Summary
In this chapter we learned about virtual patching, and how it is a useful technique to patch specific vulnerabilities in web applications. We learned about the advantages of using virtual patching over traditional patching and saw examples of implementing virtual patches using ModSecurity. We also looked at real-life examples of the kind of attacks that virtual patching can prevent, such as the Geeklog SQL injection vulnerability and the worm that hit the micro-blogging service Twitter in April 2009.
In the next chapter we will be learning about even more web security vulnerabilities and ways they can be blocked using ModSecurity, so get ready to dive head first into the world of black-hat hackers, security vulnerabilities and counter-measures