https://0d2d0d50.website-1u6.pages.dev/tags/cross-site-scripting/Recent content in CRS Projecthttps://0d2d0d50.website-1u6.pages.dev/20171121/top-5-ways-crs-can-help-you-fight-owasp-top-10/Tue, 21 Nov 2017 16:36:31 +0100<p>The new edition <a href="https://github.com/OWASP/Top10/raw/master/2017/OWASP%20Top%2010-2017%20%28en%29.pdf">OWASP Top Ten</a> list mentions <a href="https://www.modsecurity.org">ModSecurity</a> and the <a href="https://coreruleset.org">OWASP ModSecurity Core Rule Set</a> for the first time.</p> <p>Let me explain you what the Core Rule Set does and how it can help you protect your services from these risks.</p> <p>The CRS - short for OWASP ModSecurity Core Rule Set - is a set of generic attack detection rules. They are meant for use with ModSecurity or compatible web application firewalls. The CRS aims to protect web applications from a wide range of attacks with a minimum of false alerts. The Core Rule Set is thus meant as a 1st line of defense against web application attacks as described by the OWASP Top Ten.</p>