Core Rule Set
@CoreRuleSet
Followers
1K
Following
410
Media
77
Statuses
554
CRS3→CRS4 migration made easy! 🚀 🧩 New GPL plugin lets you: • Run CRS4 in monitor mode over CRS3 • Weed out false positives • Gradually enable blocking or sampling https://t.co/7UdYMqzN1X
#OWASP #CRS #Security
github.com
Contribute to netnea/netnea-crs-upgrading-plugin development by creating an account on GitHub.
0
1
3
🚀 OWASP CRS v4.20.0 is out! ✨ New: Enhanced file restrictions, PrestaShop/Magento configs, Expect header blocking 🛠️ Multiple fixes reducing JSON false positives + better detection 👉 https://t.co/3ZF1uM80d4
#OWASP #CRS #WebSecurity #AppSec
github.com
What's Changed 🆕 New features and detections 🎉 feat: update restricted file extensions by @EsadCetiner in #4287 feat(930120): adding conf file for PrestaShop 1.6 / 1.7 / 8+ & Magento 2 by ...
0
2
2
CRS will have its second community call on September 22, from 20:30 to 21:30 CEST (18:30 UTC / 2:30 p.m. ET) and will be moderated by former CRS co-leader Christian Folini. Check more details and register here:
luma.com
A video call where the CRS dev team gets to meet their community face-to-face. A place for information exchange and questions for both newbies and experienced…
0
4
7
A critical vulnerability in Microsoft Sharepoint was recently discovered, allowing remote code execution -- in many cases, leading to persistence for the attackers, exfiltration of data, and more. Users of CRS were already covered from day zero using PL2.
0
3
6
CRS will have its first community call on March 17, from 20:30 to 21:30 CET (19:30 UTC / 2:30 p.m. ET) and will be moderated by former CRS co-leader Christian Folini. Register here: https://t.co/Ib7AXFzipX
0
3
7
A somewhat diminished OWASP CRS core team at the annual developers retreat / the @owasp project summit 2024 in Woburn Forest (group photo without squirrels and deer).
0
2
7
Meet the CRS team: Whether it's work or hobbies, Max – the Kiwi-German software developer from the Swiss Alps – wants to enjoy what he does. For him, the most important thing about the CRS project is the people. Read his portrait: https://t.co/OWoDltZgMm
0
0
3
We are excited to announce United Security Providers as Gold Sponsor of @CoreRuleSet. USP has been using CRS for a long time as an important component of its web access management solution. Support from sponsors is of great importance for the CRS project. https://t.co/qOzzQvw4t3
1
1
5
New versions of ModSecurity have been released, see the blog post: https://t.co/REgpCjQ2D2
0
8
11
Thank you, United Security Providers, for supporting the @CoreRuleSet as new GOLD sponsor! The specialist for application and network security has been using CRS for a long time. Support from sponsors like @uspag is of great importance for open-source projects like CRS. #crs #WAF
Wir sind stolz darauf, als Goldsponsor das OWASP CRS-Projekt zu unterstützen! 🚀 Unsere Entwickler tragen aktiv zur Weiterentwicklung bei und stärken die Open-Source-Community. Hier geht's zur Pressemitteilung: https://t.co/RWZ1dja2gj
#CyberSecurity #OWASP #CRS #OpenSource
0
2
7
The CRS project has released version 4.6.0 for CRS 4 and version 3.3.6 for CRS 3. The new releases tackle two multipart file upload bypass methods. All users are requested to update to the new releases. Read more and get the new releases: https://t.co/mnwxjirzWw
0
5
11
Congratulations to @CoreRuleSet co-lead Felipe Zipitría, winner of this year's WASPY Award! "Project Person of the Year" – you earned it. Don't know Felipe? Read here: https://t.co/23GLjgEPq5 Congrats to the other winners Martin Knobloch and Shruti Kulkarni. And thanks to @owasp!
coreruleset.org
As a South American, Felipe Zipitría has a special status in the CRS core team. The sociable Uruguayan played basketball which taught him all about the value of teamwork. Automation and standardiza...
🎉 Exciting news! The 2024 OWASP WASPY Awards winners are here! Big thanks to all candidates for their dedication to the Foundation. 🏆 Chapter Person of the Year: Martin Knobloch 🏆 Event Person of the Year: Shruti Kulkarni 🏆 Project Person of the Year: Felipe Zipitria
0
3
6
An era comes to an end. On July 1, @Trustwave's support for #ModSecurity ends: https://t.co/xNAh68sXJU But don't worry, as @owasp has taken over further development of the web application firewall early this year. You can find ModSec's new home here:
owasp.org
The OWASP CRS is a set of generic attack detection rules for use with ModSecurity or compatible web application firewalls. The CRS aims to protect web applications from a wide range of attacks,...
0
1
0
The registration for the #OWASP CRS (@CoreRuleSet) community summit on Wednesday June 26 in Lisbon is open. Free tickets, food and drinks throughout the day. https://t.co/icFk0bbvWw This is next door to the OWASP AppSec conference happening the same week.
coreruleset.org
We had previously announced the date and the location of our 2024 community summit. But it’s about time to start the formal registration so we can finalize our planning. We’re meeting in the on...
0
4
5
The registration for the #OWASP CRS / @CoreRuleSet Community Summit in Lisbon on Wednesday June 26 is open. This is next to the OWASP AppSec conference the same week and just across the street. https://t.co/icFk0bbvWw
coreruleset.org
We had previously announced the date and the location of our 2024 community summit. But it’s about time to start the formal registration so we can finalize our planning. We’re meeting in the on...
0
1
3
The #OWASP @ModSecurity is meeting in person for the first time. It's your chance to join and to meet the developers - or become one yourself.
Please save the date: we would like to organize a mini-event on June 5, 2024, where we can meet everyone in person and discuss future tasks. The venue is Leuven, Belgium - the exact location has yet to be determined. We will meet around 13:00 and will leave about 18:00.
0
0
6
Meet the CRS team: Programming and entrepreneurship run in Jozef Sudolsky's family. When not working for his company or the @CoreRuleSet, he's in the gym or his garden. His office is his daughter's playroom. Read the portrait: https://t.co/wuaFI1IEkT
#waf #crs #itsecurity #owasp
0
2
5
From the last @CoreRuleSet meeting: The team doesn't think it has the resources to maintain a fully hardened Apache/ModSecurity/CRS container. We'll fix a few things but probably leave a lot of the non-hardened settings on default. Agenda and decisions:
github.com
This is the Agenda for the two Monthly CRS Chats. The general chat is going to happen on https://owasp.slack.com in the channel #coreruleset on Monday, 2024-04-01, at 20:30 CET. That's the 1st ...
0
1
4
Save the date: @CoreRuleSet will hold its Community Summit the day before @owasp Global AppSec Conference in Lisbon. Users, developers, integrators, and sponsors will meet on June 26 for talks, drinks, and networking. https://t.co/SuAhQBZkkV
#crs #waf #firewall #cybersecurity
coreruleset.org
The CRS project will once again hold its Community Summit the day before OWASP’s Global AppSec Conference – this year in the capital of Portugal. The whole CRS community – users, developers, integr...
0
3
4