ApacheCon is a week of open source goodness straight from the
source of the Apache Software Foundation, featuring 15 intense
training classes over two days followed by three days of more
than 50 sessions by the creators of open source software such
as the Apache webserver, Tomcat, Lucene, Wicket and more.
Have a Question?
Questions about the program? Interested in
becoming a sponsor?
Please contact the event planners if you have
any questions. We look forward to seeing you in Amsterdam!
Web Intrusion Detection with ModSecurity
Intrusion detection is a well-known network security technique -- it introduces monitoring and correlation devices to networks, enabling administrators to monitor events and detect attacks and anomalies in real-time. Web intrusion detection does the same but it works on the HTTP level, making it suitable to deal with security issues in web applications. This session will start with an overview of web intrusion detection and web application firewalls, discussing where they belong in the overall protection strategy. The second part of the talk will discuss ModSecurity and its capabilities. ModSecurity is an open source web application firewall that can be deployed either embedded (in the Apache HTTP server) or as a network gateway (as part of a reverse proxy deployment). Now in it's fifth year of development, ModSecurity is mature, robust and flexible. Due to its popularity and wide usage it is now positioned as a de-facto standard in the web intrusion detection space.