lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <02E766F69AF6AC48B9CF52ABC0DA11E1018D21B7@MERCEDES.utopiasystems.net>
Date: Sun, 29 Oct 2006 13:03:33 -0500
From: "Ofer Shezaf" <OferS@...ach.com>
To: <bugtraq@...urityfocus.com>
Subject: ModSecurity 2.0, A Core Rule Set and Console now available



It has been a couple of weeks since we released those, but now that
hardcore ModSecurity users have hopefully found all the bugs, I would
like to announce that the ModSecurity project has three new products for
free:

- ModSecurity 2.0, an open source web application firewall, is finally
officially out. The new release is a major rewrite and includes XML
support, event correlation, transaction scoring, anomaly detection, data
persistence, wealth of anti-evasion functions, regex back-references,
support for sessions, and many more. 

- ModSecurity Core Rule Set is a 1st shot at giving a base protection
out of the box to ModSecurity users. ModSecurity is an application
security engine, but it requires rules to actually provide protection.
The core rule set enables immediately deployment of ModSecurity and is
available under GPL license and supports ModSecurity 2.0.

- ModSecurity console is a web based event aggregator for ModSecurity
that enables you to collect events from multiple ModSecurity
installation, view the events and generate reports based on them. It is
available for free for up to 3 sensors.

All products are available on the ModSecurity web site at
www.modsecurity.org. Support for all these products on a best effort
base from the Community and from Breach Security through the ModSecurity
mailing list.

~ Ofer Shezaf


Ofer Shezaf
CTO, Breach Security

http://www.modsecurity.org
http://www.breach.com
ofers@...ach.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ