Christian Folini gave a presentation on optimizing ModSecurity on NGINX and NGINX Plus. Some key points: - ModSecurity is an open source web application firewall that provides a rule-based system. The OWASP ModSecurity Core Rule Set (CRS) is the default rule set that blocks over 80% of attacks. - To use ModSecurity with NGINX, one must compile ModSecurity 3.0 and the ModSecurity NGINX connector module, then compile NGINX with the connector. Alternatively, precompiled binaries are available with NGINX Plus. - Initial optimization steps include adjusting the anomaly threshold, learning to read logs using aliases, and handling false positives by