Home >
Breach Security Labs
Established in 2005, Breach Security Labs is the research arm of Breach Security, Inc. Breach Security Labs conducts and sponsors global research and open-source projects which focus on emerging trends in web application security. In addition to open-source and research projects, Breach Security Labs provides the security content, including rules, correlations and signatures, for Breach Security’s web application security products including WebDefend, ModSecurity Pro and ModSecurity.
Breach Security Labs plays an active role in leading web application security industry organizations such as the Open Web Application Security Project (OWASP) and the Web Application Security Consortium (WASC). Breach Security Labs team members are WASC officers and lead the OWASP chapters in the UK and Israel.
News
Projects
ModSecurity Open Source
The leading open source web application firewall.
The Open Proxy Honeypot Project
An initiative to analyze attack data by deploying open proxy honeypots based on ModSecurity, led by Ryan Barnett.
The Web Application Firewall Evaluation Criteria
The most comprehensive document defining web application firewalls. A Web Application Security Consortium project sponsored by Breach Labs.
The Core Rule Set
An open source generic web application security rule set, led by Ofer Shezaf.
The Web Hacking Incidents Database Project
A comprehensive research project that tracks and analyzes publicly disclosed web hacking incidents. A Web Application Security Consortium project sponsored by Breach Security Labs.
Research and Publications
Breach Security Labs research papers and presentations are located at Breach Security Network. Some of our recent publications are:
Trends in Web Application Security: What's Hot in 2008, Ryan Barnett, Software Assurance Forum, May 2008.
The Web Hacking Incidents Annual Report 2007
WASC Distributed Open Proxy Honeypot Project: Phase 2 Update on Attacks and Vulnerabilities, Ryan Barnett, 7th OWASP & WASC AppSec Conference, San Jose 2007.
|