OWASP - Introduction to using a web application firewall

OWASP New Zealand Chapter - Wellington
OWASP New Zealand Chapter - Wellington
Public group

Location visible to members



It's time to have a Wellington OWASP chapter meeting... it's been a while (https://www.youtube.com/watch?v=araU0fZj6oQ)!

What is this meetup?

The Wellington OWASP chapter is targeted to you! We aim to have web security topics that will be understood by the wider web and development community in Wellington, to help you understand the issues surrounding security in the internet age, and give you advice and tips on how to make your applications more secure.

This meetup isn't just for security specialists or hackers - and is open to everyone to attend.

We are technology agnostic, as web security concepts translate across development or front-end stacks. We won't hard-sell any particular vendor products or services.

Next meetup:

Our next meetup is Monday, 27 June where Graeme Neilson will be talking about the process of introducing a web application firewall into your infrastructure.

Graeme is an expert on this topic, and has co-founded a company that provides a cloud WAF (RedShield (https://www.redshield.co/)). However, the information he's discussing won't be RedShield-specific, and the talk won't be a sales pitch :)

Date: Monday 27 June

Time: 5:45pm for a 6pm start

Title: Understanding how to protect your site using a WAF

Audience: Anyone involved in web development

Location: RedShield offices - someone will let you up the lifts


Deploying a website or application on the internet isn't the end... as soon as it's on the internet, anyone with a browser can access it (and attack it).

A popular approach to dealing with urgent security issues is to put a web application firewall in front of your application. This process is normally fraught with pain, and often doesn't lead to the the security benefits expected.

Graeme and his team have a different approach to deployment, and the way they approach using a WAF might be different to others you have heard about. Graeme will discuss his approach, the benefits, and show how you could implement a WAF yourself, successfully.

This talk assumes no knowledge of web application firewalls or security, and will introduce the necessary concepts. Following this talk, Graeme may delve deeper into the internals of how they build solutions, if people are keen!

Video stream:

We also intend to try and stream the event via a Youtube livestream, so at approx 6pm next Monday this link should give you access to Graeme's video stream: