This presentation from #RomHack2021 introduces the OWASP ModSecurity Core Rule Set Web Application Firewall (CRS). It then introduces the 20 years history of Internet Voting in Switzerland and then explains how the Swiss Post system was secured with the help of OWASP CRS. The presentation links several resources including government reports and an important tuning description by Swiss Post.
Historischer Ueberblick über 20 Jahre E-Voting in der Schweiz mit Schwerpunkten auf Entwicklungen im Jahr 2019, wissenschaftlicher Dialog 2020 und Vernehmlassung zur neuen Regulierung 2021.
The Adventurous Tale of Online Voting in SwitzerlandChristian Folini
Overview over 20 years of online voting in Switzerland, including publication of source code in 2019, collection of signatures for referendum, scientific dialogue, public consultation for new regulation and some bold predictions about the future.
The Adventurous Tale of Online Voting in Switzerland (Usenix Enigma 2021 conf...Christian Folini
The Swiss tale with online voting serves as a typical example of the iterative development of highly critical IT systems and the growing involvement of scientists as a necessary step for a government that is willing to learn from past mistakes.
Switzerland has been experimenting with online voting for over 15 years. Several generations of electronic voting systems have been implemented and almost all of them died along the way because of their profound security problems or when the money ran out.
In 2019, Swiss Post published the source code of its online voting system, the last system that was still in the race. Several highly critical findings were discovered in a matter of weeks and the system was stopped right before the national elections.
In 2020, the government rebooted the process and invited two dozen international researchers into an intense dialogue that lasted several months. The resulting report is the base for the renewed regulation that will pave the way forward in 2021.
This document provides an overview of developments related to the GDPR one year after its enactment. It discusses GDPR enforcement numbers across Europe, key cases that have shaped the interpretation of the law, and an upcoming workshop on applying GDPR principles in practice. Case law discussions include judgments from the CJEU related to Jehovah's Witnesses door-to-door preaching, Facebook fan pages, and online marketing consent. National court cases touched on issues like unfair competition law and whistleblowers.
This document outlines the topics covered in a general informatics course over 6 semesters. It includes sections on internet concepts like networking, browsers, protocols and applications. Potential threats from internet like viruses, hacking and inappropriate content are also discussed. Internet usage statistics on users, reach and speed are mentioned.
Amid mounting criticism of Ireland’s privacy watchdog, top European Commission official Didier Reynders has come to Dublin’s defense, brushing off calls to penalize the country over claims it has failed to uphold Europeans’ privacy rights.
The defense, in a letter to MEPs, comes after lawmakers including Sophie in ‘t Veld and Tineke Strik from the Netherlands and Cornelia Ernst and Birgit Sippel from Germany urged the EU executive to open a disciplinary procedure against Dublin.
Read more: https://bit.ly/302LRao
Semiconductor sales finished 2Q20 with unprecedented weakness in June. Still, strength early in the quarter led to a 10% y/y gain. Memory closed out 2Q20 with strong double-digit growth. Logic was in the high single digits, while Analog and Power was down.
Footprinting is the first step of ethical hacking which involves gathering information about a target network through public sources. It helps identify security vulnerabilities and draw a network map. Various footprinting methods are used including searching online sources like search engines, websites, DNS records, and social media. Footprinting also involves techniques like competitive analysis, email tracking, and monitoring social media for information. The goal is to understand the target's security posture and key areas to focus the ethical hacking efforts.
Historischer Ueberblick über 20 Jahre E-Voting in der Schweiz mit Schwerpunkten auf Entwicklungen im Jahr 2019, wissenschaftlicher Dialog 2020 und Vernehmlassung zur neuen Regulierung 2021.
The Adventurous Tale of Online Voting in SwitzerlandChristian Folini
Overview over 20 years of online voting in Switzerland, including publication of source code in 2019, collection of signatures for referendum, scientific dialogue, public consultation for new regulation and some bold predictions about the future.
The Adventurous Tale of Online Voting in Switzerland (Usenix Enigma 2021 conf...Christian Folini
The Swiss tale with online voting serves as a typical example of the iterative development of highly critical IT systems and the growing involvement of scientists as a necessary step for a government that is willing to learn from past mistakes.
Switzerland has been experimenting with online voting for over 15 years. Several generations of electronic voting systems have been implemented and almost all of them died along the way because of their profound security problems or when the money ran out.
In 2019, Swiss Post published the source code of its online voting system, the last system that was still in the race. Several highly critical findings were discovered in a matter of weeks and the system was stopped right before the national elections.
In 2020, the government rebooted the process and invited two dozen international researchers into an intense dialogue that lasted several months. The resulting report is the base for the renewed regulation that will pave the way forward in 2021.
This document provides an overview of developments related to the GDPR one year after its enactment. It discusses GDPR enforcement numbers across Europe, key cases that have shaped the interpretation of the law, and an upcoming workshop on applying GDPR principles in practice. Case law discussions include judgments from the CJEU related to Jehovah's Witnesses door-to-door preaching, Facebook fan pages, and online marketing consent. National court cases touched on issues like unfair competition law and whistleblowers.
This document outlines the topics covered in a general informatics course over 6 semesters. It includes sections on internet concepts like networking, browsers, protocols and applications. Potential threats from internet like viruses, hacking and inappropriate content are also discussed. Internet usage statistics on users, reach and speed are mentioned.
Amid mounting criticism of Ireland’s privacy watchdog, top European Commission official Didier Reynders has come to Dublin’s defense, brushing off calls to penalize the country over claims it has failed to uphold Europeans’ privacy rights.
The defense, in a letter to MEPs, comes after lawmakers including Sophie in ‘t Veld and Tineke Strik from the Netherlands and Cornelia Ernst and Birgit Sippel from Germany urged the EU executive to open a disciplinary procedure against Dublin.
Read more: https://bit.ly/302LRao
Semiconductor sales finished 2Q20 with unprecedented weakness in June. Still, strength early in the quarter led to a 10% y/y gain. Memory closed out 2Q20 with strong double-digit growth. Logic was in the high single digits, while Analog and Power was down.
Footprinting is the first step of ethical hacking which involves gathering information about a target network through public sources. It helps identify security vulnerabilities and draw a network map. Various footprinting methods are used including searching online sources like search engines, websites, DNS records, and social media. Footprinting also involves techniques like competitive analysis, email tracking, and monitoring social media for information. The goal is to understand the target's security posture and key areas to focus the ethical hacking efforts.
New developments in cyber law - Singapore and beyondBenjamin Ang
New developments in the Computer Misuse and Cybersecurity Act, Singapore; actions by the Personal Data Protection Commission under the Personal Data Protection Act (PDPA); thought on the upcoming Cybersecurity Act 2017
The document discusses cyber security analytics and its importance. It covers topics like cyber threats such as ransomware, malware, social engineering and phishing. It also discusses applications of data analytics in cyber security problems like SMS spam detection, credit card fraud detection, and intrusion detection. For each problem, it describes collecting and preprocessing relevant data and then applying machine learning algorithms like logistic regression, Bayesian classification to build models.
IRJET- Effctive In-House Voting and Implementation using Block-Chain Veri...IRJET Journal
This document discusses the design and implementation of an effective in-house voting system using blockchain verification. The system aims to avoid proxy casting and recasting of votes by integrating Aadhar card linked mobile numbers for OTP generation. Voters can only cast their vote after receiving an OTP on their registered mobile number. The vote details are stored as blocks on the blockchain to ensure security and transparency. The system is designed using Solidity for smart contracts on the Ethereum blockchain and uses MySQL as the backend database. The modular design approach reduces complexity and improves maintainability of the voting application.
Unraveling Ebola One Tweet at a Time: Dynamic Network Analysis of an Ebola-Re...Paragon_Science_Inc
A sample of 2.5M tweets mentioning "Ebola" was collected during November 5-12, 2014. The titles of the 6227 web pages referenced by the tweets were used to cluster the web pages into roughly 100 topics. Then Paragon Science's patented dynamic anomaly detection software (http://www.paragonscience.com/intellectual_property.htm) then identified the top five most-anomalous topics. This research demonstrates how these techniques allow us to focus attention quickly on viral, emerging topics. A video showing an animation of those anomalous topics and the key related web pages for every hour of that week in November 2014 is available at https://www.youtube.com/watch?v=AEQ02hv4Xjw.
This document discusses the WeVerify project, which aims to enhance fact-checking of online information. It describes WeVerify's architecture and various tools it has developed, including a collaborative verification workbench, browser plugins, visual analysis of disinformation networks, a blockchain database of known fakes, analysis of online conversations, image OCR, a COVID-19 misinformation classifier, and ongoing/future work analyzing COVID-19 on social media and developing multilingual and digital assistant capabilities.
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationPECB
This session discusses the top cyber threats for 2020 world-wide, where our presenters will discuss the top security priorities in their states for cybersecurity, followed by a Q/A session at the end of the presentation.
What topics are hot for Chief Security Officers in 2020? Which cyber threats are demanding the most attention for top government cybersecurity leaders? What projects are the U.S. states of Washington and Illinois applying resources to address security priorities? Where next with privacy legislation and implementation of regulations likes the California Consumer Privacy Act (CCPA)?
The webinar covers:
• Top security predictions for 2020 from global security vendors – along with CISO reactions and feedback
• Security trends (in specific areas such as ransomware) seen at the end of 2019 and in the first weeks of 2020
• CISO project priorities from Washington State and the State of Illinois
• Panel discussion of privacy actions and CCPA implementation nationwide
Date: February 19, 2019
Recorded webinar: https://youtu.be/QN35YHEA_4E
The document summarizes several cyber attacks and security issues faced by South Korea between 2003-2014. It describes hacks against the Bangladesh central bank, South Korean companies like KHNP and cyber threats experienced more broadly by South Korea. The government has established a national cybersecurity system coordinated by the Presidential Office to counter continuous cyber attacks, and works to strengthen capacity through strategic plans, education and international cooperation.
20140314 Belgian Senate Judicial action of police on social mediaLuc Beirens
Presentation given in the Belgian Senate on 14 03 2014.
Comparison of classical police investigation methods with the new cyber investigation methods.
Problems and proposals for better cyber investigations
DETECTING AND VERIFYING ONLINE DISINFORMATION:
HOW NLP AND DATA ANALYSIS CAN HELP.
By Carolina Scarton
Youtube link: https://www.youtube.com/watch?v=JPq3WFhbgsY
How consumers use technology and its impact on their lives.robertpresz7
Video representing the consumers' use of technology and it impact on their lives. We're all consumers and technology is a tremendous advantage to our lives but how do we use it and how does in impact us ? You'll learn some of it in this presentation.
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...Black Duck by Synopsys
The Black Duck blog and Open Source Insight become part of the Synopsys Software Integrity blog in early April. You’ll still get the latest open source security and license compliance news, insights, and opinions you’ve come to expect, plus the latest software security trends, news, tips, best practices, and thought leadership every week. Don’t delay, subscribe today! Now on to this week’s open source security and cybersecurity news.
Cyber trust: cornerstone of a digital worldLeonardo
During Cybertech 2016 Andrea Biraghi, Security & Information Systems Division Managing Director, took part at the panel "Leader's Vision in the Cyber Era" presenting Leonardo's view on the cyber business
This document discusses government surveillance programs and civil liberties in the UK. It provides examples of surveillance programs operated by GCHQ and the NSA, such as programs that collect data from social media sites, smartphones, text messages, and more. The document questions whether surveillance is being conducted within proper legal and oversight guidelines, or if it has gone too far and infringed on citizens' privacy and civil liberties. It calls for stronger legal protections and more oversight of surveillance activities.
This document outlines the content and learning objectives for Quarter 1 Module 9 and Quarter 2 Modules 1 and 2 of a Media and Information Literacy course. In Quarter 1 Module 9, students will learn about opportunities and challenges in media and information, and cite an example of how media can affect change. In Quarter 2 Modules 1 and 2, students will define Massive Open Online Courses, describe trends in media/information education, and predict future innovations. The modules cover topics like cybercrime, computer addiction, cyberbullying, and the digital divide. Students are expected to understand these concepts and discuss how cybercrime impacts society and how individuals can be victimized or protect themselves.
How the Tubes are Strangling Their Owners: Consumer Rights Bill 2014Chris Marsden
The document discusses issues around who controls software and digital content updates and downloads. It notes that internet service providers and intermediaries have terms of use that allow them to filter content for security purposes but this could impact net neutrality. The document also discusses a UK law giving consumers rights to refunds for faulty digital downloads, but this does not consider net neutrality implications and could require content providers to more closely monitor consumers' internet connections.
The VBOUT Partner Meeting agenda included product updates on new features like RSS to email triggers and an agency IP pool. Resources discussed the VBOUT Academy training courses and upcoming webinars on email marketing and landing pages. The meeting also provided an open mic section and contact details for the CEO. Managed services were promoted starting at $2,000 per month for limited requests or $3,500 per month for unlimited requests.
Presentation discusses these Internet future developments:
1. Social computing will expand to business
2. Internet access will be ubiquitous
3. The Web will become faster
4. The Web will become smarter
5. Security will improve
6. IT products will morph into services
Internet of Things (IotT) Legal Issues Privacy and Cybersecurity Darek Czuchaj
This document summarizes a seminar on legal issues related to the Internet of Things. It discusses definitions of IoT, categories of data collected, applicable laws around personal data protection, telecommunications, and cybersecurity. It also examines issues around determining data controllers, anonymizing personal data, critical infrastructure regulations, and ownership of IoT-collected business data.
OWASP ModSecurity - A few plot twists and what feels like a happy endChristian Folini
This is about the history and the future of OWASP ModSecurity. The venerable WAF engine was transferred for OWASP in January 2024. This presentation looks back and presents a project plan moving forward.
Crazy incentives and how they drive security into no man's landChristian Folini
Everybody, Blueteam and Redteam players alike, are driven by incentives. Good incentives persuade us to do the right thing and patch our servers. Bad incentives make us eat unhealthy food and follow stupid security practices.
There is a huge resource problem in the IT industry and especially in the security industry. So you would expect people to pay attention to the existing incentives and th incentives they create with their documentation, their awareness trainings, their security reports, etc.
But reality paints a different picture: Bad incentives all around! We see insane security practices eating valuable time and online trainings annoying users, slowly teaching them to become a brainless zombie whenever they hear the keyword "security".
But it's even worse. I've come across incentives that lure companies into creating bad products and I've seen companies create products that incentivize their customers to waste their time and money.
Sometimes the mechanisms are too strong to fight. But sometimes it takes people like you and me to say NO and stand up for real security!
Follow me on a journey and security will never look the same to you again!
More Related Content
Similar to Securing Access to Internet Voting with the OWASP ModSecurity Core Rule Set
New developments in cyber law - Singapore and beyondBenjamin Ang
New developments in the Computer Misuse and Cybersecurity Act, Singapore; actions by the Personal Data Protection Commission under the Personal Data Protection Act (PDPA); thought on the upcoming Cybersecurity Act 2017
The document discusses cyber security analytics and its importance. It covers topics like cyber threats such as ransomware, malware, social engineering and phishing. It also discusses applications of data analytics in cyber security problems like SMS spam detection, credit card fraud detection, and intrusion detection. For each problem, it describes collecting and preprocessing relevant data and then applying machine learning algorithms like logistic regression, Bayesian classification to build models.
IRJET- Effctive In-House Voting and Implementation using Block-Chain Veri...IRJET Journal
This document discusses the design and implementation of an effective in-house voting system using blockchain verification. The system aims to avoid proxy casting and recasting of votes by integrating Aadhar card linked mobile numbers for OTP generation. Voters can only cast their vote after receiving an OTP on their registered mobile number. The vote details are stored as blocks on the blockchain to ensure security and transparency. The system is designed using Solidity for smart contracts on the Ethereum blockchain and uses MySQL as the backend database. The modular design approach reduces complexity and improves maintainability of the voting application.
Unraveling Ebola One Tweet at a Time: Dynamic Network Analysis of an Ebola-Re...Paragon_Science_Inc
A sample of 2.5M tweets mentioning "Ebola" was collected during November 5-12, 2014. The titles of the 6227 web pages referenced by the tweets were used to cluster the web pages into roughly 100 topics. Then Paragon Science's patented dynamic anomaly detection software (http://www.paragonscience.com/intellectual_property.htm) then identified the top five most-anomalous topics. This research demonstrates how these techniques allow us to focus attention quickly on viral, emerging topics. A video showing an animation of those anomalous topics and the key related web pages for every hour of that week in November 2014 is available at https://www.youtube.com/watch?v=AEQ02hv4Xjw.
This document discusses the WeVerify project, which aims to enhance fact-checking of online information. It describes WeVerify's architecture and various tools it has developed, including a collaborative verification workbench, browser plugins, visual analysis of disinformation networks, a blockchain database of known fakes, analysis of online conversations, image OCR, a COVID-19 misinformation classifier, and ongoing/future work analyzing COVID-19 on social media and developing multilingual and digital assistant capabilities.
Top 2020 Predictions: Cybersecurity Threats, Trends, and the CCPA RegulationPECB
This session discusses the top cyber threats for 2020 world-wide, where our presenters will discuss the top security priorities in their states for cybersecurity, followed by a Q/A session at the end of the presentation.
What topics are hot for Chief Security Officers in 2020? Which cyber threats are demanding the most attention for top government cybersecurity leaders? What projects are the U.S. states of Washington and Illinois applying resources to address security priorities? Where next with privacy legislation and implementation of regulations likes the California Consumer Privacy Act (CCPA)?
The webinar covers:
• Top security predictions for 2020 from global security vendors – along with CISO reactions and feedback
• Security trends (in specific areas such as ransomware) seen at the end of 2019 and in the first weeks of 2020
• CISO project priorities from Washington State and the State of Illinois
• Panel discussion of privacy actions and CCPA implementation nationwide
Date: February 19, 2019
Recorded webinar: https://youtu.be/QN35YHEA_4E
The document summarizes several cyber attacks and security issues faced by South Korea between 2003-2014. It describes hacks against the Bangladesh central bank, South Korean companies like KHNP and cyber threats experienced more broadly by South Korea. The government has established a national cybersecurity system coordinated by the Presidential Office to counter continuous cyber attacks, and works to strengthen capacity through strategic plans, education and international cooperation.
20140314 Belgian Senate Judicial action of police on social mediaLuc Beirens
Presentation given in the Belgian Senate on 14 03 2014.
Comparison of classical police investigation methods with the new cyber investigation methods.
Problems and proposals for better cyber investigations
DETECTING AND VERIFYING ONLINE DISINFORMATION:
HOW NLP AND DATA ANALYSIS CAN HELP.
By Carolina Scarton
Youtube link: https://www.youtube.com/watch?v=JPq3WFhbgsY
How consumers use technology and its impact on their lives.robertpresz7
Video representing the consumers' use of technology and it impact on their lives. We're all consumers and technology is a tremendous advantage to our lives but how do we use it and how does in impact us ? You'll learn some of it in this presentation.
Open Source Insight: Securing IoT, Atlanta Ransomware Attack, Congress on Cyb...Black Duck by Synopsys
The Black Duck blog and Open Source Insight become part of the Synopsys Software Integrity blog in early April. You’ll still get the latest open source security and license compliance news, insights, and opinions you’ve come to expect, plus the latest software security trends, news, tips, best practices, and thought leadership every week. Don’t delay, subscribe today! Now on to this week’s open source security and cybersecurity news.
Cyber trust: cornerstone of a digital worldLeonardo
During Cybertech 2016 Andrea Biraghi, Security & Information Systems Division Managing Director, took part at the panel "Leader's Vision in the Cyber Era" presenting Leonardo's view on the cyber business
This document discusses government surveillance programs and civil liberties in the UK. It provides examples of surveillance programs operated by GCHQ and the NSA, such as programs that collect data from social media sites, smartphones, text messages, and more. The document questions whether surveillance is being conducted within proper legal and oversight guidelines, or if it has gone too far and infringed on citizens' privacy and civil liberties. It calls for stronger legal protections and more oversight of surveillance activities.
This document outlines the content and learning objectives for Quarter 1 Module 9 and Quarter 2 Modules 1 and 2 of a Media and Information Literacy course. In Quarter 1 Module 9, students will learn about opportunities and challenges in media and information, and cite an example of how media can affect change. In Quarter 2 Modules 1 and 2, students will define Massive Open Online Courses, describe trends in media/information education, and predict future innovations. The modules cover topics like cybercrime, computer addiction, cyberbullying, and the digital divide. Students are expected to understand these concepts and discuss how cybercrime impacts society and how individuals can be victimized or protect themselves.
How the Tubes are Strangling Their Owners: Consumer Rights Bill 2014Chris Marsden
The document discusses issues around who controls software and digital content updates and downloads. It notes that internet service providers and intermediaries have terms of use that allow them to filter content for security purposes but this could impact net neutrality. The document also discusses a UK law giving consumers rights to refunds for faulty digital downloads, but this does not consider net neutrality implications and could require content providers to more closely monitor consumers' internet connections.
The VBOUT Partner Meeting agenda included product updates on new features like RSS to email triggers and an agency IP pool. Resources discussed the VBOUT Academy training courses and upcoming webinars on email marketing and landing pages. The meeting also provided an open mic section and contact details for the CEO. Managed services were promoted starting at $2,000 per month for limited requests or $3,500 per month for unlimited requests.
Presentation discusses these Internet future developments:
1. Social computing will expand to business
2. Internet access will be ubiquitous
3. The Web will become faster
4. The Web will become smarter
5. Security will improve
6. IT products will morph into services
Internet of Things (IotT) Legal Issues Privacy and Cybersecurity Darek Czuchaj
This document summarizes a seminar on legal issues related to the Internet of Things. It discusses definitions of IoT, categories of data collected, applicable laws around personal data protection, telecommunications, and cybersecurity. It also examines issues around determining data controllers, anonymizing personal data, critical infrastructure regulations, and ownership of IoT-collected business data.
Similar to Securing Access to Internet Voting with the OWASP ModSecurity Core Rule Set (20)
OWASP ModSecurity - A few plot twists and what feels like a happy endChristian Folini
This is about the history and the future of OWASP ModSecurity. The venerable WAF engine was transferred for OWASP in January 2024. This presentation looks back and presents a project plan moving forward.
Crazy incentives and how they drive security into no man's landChristian Folini
Everybody, Blueteam and Redteam players alike, are driven by incentives. Good incentives persuade us to do the right thing and patch our servers. Bad incentives make us eat unhealthy food and follow stupid security practices.
There is a huge resource problem in the IT industry and especially in the security industry. So you would expect people to pay attention to the existing incentives and th incentives they create with their documentation, their awareness trainings, their security reports, etc.
But reality paints a different picture: Bad incentives all around! We see insane security practices eating valuable time and online trainings annoying users, slowly teaching them to become a brainless zombie whenever they hear the keyword "security".
But it's even worse. I've come across incentives that lure companies into creating bad products and I've seen companies create products that incentivize their customers to waste their time and money.
Sometimes the mechanisms are too strong to fight. But sometimes it takes people like you and me to say NO and stand up for real security!
Follow me on a journey and security will never look the same to you again!
Never Walk Alone - Inspirations from a Growing OWASP ProjectChristian Folini
The OWASP ModSecurity Core Rule Set (CRS) was a dormant project, when a group of three developers picked it up in 2016. Today, this open source web application firewall project counts 14 active developers, annual sponsoring of over 40K USD and the rules run on over 100Tbit/s. This presentation explains how the new management took over the project and developed it in three key areas: (1) the code, (2) the developers and (3) the users and partners. The growth of OWASP CRS serves as an example how you can grow and mature your project too.
What’s new in CRS4? An Update from the OWASP CRS projectChristian Folini
Christian Folini presented news and updates about the OWASP ModSecurity Core Rule Set (CRS) project. Some key points included:
- Trustwave announced end of life for their ModSecurity product and a new open source WAF engine called Coraza.
- The CRS documentation was overhauled and a sandbox and private bug bounty program were launched.
- Major changes in CRS v4 include a plugins architecture, early blocking, configurable reporting levels and removing PCRE dependency.
- New rules are being added around SSRF, email protocols, Log4Shell, webshell detection and improved RCE and SQLi detection.
- The CRS v4 release was delayed to fix issues
Extensive Introduction to ModSecurity and the OWASP Core Rule SetChristian Folini
This document outlines an introduction to ModSecurity and the OWASP Core Rule Set (CRS) presented at a security conference. It discusses what a web application firewall (WAF) and ModSecurity are and how the CRS works. The presentation covers key concepts like rule groups, paranoia levels to control false positives, and anomaly scoring. It also demonstrates installing and configuring ModSecurity and the CRS. The document promotes the CRS as a first line of defense against web attacks and provides resources for additional tutorials, courses, and support.
Introduction to ModSecurity and the OWASP Core Rule SetChristian Folini
This document discusses ModSecurity and the OWASP Core Rule Set (CRS). ModSecurity is an open source web application firewall that can be embedded into servers. It uses rules to provide granular control over requests and responses. The CRS is a set of generic rules that can block 80% of common web attacks in its default configuration with minimal false positives. It is organized into different rule groups and has different paranoia levels to control security and false positives. The presentation demonstrates how to install and configure ModSecurity and CRS to provide a first line of defense against web application attacks.
Folini Extended Introduction to ModSecurity and CRS3Christian Folini
This document provides an introduction to ModSecurity and the OWASP Core Rule Set (CRS) presented by Christian Folini. The presentation covers what a web application firewall (WAF) and ModSecurity are, an overview of the CRS including rule groups and paranoia levels, how to install and configure ModSecurity with the CRS, and handling false positives. The goal of ModSecurity and CRS is to provide a first line of defense against web application attacks and block around 80% of attacks with minimal false positives in the default installation.
We have been building castles and fortifications for thousands of years. Many of them were never breached. IT security, on the other hand, is a very young discipline where defense mechanisms have not really stood the test of time and breaches are happening every day.
Looking at historical defense techniques and fortress architectures can therefore serve as an inspiration for strong IT security architectures. This presentation looks at agile and flexible defenses, layered security and whitelisting. None of these concepts are entirely new to the IT security industry. But implementations usually stop with the buzzword or at the network level. This talk brings evidence for the effectiveness of the concepts across the centuries and hopes to help them achieve a breakthrough on all levels.
Furthermore, the talk educates the audience about medieval castles and how the metaphor can be put to use when explaining complicated IT security concepts to non-technical audiences. Again, the metaphor is not new, but people are usually only scratching the surface when they talk of medieval castles and modern servers.
- Trend I: DDoS attacks are increasing in size over time
- Trend II: More attacks are targeting applications instead of just bandwidth or servers
- Trend III: Increased encryption makes defense against DDoS attacks more difficult
- CDNs like Cloudflare play a large role in defending against DDoS attacks and their infrastructure controls much of the internet
- Using local route announcements could guarantee better geographic blocking of attacks but risks balkanizing the internet
- Nation states may fail to protect internet traffic that moves outside their jurisdictions
Christian Folini gave a presentation on optimizing ModSecurity on NGINX and NGINX Plus. Some key points:
- ModSecurity is an open source web application firewall that provides a rule-based system. The OWASP ModSecurity Core Rule Set (CRS) is the default rule set that blocks over 80% of attacks.
- To use ModSecurity with NGINX, one must compile ModSecurity 3.0 and the ModSecurity NGINX connector module, then compile NGINX with the connector. Alternatively, precompiled binaries are available with NGINX Plus.
- Initial optimization steps include adjusting the anomaly threshold, learning to read logs using aliases, and handling false positives by
A General Look at the State of Security - AFCEA 2017Christian Folini
Overview presentation for the participants of the AFCEA Hack conference within AFCEA TechNet 2017 in Stockholm, October 10, 2017.
The overview covers the topics dependency / complexity / interoperability, online crime, digitalisation, spear phishing, manipulation, internet of things, and denial of service.
The CRS is a set of generic attack detection rules for use with ModSecurity or compatible web application firewalls that saw a new major release in November 2016 (3.0 -> CRS3). CRS is the 1st line of defense against web application attacks like those summarized in the OWASP Top Ten and all with a minimum of false alerts.
This talk demonstrates the installation of the rule set and introduces the most important groups of rules. It covers key concepts like anomaly scoring and thresholds, paranoia levels, stricter siblings and the sampling mode. The important handling of false positives is also covered as well as pre-defined lists of rule exclusions for popular web applications helping to avoid false positives.
This presentation was delivered at AppSecEU 2017 in Belfast.
Running ModSecurity with the OWASP ModSecurity Core Rules is hard. A huge wave of false positives drowns sysadmins and logfile servers alike. The upcoming 3.0.0 release of the Core Rules comes with a new paranoia mode. This feature organises the various rules in different paranoia levels. The higher the paranoia level, the more paranoid the rules and the more false positives you will get. However, the default installation gives you a decent security level without too many false positives. This allows for a straight forward ModSecurity setup which is not threatening an existing productive service. Instead you start with a limited set of rules and then you raise the paranoia level step by step to the number that suits the desired security level of your site. In this talk, we will look at the configuration of the paranoia mode. We will look at rules and we will look at ModSecurity defending against popular attack kits at various paranoia levels
Introduction of Cybersecurity with OSS at Code Europe 2024Hiroshi SHIBATA
I develop the Ruby programming language, RubyGems, and Bundler, which are package managers for Ruby. Today, I will introduce how to enhance the security of your application using open-source software (OSS) examples from Ruby and RubyGems.
The first topic is CVE (Common Vulnerabilities and Exposures). I have published CVEs many times. But what exactly is a CVE? I'll provide a basic understanding of CVEs and explain how to detect and handle vulnerabilities in OSS.
Next, let's discuss package managers. Package managers play a critical role in the OSS ecosystem. I'll explain how to manage library dependencies in your application.
I'll share insights into how the Ruby and RubyGems core team works to keep our ecosystem safe. By the end of this talk, you'll have a better understanding of how to safeguard your code.
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...Tatiana Kojar
Skybuffer AI, built on the robust SAP Business Technology Platform (SAP BTP), is the latest and most advanced version of our AI development, reaffirming our commitment to delivering top-tier AI solutions. Skybuffer AI harnesses all the innovative capabilities of the SAP BTP in the AI domain, from Conversational AI to cutting-edge Generative AI and Retrieval-Augmented Generation (RAG). It also helps SAP customers safeguard their investments into SAP Conversational AI and ensure a seamless, one-click transition to SAP Business AI.
With Skybuffer AI, various AI models can be integrated into a single communication channel such as Microsoft Teams. This integration empowers business users with insights drawn from SAP backend systems, enterprise documents, and the expansive knowledge of Generative AI. And the best part of it is that it is all managed through our intuitive no-code Action Server interface, requiring no extensive coding knowledge and making the advanced AI accessible to more users.
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
Monitoring and Managing Anomaly Detection on OpenShift.pdfTosin Akinosho
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
leewayhertz.com-AI in predictive maintenance Use cases technologies benefits ...alexjohnson7307
Predictive maintenance is a proactive approach that anticipates equipment failures before they happen. At the forefront of this innovative strategy is Artificial Intelligence (AI), which brings unprecedented precision and efficiency. AI in predictive maintenance is transforming industries by reducing downtime, minimizing costs, and enhancing productivity.
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on integration of Salesforce with Bonterra Impact Management.
Interested in deploying an integration with Salesforce for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Best 20 SEO Techniques To Improve Website Visibility In SERPPixlogix Infotech
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
In the realm of cybersecurity, offensive security practices act as a critical shield. By simulating real-world attacks in a controlled environment, these techniques expose vulnerabilities before malicious actors can exploit them. This proactive approach allows manufacturers to identify and fix weaknesses, significantly enhancing system security.
This presentation delves into the development of a system designed to mimic Galileo's Open Service signal using software-defined radio (SDR) technology. We'll begin with a foundational overview of both Global Navigation Satellite Systems (GNSS) and the intricacies of digital signal processing.
The presentation culminates in a live demonstration. We'll showcase the manipulation of Galileo's Open Service pilot signal, simulating an attack on various software and hardware systems. This practical demonstration serves to highlight the potential consequences of unaddressed vulnerabilities, emphasizing the importance of offensive security practices in safeguarding critical infrastructure.
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
Trusted Execution Environment for Decentralized Process MiningLucaBarbaro3
Presentation of the paper "Trusted Execution Environment for Decentralized Process Mining" given during the CAiSE 2024 Conference in Cyprus on June 7, 2024.
Public CyberSecurity Awareness Presentation 2024.pptx
Securing Access to Internet Voting with the OWASP ModSecurity Core Rule Set
1. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
Christian Folini / @ChrFolini
Securing Access to
Internet Voting with the
OWASP ModSecurity
Core Rule Set
2. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
Plan for Today
⚫ Intro to the OWASP ModSecurity Core Rule Set
⚫ History of Internet Voting in Switzerland
⚫ Applying ModSec & CRS for maximum security
15. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
Paranoia Level 1: Minimal number of false positives
Baseline protection
Paranoia Level 2: More rules, some false positives
Real data in the service
Paranoia Level 3: Specialized rules, more false positives
Online banking level security
Paranoia Level 4: Crazy rules, many false positives
Nuclear power plant level security
Paranoia Levels
16. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
Paranoia Level 1: Minimal number of false positives
Baseline protection
Paranoia Level 2: More rules, some false positives
Real data in the service
Paranoia Level 3: Specialized rules, more false positives
Online banking level security
Paranoia Level 4: Crazy rules, many false positives
Internet Voting level security
Paranoia Levels
17. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
False Positives (FPs)
• FPs are expected from PL2
• FPs are fought with rule exclusions
• Rule exclusion tutorials at netnea.com
• Rule exclusion software c-rex.netnea.com
• Attend one of my courses via netnea.com
18. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
Summary OWASP Core Rule Set
• 1st
Line of Defense against web application attacks
• Generic set of deny-rules for WAFs
• Blocks >80% of web application attacks by default
• Paranoia Levels can push this in the >95% region
• Granular control over the behavior of the WAF
down to the parameter level
19. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
Voting in Switzerland
Photo: Gian Ehrensberger
20. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
Process Around Swiss Mail-in Ballots
Killer / Stiller : The Swiss Postal Voting Process and its System and Security Analysis
22. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
Typical Swiss Election Ballot
Bonus points for spotting
the content manager
from Butt-ville.
23. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
"We simply can’t build an Internet voting
system that is secure against hacking
because of the requirement for a
secret ballot."
Bruce Schneier, Online Voting Won’t Save Democracy,
The Atlantic, May 2017
Key Argument against Internet Voting
24. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
Arguments in Favor of Internet Voting
The Swiss Perspective
25. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
Arguments in Favor of Internet Voting
The Swiss Perspective
• Citizens living abroad
26. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
Arguments in Favor of Internet Voting
The Swiss Perspective
• Citizens living abroad
• Visually impaired and quadriplegic voters
27. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
Arguments in Favor of Internet Voting
The Swiss Perspective
• Citizens living abroad
• Visually impaired and quadriplegic voters
• Formally invalid ballots
28. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
Arguments in Favor of Internet Voting
The Swiss Perspective
• Citizens living abroad
• Visually impaired and quadriplegic voters
• Formally invalid ballots
• Security issues of physical voting
29. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
The Cantons of Switzerland
Graphic: Wikipedia
30. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
Timeline Internet Voting in Switzerland
2008 2009 2011
2004
2000
1st project
1st Geneva trial
Entering Scytl
Consortium
Steering Board
1st Swiss internet voting project
is launched with three pilot
cantons.
Swiss expats are allowed to vote
via Scytl internet voting system
in canton Neuchâtel.
Federal administration and
cantons establish a joint steering
committee.
Canton Geneva runs the first
Swiss internet voting trial.
Eight Swiss cantons form a
consortium and commission
Swiss branch of American Unisys
with the creation of an internet
voting system.
31. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
2016 2017
2015
2011
Steering Board
Consortium dies
Scytl/Swiss Post join
Mainstreaming attempt
Federal administration and
cantons establish a joint steering
committee.
Spanish Scytl and Swiss Post
form joint venture and go into
production.
The eight consortium cantons
throw towel after federal
administration barrs system
from use in national elections.
The federal chancellor calls for
2/3 of the cantons to offer
internet voting for national
elections in 2019.
Timeline Internet Voting in Switzerland
32. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
Geneva Quits
Source: Twitter: @GE_chancellerie (1141332323025195009)
2018: Development stopped
2019: System terminated
33. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
Timeline Internet Voting in Switzerland
2018 2019
2017
2016
Scytl/Swiss Post join
Mainstreaming attempt
Geneva quits
Source Code Publication
Bug Bounty
Spanish Scytl and Swiss Post
form joint venture and go into
production.
Political quarrels lead to Geneva
stopping all further
development. A year later, the
system is terminated.
The federal chancellor calls for
2/3 of the cantons to offer
internet voting for national
elections in 2019.
Scytl / Swiss Post publish the
source code of their system and
run a 4 week bug bounty.
34. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
Swiss Post Bug Bounty: We got this!
35. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
Swiss Post / Scytl Source Code: Not so good
to be continued ...
36. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
Timeline Internet Voting in Switzerland
2018 2019 2020
2017
2016
Scytl/Swiss Post join
Mainstreaming attempt
Geneva quits
Source Code Publication
Rebooting
Spanish Scytl and Swiss Post
form joint venture and go into
production.
Political quarrels lead to Geneva
stopping all further
development. A year later, the
system is terminated.
The steering board establishes a
dialog with 25 scientists to
assess viability of internet voting
and support with writing new
regulation.
The federal chancellor calls on
2/3 of the cantons to offer
internet voting for national
elections in 2019.
Scytl / Swiss Post publish the
source code of their system.
Researchers identify three
critical vulnerabilities within
weeks. The system is put on
hold.
38. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
Timeline Internet Voting in Switzerland
2020.4 2020.7 2020.11
2020.3
2020.2
Survey
Covid-19 hits
Online dialogue
Additional research
Scientific report
The dialogue starts with a survey
over 62 questions sent to 25
scientists
The workshops are replaced
with a 12 weeks online dialogue
on a dedicated gitlab platform.
The steering board publishes the
70 pages report with the re-
commendations of the scientists.
When the on-site workshops
were slowly taking shape,
Switzer-land entered a lock-
down and the on-site gatherings
had to be called off.
Several separate re-search
articles are commissioned with
individual scientists to bring up
more infor-mation on individual
questions.
2021.12
New regulation
Following the public hearing on
a draft new law, the federal
chancellery is meant to put the
new regulation on internet
voting into practice. Swiss Ppost
has announced to return into
production in 2022.
39. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
Summary Internet Voting in Switzerland
• Switzerland is a useful test bed for online voting
• Iterative process with strict supervision on federal level
• Expert dialogue with recommendations in 2020
• New regulation 2021
• New online voting trials scheduled for 2022
Download English version of scientifc report / expert dialogue from
https://www.bk.admin.ch/bk/en/home/politische-rechte/e-voting.html
40. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
How do you pull this off?
41. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
Swiss Post Documentation
• Transparency Initiative (clear advice by scientific report)
• Guidelines how to deploy and tune OWASP Core Rule Set
• https://gitlab.com/swisspost-evoting/e-voting/e-voting-
documentation/-/blob/master/Operations/ModSecurity-CRS-
Tuning-Concept.md
42. Tune Down to Zero
Absence of False Positives • Trust in Alerts • A Liberating Moment
43. Positive Security Rule Set
Default Deny • List of Allowed Resources • Reduce Attack Surface
45. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
Additional Rule Sets Worth Considering
• Monitoring the flow of the application
• Timing and rhythm
• Client Fingerprinting
46. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
Defenses Beyond ModSecurity
• Application Layer DDoS
• Quality of Service (QoS)
• IP Reputation / DNS Blacklisting
• GeoIP
47. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
Key Elements of a High Security WAF
• OWASP ModSecurity CRS at Paranoia Level 4
• Complementary Positive Security Rule Set
• Application Level DDoS Defense
• QoS
• IP Reputation / DNS Blacklisting
• GeoIP
48. @ChrFolini – Securing Internet Voting – #RomHack2021– 2021-09-25
Questions and Answers, Contact
Contact: @ChrFolini
christian.folini@netnea.com