Just wanted to send out this FYI to the list – Breach Security and Whitehat Security jointly released this announcement today -

http://www.breach.com/news-events/press-releases/whitehat-security-and-breach-security-team-to-offer-powerful-web-application-security.html

The short, short overview is this – the Whitehat Sentinel vulnerability scanning service will “automatically” create custom ModSecurity rules to block SQL Injection, XSS and Directory Traversal attacks in scanned web applications.  ModSecurity users (both open source and commercial) can then simply insert these rules into their config and start blocking exploit attempts.  For those of you who have been fighting the uphill battle of creating custom virtual patching rules with ModSecurity while simultaneously adding exceptions for false positives due to the generic nature of the Core Rule Set, then this integration announcement should be welcomed news J

As a reference, I urge anyone who might consider utilizing this integration to also read this previous Blog post on the topic of VA+WAF integration - http://jeremiahgrossman.blogspot.com/2008/03/va-waf-yes-it-really-works.html - specifically review the Comments/Response section for many differing viewpoints on the theory and implementation options.

Let me know if any of you have any specific questions.

Also, keep an eye out for an upcoming webcast on this topic as Jeremiah Grossman and I will be hosting.