2.0.
- ModSecurity console is a web based event aggregator for ModSecurity
that enables you to collect events from multiple ModSecurity
installation, view the events and generate reports based on them. It is
available for free for up to 3 sensors.
All products are available on the ModSecurity web site at
www.modsecurity.org. Support for all these products on a best effort
base from the Community and from Breach Security through the ModSecurity
mailing list.
~ Ofer Shezaf
Ofer Shezaf
CTO, Breach Security
http://www.modsecurity.org
http://www.breach.com
ofers@xxxxxxxxxx