Christian Folini
Web application security guy with a passion for OWASP's open source WAF projects and National Cyber Strategy.
Maintains "Swiss Cyber Security" starter pack and cherishes his small collection of medieval helmets.
- Reposted by Christian Folini[Not loaded yet]
- Reposted by Christian Folini[Not loaded yet]
- Reposted by Christian Folini[Not loaded yet]
- The recording of the 2nd online event on #ECollecting has been published. We've also launched a dialogue platform and initiated two discussions. github.com/swiss/e-coll... Discussion 1: Political Balance (of E-Collecting) Discussion 2: Can an opt-out for the paper process really be avoided?
- Reposted by Christian Folini[Not loaded yet]
- Reposted by Christian Folini[Not loaded yet]
- With the rate @cloudflare.social goes down these days, they should totally invest in revamping their error page.
- #react2shell (CVE-2025-55182) is detected by default by OWASP CRS 3 and CRS 4 alike. Rules in question are * 934100 #CRS3 and #CRS4 * 934130 CRS4 * 942550 CRS4 Test payload in graphic below. Other payloads can be tested via the public CRS sandbox. Kudos to Vincent-TW for the groundwork.
- #ModSecurity / @owasp.org CRS engine puzzle! A solution has the potential to improve the performance across millions of servers.
- Performing a major upgrade of your OWASP CRS #WAF rules usually means you need to lower your defenses. The new "netnea-crs-upgrading-plugin" that allows you to perform this transition in a smooth and calculated way without the need to raise your anomaly threshold. www.netnea.com/cms/2025/11/...
- Whenever a big cloud service goes down I think of the Swiss gov exec who ridiculed me on a panel when I claimed it's a little known secret, but it's actually possible to run your own servers without any dependency to somebody else's computer.
- For a couple of days I see a new wave of attacks hitting our WP installation. Hundreds of IPs hitting /wp-login.php. Like 10 times the normal amount of requests despite fail2ban blocking them really fast. The best defense (and there are many layers of defense) has been installing WP in a subfolder.
- Reposted by Christian Folini[Not loaded yet]
- Reposted by Christian FoliniOn a Saturday night I stumbled across something on the internet that made me feel like ****** my pants. A giant dataset of real surveillance operations targeting 1000s of people across nearly every country. Unraveling it and the mysterious company behind it has consumed 1.5 years of my life
- Later today, I'll be hosting a ModSecurity / CRS community call luma.com/8yc1p543 We'll be talking about success metrics, WAF testing and other integration questions.
- Reposted by Christian Folini[Not loaded yet]
- Reposted by Christian Folini[Not loaded yet]
- Reposted by Christian FoliniAn Open Source sustainability story in two slides. (for a coming talk of mine) Slide 1: car brands using #curl Slide 2: car brands sponsoring or paying for #curl support
- Guess who's going to the circus tonight.
