Joining us this week is Christian Folini (@chrfolini), co-lead of the OWASP Core Rule Set project, co-author of the second edition ModSecurity Handbook and one of the few teachers on this subject. And he brings a first to the podcast – a discussion on ModSecurity and the OWASP project! For those that are new to these topics, Christian shares many insights on the OWASP volunteer organization mission and how it serves as the first line of defense against web application attacks. Many may not know that 70% of attacks are carried out at the web application level. He also shares perspective on the end-of-life support for the Trustwave ModSecurity Engine and what that means for the open-source community, along with details of the upcoming Swiss Cyber Storm event in October of which he is a program chair. It’s going to be an awesome event you won’t want to miss! Learn more here: https://www.swisscyberstorm.com/ Christian Folini, Author of the ModSecurity Handbook 2ed. OWASP Core Rule Set project co-lead and program chair Swiss Cyber Storm. Christian Folini brings more than ten years of experience with ModSecurity configuration in high security environments, DDoS defense and threat modeling. Christian is the author of the second edition of the ModSecurity Handbook and one of the few teachers on this subject. He is a Co-Lead of the OWASP ModSecurity Core Rule Set project. Christian serves as vice president of the Swiss federal public-private-partnership "Swiss Cyber Experts" and as the program chair of the "Swiss Cyber Storm" conference. He is also a frequent speaker at national and international conferences, where he tries to use his background in the humanities to explain hardcore technical topics to various audiences. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e201