Articles by KENNETH

NGINX Announces Sponsorship of the OWASP ModSecurity CRS Project NGINX, a part of F5, Inc., is pleased to announce that we have become the first Gold sponsor of the OWASP ModSecurity Core Rule Set (CRS) project. The CRS is a set of web application firewall (WAF) rules which detect many kinds of attacks, including the OWASP Top Ten, with a minimum of false positives. Distributed under an open source license, the CRS is designed for use with ModSecurity – the world’s most popular open source WAF – and compatible WAFs. As the most widely used WAF rule set on the Internet, the CRS processes more than 100 terabits of traffic every second all over the globe. The ModSecurity WAF for NGINX Open Source natively supports the CRS. For details on enabling the CRS with the ModSecurity WAF, see our documentation. With our deep roots [ more… ]

Mitigating Security Vulnerabilities Quickly and Easily with NGINX Plus Here at NGINX we’re proud that literally millions of organizations around the world trust our software to power their websites and app‑delivery infrastructure. Given how critically our users depend on NGINX, we’re surprised when they admit they haven’t given much thought to the importance of running an up-to-date version that has fixes for the security vulnerabilities – such as Common Vulnerabilities and Exposures (CVEs) – that have become so common on today’s Internet. Of course it’s not enough to think about guarding against security threats – you need to implement well‑defined processes for tracking vulnerabilities and putting protections in place as soon as they become available. It’s easy to underestimate how much time and effort that can take if you have to do it all yourself, as is the case with open source software. [ more… ]