Teaching your WAF new tricks

Presented at THOTCON 0x4 (2013), April 26, 2013, 5:30 p.m. (50 minutes).

This isn't your uncle's "what's a WAF" talk, I'll be covering as many cool tricks and advance topics related to deploying Web Application Firewalls. I will show you how to write custom scripts using lua and mod_security, and give first hand experiences of how I used scripting with a WAF to put the security team at my previous job ahead of the game when dealing with web app attacks. I will be including the source code for these example scripts which can be used to provide automatic incident response, counter-intelligence and more.

Presenters:

• Robert Rowley
  A Security Researcher for Trustwave SpiderLabs, and part of the California security scene for the past decade. Previous to my work with SpiderLabs I worked as the security architect for a shared hosting company (who managed the web application firewall configuration for all 1mil+ websites hosted on the network).

Similar Presentations:

• ToorCon San Diego 14 (2012) / Teaching your WAF new tricks
• CircleCityCon 8.0 (2021) Virtual / My AWS WAF Deployment Odyssey
• DeepSec 2018 „I like to mov &6974,%bx“ / Building your Own WAF as a Service and Forgetting about False Positives