A collection of rules designed to Detect common web application attacks, which turns ModSecurity into a Web Intrusion Detection tool. The ModSecurity Core Rules project is now an OWASP project and discussions have moved from the mod-security-users mailing list to the new owasp-modsecurity-core-rule-set mailing list.
Keeping one server secure is tough enough, but what if you have several to maintain? By collecting the log and alert data in real time from remote ModSecurity sensors, ModSecurity provides a single place where you need to look to verify your web applications are secure.
Even if do you have only one web server to monitor, you would be better off using a tool that has a comfortable user interface, saves you time by automating the repetitive tasks, and GeneRally makes your life easier by allowing you to Focus on the things that really matter.
Features
The following features are included:
1. Self-contained application that comes with an embedded web server and an embedded database.
2. Collects logs and alerts from any number of remote sensors in real time.
3. User interface provides support for sensor, alert, and Transaction management.
4. Runs on any platform that supports JDK/JRE 1.4 or better.
5. Installs in a few minutes.
6. Automated maintenance options keep the database at a manageable size.
7. Sensor activity history.
8. Alerting facilities.
9. Reporting facilities. Nice and shiny reports in PDF format can be scheduled or produced on-demand. Automatic distribution via email.
10. Automatic DNS and Geo IP resolution1.