What is the Core Rule Set?
The Open Web Application Security Project (OWASP) Core Rule Set (CRS) is an open source collection of rules that work with ModSecurity and compatible web application firewalls (WAFs). These rules are designed to provide easy to use, generic attack detection capabilities, with a minimum of false positives (false alerts), to web applications as part of a balanced defense-in-depth solution.