NGINX announced the sponsorship of the OWASP ModSecurity Core Rule Set project, which is a set of WAF rules capable of detecting various attacks, including the OWASP Top Ten, with a minimum of false positives. The CRS, distributed as an open-source project, is designed for use with the world’s one of the most popular open-source WAF, ModSecurity and compatible WAFs. The CRS processes over 100 terabits of traffic every second worldwide.
100 terabits of traffic every second
The ModSecurity WAF for NGINX Open Source natively supports the CRS. NGINX also stated that the company appreciates CRS’s work done by the community and it is also aware of many of its users and customers are relying on the CRS. NGINX is also looking forward to helping ensure the OWASP ModSecurity CRS project’s long‑term success.
NGINX also announced that the company has benefited greatly from CRS’s expertise around ModSecurity in previous collaborations. NGINX will continue to with the team to ensure that NGINX users get the best possible security when integrating ModSecurity and the CRS with our software. ModSecurity, CRS, and NGINX working together, NGINX will be able to identify security improvements, triage potential issues, find performance optimizations, and more.