ModSecurity and NGINX: Tuning the OWASP Core Rule Set

BSides Winnipeg 2017: For The Win: Finding WAF Evasions and Verifying Fixes with FTW

AppSec USA 2017: WAFs FTW! A modern devops approach to security testing your WAF

AppSec EU 2017: Introducing the OWASP ModSecurity Core Rule Set 3.0

Nginx.conf 17: Secure your Apps with NGINX and the ModSecurity WAF

Area41 2016: Core Rules Paranoia Mode