On This Page

Tactical Defense with ModSecurity

Josh Amishav-Zlatin | July 22-23



Overview

Do you want to stop web based attacks in real-time rather than finding a backdoor after you have been compromised? Do you want to protect your own web apps from advanced threats? Ever want to add active defenses with real-time response capabilities to your web applications? This course will teach you how to achieve all of these goals. News of web application hacks are reported on a daily basis. This is because developers often do not have the time or skills to focus on security. Although the defensive techniques covered in this course can be applied through various technical means, we will focus on implementing them using ModSecurity, the extremely popular open source web application firewall toolkit. This two-day boot-camp training is designed for people who want to quickly learn how to defend their web applications. The course will cover topics such as the powerful ModSecurity rules language, extending functionality via the embedded Lua engine, and managing suspicious events via AuditConsole. Documented hands-on labs help students understand the inner workings of ModSecurity and how to deploy it securely. By leveraging the flexibility within ModSecurity, attendees will be able to write effective rules to mitigate complex web vulnerabilities.

Who Should Take this Course

Web defenders, Pen Testers and System Administrators

Student Requirements

See the "What Students Should Bring" section

What Students Should Bring

A working laptop with the following hardware/software requirements:
  • Laptop capable of a 64-bit VMWare image.
  • VirtualBox installed
  • MINIMUM 1GB RAM required.
  • 10 GB free Hard disk space
  • USB 2.0 port to copy lab VMs


What Students Will Be Provided With

  • VM
  • Slides
  • Labs and solutions

Trainers

Josh Amishav-Zlatin is a security researcher focused on exploit development, penetration testing and web application defense. At his day job, he develops customized exploits based on the Nmap Script Engine to help clients integrate continuous security checks within their networks. Josh also develops specialized Modsecurity rulesets to quickly patch vulnerabilities discovered during pen testing engagements. He has over 15 years of experience in the IT security industry, working with both financial and government clients to help secure their critical applications.