Is ModSecurity Dead? Answering the Question Head On.
As with any mature and venerable technology, ModSecurity is facing its “Is It Dead?” stage, with some pundits assuming and proclaiming it dead ever since the Trustwave ModSecurity sunsetting and end of support announcement in 2021. We get asked the question a lot by folks who want to continue to use ModSecurity, and our answer to them is an unequivocal No. ModSecurity is not dead just because of one large vendor’s business decision to no longer support it. Atomicorp has supported ModSecurity rules since 2002 and continues to assist organizations and agencies in leveraging ModSecurity for advanced web application security.
“If you’re an integrator or product maker using ModSec and need commercial support for ModSec, we’re supporting it, we’re the remaining experts,” said Mike Shinn, CEO of Atomicorp.
ModSecurity is still developed, enhanced, patched and requested. Our response to death-sayers is that we at Atomicorp are dedicated to ModSecurity, commercially supporting not just the rules but modsecurity and libmodsecurity and thus a wider assortment of web servers.
We offer the ModSecurity Rules for free, but to get more rapid enhancements, expert configuration, professional service and optimal performance, we provide:
- Commercial support for modsecurity/libmodsecurity, going beyond Apache servers to incorporate IIS and Nginx.
- Commercial support for ModSecurity Rules and advanced web application firewalls (WAFs).
Learn more about Atomicorp ModSecurity support and Atomic ModSecurity Rules and WAF.