LASCON 2017 has ended
View analytic
Friday, October 27 • 1:00pm - 2:00pm
Core Rule Set for the Masses: Lessons from taming ModSecurity rules at massive scale

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.

Everyone who has used, or attempted to use, OWASP ModSecurity Web Application Firewall knows something about fine-tuning rules. ModSecurity Core Rule Set (CRS) was designed to catch more, show more and let you decide what to do with security alerts. It is a time consuming -- and often frustrating -- exercise to analyze alerts, separating the wheat from the chaff, and determine which are candidates for blocking. 


With thousands of servers at more than 100 locations, Verizon Edgecast CDN is one of the world’s largest deployment of OWASP Core Rule Set. We will share our experience in fine-tuning the CRS for a large number of customers, adjusting to their taste in risk and attitude toward false positives. We will discuss lesser used features of ModSecurity to cut down noise levels in alerts, sometimes as much as 90%. We will also discuss our experience in moving from CRS 2.2.9 to 3.0 which was released in late 2016. 


We hope that the audience will walk away with understanding benefits of using the venerable web application firewall with the latest enhancements and issues to consider to get the most out of it. Ultimately, we hope that our experience will make your task of fine-tuning the CRS a little easier.

avatar for Tin Zaw

Tin Zaw

Director, Security Solutions, Verizon
Tin Zaw has served as Verizon Digital Media Services’ director of global security solutions since 2015. He and his team provide managed and professional security services protecting their clients' web properties from exterior threats from the internet. He launched the services during... Read More →

Friday October 27, 2017 1:00pm - 2:00pm
Red Oak Ballroom

Attendees (8)