Beyond Apache: ModSecurity for IIS/Nginx is Coming
来源:互联网 发布:软件项目付款比例 编辑:程序博客网 时间:2024/06/15 17:27
The Trustwave SpiderLabs Research Team is proud to announce that, through a collaboration with theMicrosoft Security Response Center (MSRC) Team and community member Alan Silva (@AlanJumpi), we will be releasing ModSecurity versions for both the Microsoft Internet Information Services (IIS) and open sourceNginx web server platforms at the Blackhat USA conference next week. With these ports, ModSecurity is now available for thetop three web server platforms on the Internet (Apache, IIS and Nginx account for approximately 86% of web server platforms).
Benefits of this porting projection include:
- Expedited Virtual Patching: Through its participation in theMicrosoft Active Protections Program (MAPP), Trustwave is able to quickly provide virtual patches for vulnerabilities identified within IIS or ASP/ASP.Net software. These virtual patches are available in theTrustwave SpiderLabs commercial ModSecurity Rules Feed. We currently have more than 1400 virtual patches for IIS/Asp/Asp.Net vulnerabilities.
- Embedded WAF Deployment Model Option: Deployment of an Apache reverse proxy server in front of IIS web servers is no longer required to gain ModSecurity protection.
- High Performance Reverse Proxy WAF Architecture: For those users who want to leverage a reverse proxy architecture, they can now use the highly performant Nginx platform.
In support of this announcement, Greg Wroblewski of Microsoft’s Security Response Center (MSRC) and Ryan Barnett of Trustwaves SpiderLabs Research Team will be presenting “ModSecurity as Universal Cross-Platform Web Protection Tool” (Wednesday July 25th at 2:15 pm) and giving live demonstrations as part ofArsenal Tools demos (Pod 2 - Wednesday July 25th at 3:30 pm and Thursday July 26th at 10:15 am) at the Blackhat USA 2012 security conference.
- Beyond Apache: ModSecurity for IIS/Nginx is Coming
- ModSecurity for Nginx
- ModSecurity for Nginx
- [转]ModSecurity for Apache 1.8.7 用户手册
- ModSecurity for Apache 1.8.7 用户手册
- Announcing the availability of ModSecurity extension for IIS
- nginx增加modsecurity模块
- nginx 安装modsecurity
- Apache安装配置ModSecurity
- A Storm is coming: more details and plans for release
- iis apache nginx解析漏洞
- Ubuntu 12.04 Precise LTS: Install ModSecurity for Apache 2 web server
- Apache安全:安装启用 ModSecurity
- Vitria is coming…
- My Birthday Is Coming
- My blog is coming!
- Spring is coming...
- Eclipse 3.2 is coming.
- Announcing the availability of ModSecurity extension for IIS
- JAVA中String类和StringBuffer类的区别
- CyanogenMod 10 (UNOFFICIAL) for Galaxy Tab 2 10.1 WiFi (P5110) ~ 0815
- Python基础教程——1基础知识
- Codeforces Round #130 (Div. 2)
- Beyond Apache: ModSecurity for IIS/Nginx is Coming
- 路漫漫其修远兮,吾将上下而求索——学习是一个过程
- 反思~这一年
- Android学习笔记(四)View和Layout
- Maven添加本地依赖
- HTExploit blackhat
- owasp Xelenium xss scanner
- applicationContext-common.xml
- The 2012 Web Application Scanner Benchmark has been Published