Christian Folini
Christian Folini
@airween could you review and merge this, please? I am no loner eligible after the update.
Interesting discussion. OWASP CRS co-lead here, I'm one of the friends of @jptosso and @jcchavezs. I think @mbuckbee is spot on what false positives can mean in operation. You can...
The first informal attempt to move away from SecLang I saw was a paper by Ivan Ristić around 2008. So yes, this makes sense, but don't hold your breath. Patching...
I've heard the term "next generation / AI based" WAF for the first time in 2007. There will come the day when this idea really works, but until then, AI...
Thank you for starting to write things up. I'm starting to understand. Yet it's far from complete. So what do you want to do with these IP ranges and UAs....
I do not like the example in 905110 very much, but at least it's limited to 127.0.0.1. I do not see us disabling rules by default based on data that...
That's why I was reluctant yesterday and what I am reading here makes me nervous. I do not want attackers to come up with a Burp pluginthat probes user-agents automatically...
Let me iterate this: The examples in 905 disable the rule engine completely. I think this is very dangerous, but it is limited to requests from 127.0.0.1 and you can't...
Thank you. Much better now.
I'm reopening this. I really think we should do this.