Application Analysis with ModSecurity

Focused View

Michael Edie

24:00

97 View

Exercise Files

modsecurity-application-analysis.zip

Module 1 - Course Overview (Tool Introduction)

1. Course Overview.mp4

01:44

Module 2 - Detection with ModSecurity

1. What Is ModSecurity.mp4

04:06

2. Demo - Using the OWASP Core Rule Set (CRS).mp4

06:07

3. Demo - Detect and Block SQL Injection Attacks.mp4

03:22

4. Demo - Detect and Block Directory Traversal Attacks.mp4

03:28

5. Demo - Detect and Block Credential Stuffing Attacks.mp4

03:58

Module 3 - Resources

1. ModSecurity Resources.mp4

01:15

Description

ModSecurity is an open source, cross platform web application firewall (WAF) engine. In this course, you will learn to Analyze Applications using ModSecurity.

What You'll Learn?

As defenders, we must contend with targeted and opportunistic attacks against web infrastructure. We need a way to mitigate these attacks while maintaining global availability of enterprise web services. In this course, Application Analysis with ModSecurity, you'll cover how to utilize ModSecurity to secure a live enterprise environment. First, you'll learn how to use the Open Web Application Security Project (OWASP) Core Rule Set (CRS). Next, you'll explore how to detect and block SQL injection attacks. Finally, you’ll discover how to mitigate brute force credential stuffing attacks. When you’re finished with this course, you’ll have the skills and knowledge to detect and mitigate web-based threats against your web applications using ModSecurity.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Network Engineering

Firewall

Windows Server

Michael Edie

Instructor's Courses

Michael Edie, aka “the mechanic,” is a 23-year US Army Veteran and Information Security Engineer. He currently serves as a Technical Lead in a Cyber Operations Organization and President of the Augusta Information Systems Security Association (ISSA) chapter. Previously, he has served on Digital Forensics and Incident Response (DFIR), threat hunt, and compliance inspection teams. Michael is passionate about Information Security and enjoys contributing to the community through his blog at https://blog.edie.io and projects at https://github.com/tankmek. He is the Executive Director and Co-Founder of smashthestack.org, a software vulnerability, and exploitation educational platform. Additionally, Michael has volunteered to speak at local nonprofits such as the Cyber Discovery Group (CDG) and NERD Nights. Outside the technical domain, he enjoys spending time with his wife and kids, motorcycling, cryptocurrency, and chess.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.