Resources

Breach Security Labs

Established in 2005, Breach Security Labs is the research arm of Breach Security, Inc. Breach Security Labs conducts and sponsors global research and open-source projects which focus on emerging trends in web application security. In addition to open-source and research projects, Breach Security Labs provides the security content, including rules, correlations and signatures, for Breach Security’s web application security products including WebDefend, ModSecurity Pro and ModSecurity.

Breach Security Labs plays an active role in leading web application security industry organizations such as the Open Web Application Security Project (OWASP) and the Web Application Security Consortium (WASC).Breach Security Labs team members are WASC officers and both lead and contribute to OWASP Projects.

Web Hacking Incidents Database

Breach Security Labs is the Web Hacking Incidents Database(WHID) project sponsors. Check out real-time data on the top attack methods, application weaknesses, and outcomes for 2010.

Click on the links below to see the live reports:

Research and Publications

Breach Security Labs research papers and presentations are located at Breach Security Network. Some of our recent publications are:

Trends in Web Application Security: What's Hot in 2008, Ryan Barnett, Software Assurance Forum, May 2008.

The Web Hacking Incidents Annual Report 2007

WASC Distributed Open Proxy Honeypot Project: Phase 2 Update on Attacks and Vulnerabilities, Ryan Barnett, 7th OWASP & WASC AppSec Conference, San Jose 2007.

Resources

Breach Security Labs

Web Hacking Incidents Database

Projects

ModSecurity Open Source

The Open Proxy Honeypot Project

The Web Application Firewall Evaluation Criteria

The Core Rule Set

The Web Hacking Incidents Database Project

Research and Publications

Popular Links: