Black Hat USA 2009 Weekend Training Session

July 25-26

Black Hat USA 2009 Weekday Training Session

July 27-28

ModSecurity: Deployment and Management

Ryan Barnett

Overview:

ModSecurity is currently the most widely deployed web application firewall (WAF) product. This two-day, advanced boot-camp class is designed for those people who want to quickly learn how to build, deploy, and use ModSecurity in the most effective manner possible. The course will cover topics such as: the open source ModSecurity Console, which helps manage alerts on suspicious web activity targeting your web servers, and also provides an in-depth look at the extremely powerful ModSecurity 2.5 Rules Language. Learning how to take advantage of the power behind ModSecurity rules can help web security professionals write and configure highly effective rules to handle complex web vulnerabilities. Hands-on labs with fully documented instructions help students deploy solid, secure ModSecurity installations and understand the inner workings of the premier open source web application firewall available today.

Student Requirements

This course assumes that students have a technical understanding of the HTTP protocol and a general understanding client server communications and network architecture. Proficiency with Linux and UNIX text editing tools (vi editor) is suggested, not required. Also, in order to gain the most value from day 2 of the course, students should be familiar with Perl Compatible Regular Expressions (PCRE).

Trainer:

Ryan C. Barnett is a recognized security thought leader and evangelist who frequently speaks with the media and industry groups and presents at security conferences.

He is the director of application security at Breach Security. He is also a faculty member for the SANS Institute, where his duties include instructor/courseware developer for Apache Security/Building a Web Application Firewall Workshop, Top 20 Vulnerabilities Team Member and Local Mentor for the SANS Track 4, “Hacker Techniques, Exploits and Incident Handling” course. He holds six SANS Global Information Assurance Certifications (GIAC): Intrusion Analyst (GCIA), Systems and Network Auditor (GSNA), Forensic Analyst (GCFA), Incident Handler (GCIH), Unix Security Administrator (GCUX) and Security Essentials (GSEC).

Mr. Barnett also serves as the team lead for the Center for Internet Security Apache Benchmark Project and is a member of the Web Application Security Consortium. His web security book, “Preventing Web Attacks with Apache,” was published by Addison/Wesley in 2006.

Super Early: Ends Mar 15	Early: Ends May 1	Regular: Ends Jul 1	Late: Ends Jul 22	Onsite:
$1800	$1900	$2100	$2300	$2600