Talks
Self-Learning WAF: Using Generative AI to Tame ModSecurity False Positives — NCS-W01
RSAC 2026 · Wednesday, March 25, 2026 · 8:30–9:20 AM PDT (16:30–17:20 CET)
ModSecurity with the OWASP Core Rule Set (CRS) is a powerful open-source WAF, but tuning false positives remains painful and time-consuming. This session introduces a self-learning approach that uses generative AI to analyze blocked requests, determine legitimacy, and automatically generate tuning rules — reducing manual effort while keeping humans in the loop for approval.
Key takeaways:
- How generative AI can classify WAF false positives with high accuracy
- A practical pipeline for automated rule generation with human oversight
- Lessons learned from applying this approach in production environments
Media-friendly version: Using generative AI to automatically detect and fix WAF false positives — keeping ModSecurity effective without the tuning headache.
Available for
I’m available for technical talks, panels, and podcasts on:
- Platform automation and self-service infrastructure
- Edge systems (reverse proxies, ingress, policy enforcement)
- Applied security (practical controls, incident response, operability)
- Open standards and sustainable architecture