Podcast appearances and mentions of christian folini

Nach dem Ende des Registers von Swisstransplant bleibt vor allem Konsternation. Christian Folini und Florian Badertscher im Gespräch über Meldeprozesse für Lücken und heikle Datenbanken.

Joining us this week is Christian Folini (@chrfolini), co-lead of the OWASP Core Rule Set project, co-author of the second edition ModSecurity Handbook and one of the few teachers on this subject. And he brings a first to the podcast – a discussion on ModSecurity and the OWASP project! For those that are new to these topics, Christian shares many insights on the OWASP volunteer organization mission and how it serves as the first line of defense against web application attacks. Many may not know that 70% of attacks are carried out at the web application level. He also shares perspective on the end-of-life support for the Trustwave ModSecurity Engine and what that means for the open-source community, along with details of the upcoming Swiss Cyber Storm event in October of which he is a program chair. It's going to be an awesome event you won't want to miss! Learn more here: https://www.swisscyberstorm.com/ Christian Folini, Author of the ModSecurity Handbook 2ed. OWASP Core Rule Set project co-lead and program chair Swiss Cyber Storm. Christian Folini brings more than ten years of experience with ModSecurity configuration in high security environments, DDoS defense and threat modeling. Christian is the author of the second edition of the ModSecurity Handbook and one of the few teachers on this subject. He is a Co-Lead of the OWASP ModSecurity Core Rule Set project. Christian serves as vice president of the Swiss federal public-private-partnership "Swiss Cyber Experts" and as the program chair of the "Swiss Cyber Storm" conference. He is also a frequent speaker at national and international conferences, where he tries to use his background in the humanities to explain hardcore technical topics to various audiences. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e201

Christian Folini is a Swiss security engineer and web application firewall expert working at netnea.com. Christian studied History and Computer Science and graduated with a PhD in Medieval History. He is the author of the ModSecurity Handbook (2ed), He also co-lead the OWASP ModSecurity Core Rule Set (CRS) project that runs on millions of servers globally. Furthermore he serves as the program chair of the Swiss Cyber Storm conference.Christian also teaches ModSecurity and Core Rule Set courses and consult companies who want to integrate ModSecurity and the Core Rule Set into their services or products, also in high security setups. For more SecTools podcast episodes, visit https://infoseccampus.com

In this episode of the People | Process | Technology podcast, I speak with Simon Bennetts from the Zap Project, Christian Folini from the ModSecurity Core Rule Set Project, and Steve Springett from the Dependency Track Project. This is part of an ongoing podcast series, highlighting the OWASP Flagship Projects that will be featured at the OWASP 20th Anniversary Celebration in September. I talk with the project leads to hear what they have been working on for the past year, what their plans are for the coming year, and what we can expect to see at the conference in September. The OWASP 20th Anniversary Celebration is a 24 hour global event, featuring sessions from each of the OWASP flagship projects, leaders of the Top Ten Project, presenters from around the world, and sessions from people who have helped OWASP over the past 20 years. Registration is open, and you can’t beat the cost… it’s free. Even if you can’t attend, please register so you’ll have access to all of the recorded sessions following the conference. For the link check the show notes here on the podcast. Our program was produced today by Executive Editor Mark Miller. Special thanks to today’s guests, Simon Bennetts from the ZAP Project, Christian Folini from the ModSecurity Core Rule Set Project, and Steve Springett from the Dependency Track Project. You can stream our archive of over 160 episodes, for free, at soundCloud.com/owasp-podcast. The show is available on all of your favorite podcasting platforms, including Spotify and Apple Podcasts. Support for this broadcast is provided by OWASP, celebrating twenty years of making software safer. OWASP hosts their 24 hour, 20th Anniversary Celebration in September. Head to 20thAnniversary.owasp.org for your free ticket. Support also provided by JupiterOne, who believes that security is a basic right to every person, company, and enterprise. Security begins with cyber asset visibility, and includes understanding the relationships between those assets. Get started with your free, lifetime license at https://info.jupiterone.com/get-started.

  This week Christian Folini hangs out to talk about protecting web apps with the OWASP Core Rule Set, getting into the security industry, impedance mismatch and anomaly scoring. My 3 main takeaways were 1) how RASPs compare to WAFs 2) how paranoia levels are used to eliminate false positives and 3) how the Swiss Post used the CRS to protect a vulnerable online voting system For more information, including the show notes check out https://breachsense.io/podcast

Join Tomás O'Leary and Brendan Walsh as they discuss IBM splitting itself into two companies, Zoom fatigue and the tangled web that Larry Ellison, Oracle and TikTok weave. Then, ModSecurity Core Rule Set expert Christian Folini and Origina CTO Rowan O'Donoghue join to talk about anticipating security risks with threat modelling, how to protect IBM enterprise software and security trends to keep an eye on for 2021. Rowan O'Donoghue is the Chief Technical Officer and co-founder of Origina, having worked closely with IBM software and other technologies for decades. Dr. Christian Folini is co-lead of the ModSecurity Core Rule Set project and author of the ModSecurity Handbook (2nd Edition).

Auf die IT-Sicherheit und Risiken für das Stimmgeheimnis geht Christian Folini ein. Der IT-Sicherheitsexperte erläutert das technische Spannungsfeld zwischen verifizierten und absolut vertrauenswürdigen Stimmergebnissen bei gleichzeitiger Wahrung des Stimmgeheimnisses.

Key Points From This Episode:How Christian came to study both Medieval History and Computer Science.Learn more about Christian’s unique PhD in German Mysticism.Christian shares his unique passion for global cyber security theory.Are their links between Medieval history and what is happening with the internet today?Discover more about the balkanization of the internet and net neutrality.Parallels between Medieval social connections and internet social connections.Christian’s view on open source and how the ModSecurity Project fits into that.Christian explains how a firewall works and the two main types of firewall.Top five things that might make traffic look malicious or none malicious.Whitelisting, blacklisting and IP addresses: Can they really be trusted?E-voting: Why Switzerland is going all in while the rest of the world backs out.Is it possible to fully secure identification in an E-voting system?Why the world appears to be falling back on a physical verification process.Christian walks us through what an E-voting process looks like.Learn more about Christian’s strategies for reverse proxy and D-DOS.And much more!

Christian Folini joins Chris at AppSec EU for this episode about ModSecurity and the Core Rule Set project from OWASP. They dive into the timeline for the abstraction layer piece of the project and much more. You can find Christian on Twitter @ChrFolini. OWASP ModSecurity Core Rule Set ModSecurity The post CRS and an Abstraction Layer (S04E02) appeared first on Security Journey Podcasts.

This segment of the "Less than 10 Minutes" series was recorded live at AppSec EU 2017 in Belfast. It is an update of the ModSecurity Core Rule Set Project with project co-lead Christian Folini. The OWASP ModSecurity CRS Project's goal is to provide an easily "pluggable" set of generic attack detection rules that provide a base level of protection for any web application. The OWASP ModSecurity Core Rule Set (CRS) is a set of generic attack detection rules for use with ModSecurity or compatible web application firewalls. The CRS aims to protect web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts.

The OWASP ModSecurity Core Rule Set Project's goal is to provide an easily "pluggable" set of generic attack detection rules that provide a base level of protection for any web application. Chaim Sanders,Ryan Barnett, Christian Folini and Walter Hop are the team coordinating the project. During 2016 AppSec USA, I spoke with Chaim about the purpose of the project, the work work done in the past year, the upcoming release and what the team hopes to accomplish in 2017. https://www.owasp.org/index.php/Category:OWASP_ModSecurity_Core_Rule_Set_Project