Corporate Social Responsibility | Business Wire | PR NewsWire | Marketwire | Realwire | ACN/JCN newswire | 247pressrelease | PRWeb

Breach Security Facilitates Community Testing of ModSecurity Core Rule Set with Launch of Demonstration Testing Page

CARLSBAD, Calif. - 
      Breach Security, Inc., the leader in web application integrity, security 
      and PCI compliance, today announced it is advancing its ModSecurity 
      product by facilitating unprecedented community collaboration and 
      independent testing of the OWASP ModSecurity Core Rule Set (CRS) P
Posted : Mon, 09 Nov 2009 13:17:07 GMT
Author : Breach Security, Inc.
Category : Press Release
News Alerts by Email ( click here )
Press Release News | Home
CARLSBAD, Calif. - (Business Wire) Breach Security, Inc., the leader in web application integrity, security and PCI compliance, today announced it is advancing its ModSecurity product by facilitating unprecedented community collaboration and independent testing of the OWASP ModSecurity Core Rule Set (CRS) Project data by users.

ModSecurity is a web application firewall engine that requires rules to operate most effectively. The CRS is based on generic rules that provide protection from zero-day and unknown vulnerabilities often found in web applications, which are typically custom-coded and difficult to secure. The open source ModSecurity CRS is provided free to the public and has recently become an official OWASP Project with Breach Security Labs as the sponsor. As with any signature-based security application, constant testing and updates are essential. To help facilitate easier community testing of the CRS, Breach Security has released a demonstration testing page at http://www.modsecurity.org/demo/modsecurity-demo.html.

This page will allow users to send attack data through a live ModSecurity/CRS installation in order to identify any evasion issues. If a user identifies an issue, they can notify Breach Security personnel by either submitting a bug report ticket or by sending an email to the OWASP ModSecurity CRS mail-list.

“Breach Security is in a unique position in the web application firewall industry,” said Ryan Barnett, director of application security research for Breach Security, ModSecurity community manager and OWASP ModSecurity Core Rule Set project leader. “Having an open source product such as ModSecurity in our portfolio allows us to expose our security rules to the public for quality assurance and testing purposes in ways that other security vendors cannot. We want to leverage the global pool of outstanding web application security experts to help test ModSecurity to make it a better tool for the community at large.”

Benefits of providing the demonstration testing page include:

  • The Core Rule Set will be tested by pen-testing specialists who are experts in breaking into web applications and evading security filtering devices.
  • Breach Security is lowering the barrier for testing by not requiring community testers to install the software themselves.
  • Breach Security is expediting the identification and reporting steps, which shorten the fix cycle.
  • Signature improvements will be leveraged back into the entire Breach Security product line.

About Breach Security

Breach Security, Inc. is the leading provider of real-time, continuous web application integrity, security and compliance that protects sensitive web-based information. Breach Security’s products protect web applications from hacking attacks and data leakage, and ensure applications operate as intended. The company’s products are trusted by thousands of organizations around the world, including leaders in finance, healthcare, ecommerce, travel and government. For more information, please visit www.breach.com.

Schwartz Communications
Jill Reed or Clinton Karr, +1-415-512-0770
breachsecurity@schwartz-pr.com


Copyright © 2008 Business Wire. All rights reserved.
Share/Save/Bookmark

Article : Breach Security Facilitates Community Testing of ModSecurity Core Rule Set with Launch of Demonstration Testing Page
Print this article
Share this article

Stay Updated

News gadget on your Google homepage
Subscribe to a news feed in Google Reader



Related News

Research and Markets: An Essential Report on LTE in the Americas
DUBLIN - Research and Markets (

Abraaj Capital Group Acquires Leading VC Firm Riyada to Spearhead New SME Platform
DUBAI, UAE, November 24 /PRNewswire/ -- Abraaj Capital Group announces that it agreed to acquire all of Riyada Ventures the leading venture capital firm in the MENA region. The acquisition is at the core of a major new push by Abraaj into the small and me...

Research and Markets: 2009 Plimsoll Analysis - Mortgage Brokers - a Comprehensive Profile of 369 Companies Operating in the UK Market
DUBLIN - Research and Markets (

Seoul to Host FIS Snowboard World Cup Big Air Competition in December
SEOUL, South Korea, Nov. 24 /PRNewswire-Asia/ -- Seoul will host the FIS Snowboard World Cup Big Air Competition in December for the 2009-2010 season. The final decision on host city selection was made in late September at the FIS gen...

Google SEO Company Provides 10% Discount on Press Release Service and Free SEO Services
BOULDER, CO -- 11/24/09 -- Throughout December, Google

Tata Communications and Middle Eastern Operators Launch Strategic Gulf Cable Project
MUMBAI, India, November 24 -- - New TGN-Gulf Cable System Will Connect the Region Directly to India and to the Rest of the World Tata Communications, a leading provider of a new world of ...

Research and Markets: Analyzing the Renewable Energy Industry in Australia
DUBLIN - Research and Markets (

Have your Say
Name
Email
Subject
Your Comment

Enter Verification code
 
  

 
Follow The Earth Times
Subscribe to RSS Follow Earth Times on TwitterNews by email
Share/Save/Bookmark
 
 



 
Subscribe to free Earthtimes
News Alerts by Email Click here
For RSS Feeds Click here
or Create your own RSS

Add to Google Toolbar
Breaking News
Press Releases

 


The Earth Times
News Category

© 2009 www.earthtimes.org, The Earth Times, All Rights Reserved | Privacy Policy
Earth Times accept no responsibility or liability either directly or indirectly for views or opinions expressed in articles or comments.