Christian Folini

Moderator National Dialogue On ECollecting

Bern, Bern, Switzerland
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts
email-iconphone-icongithub-logolinkedin-logotwitter-logostackoverflow-logofacebook-logo
Join Prog.AI to see contacts

Summary

🤩
Rockstar
🎓
Top School
Christian Folini is a teacher, author and application security engineer with over two decades of experience specializing in ModSecurity and web application firewalls. He co-led the widely used OWASP ModSecurity Core Rule Set project, introduced influential concepts like Paranoia Levels and a plugin architecture, and maintains canonical Apache/ModSecurity/CRS tutorials that many operators rely on. His work spans practical tooling—such as C-Rex—and DevOps-focused contributions to the CRS repository, improving automation, testing and deployment for a globally adopted open-source WAF. As a frequent conference speaker, program chair of Swiss Cyber Storm and a civil society representative on Switzerland’s National Cyber Strategy steering committee, he blends technical depth with policy and community leadership. He teaches hands-on courses that uniquely cover running ModSecurity at scale and stays active in the infosec community via webcasts and social platforms.
code13 years of coding experience
bookDoctor of Philosophy (PhD), History and Computer Science, Doctor of Philosophy (PhD), History and Computer Science at Université de Fribourg/Universität Freiburg
bookEMS
github-logo-circle

Github Skills (12)

git10
regression-testing10
modsecurity10
security10
dockers9
cicd9
python9
docker9
shell8
script8
sh8
scripting8

Programming languages (18)

C++JinjaCRustMakefileGoPrologHTML

Github contributions (5)

github-logo-circle
OWASP ModSecurity Core Rule Set (CRS) Project (Official Repository)
Role in this project:
userDevOps Engineer & Security Engineer
Contributions:2 releases, 316 commits, 327 PRs in 7 years 1 month
Contributions summary:Christian's contributions primarily involve infrastructure and testing improvements. They addressed a bug in the upgrade script, merged changes from various branches, and modified configuration files related to regression tests. The user also updated the docker entrypoint and made changes to the regression testing framework, suggesting a focus on automation, testing, and potentially security aspects of the ModSecurity Core Rule Set. The modifications indicate an understanding of how the ruleset is deployed and tested.
security-toolscore-rule-setcrsrulesecurity
Automatic decoding of payload parameters in the form of a OWASP ModSecurity Core Rule Set plugin
Contributions:1 review, 6 PRs, 9 pushes in 3 years
parametersdecodingcore-rule-setrulesecurity
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Christian Folini - Moderator National Dialogue On ECollecting