OWASP CRS🔥 OWASP CRS is evolving! Introducing #CRSLang — a new YAML-based rule language replacing Seclang. Cleaner syntax, multi-engine support, bidirectional translation, and a lower barrier for new contributors.
Check it out 👉 https://coreruleset.org/20260122/introducing-crslang-the-next-generation-rule-language-for-owasp-crs/
#WAF #AppSec #OWASP #ModSecurity
Check it out 👉 https://coreruleset.org/20260122/introducing-crslang-the-next-generation-rule-language-for-owasp-crs/
#WAF #AppSec #OWASP #ModSecurity
Introducing CRSLang: The Next Generation Rule Language for OWASP CRS
We’re excited to introduce CRSLang, a new YAML-based rule language that will replace Seclang in the next major release of OWASP CRS. This represents a significant evolution in how we write, maintain, and deploy WAF rules. Why CRSLang? For nearly two decades, the OWASP CRS has relied on ModSecurity’s Seclang syntax. While Seclang has served us well, it comes with significant limitations that have become increasingly apparent as the project has grown: