OWASP has just announced that my 2-day ModSecurity Virtual Patching Workshop training class as part of AppSecDC 2012 is online - https://www.owasp.org/index.php/OWASP_AppSec_DC_2012/Training/Virtual_Patching_Workshop
In this training, we will walk through the theory of Virtual Patching – when, where and how to best use it. We will be working through the "Virtual Patching: Best Practices" document and even be updating it as we go with feedback. We will then have hands-on labs where our goal will be to virtually patch as many of the OWASP WebGoat vulnerabilities as possible. We will also cover topics such as automatic virtual patch creation from web app scanner output (with a lab). Let me know if you have any questions or comments. I hope you will join me for this in-depth workshop! -- Ryan Barnett Senior Security Researcher Trustwave - SpiderLabs www.trustwave.com ________________________________ This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is STRICTLY PROHIBITED. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format. _______________________________________________ Owasp-modsecurity-core-rule-set mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set
