Franziska Bühler currently works as a Senior Systems Engineer in Switzerland.
Her main areas of responsibility are web server security and everything related to the access layer. In Switzerland, this typically includes authentication and web application firewalls.
She holds a Bachelor of Science degree in computer science with a specialization in IT security. She is also a Certified OSSTMM Professional Security Tester (OPST), accredited by ISECOM (Institute for Security and Open Methodologies).
While studying, she did research in the field of Android forensics. First, she retrieved YAFFS2 (yet another flash file system 2) file system dumps. Then she managed to gain and understand the file system chunk metadata to recover deleted SMS, contacts and phone calls.
That was a new and unresolved challenge at that time. She presented the result and submitted it to federal authorities. Unfortunately, Android does not use this file system anymore.
Franziska likes to turn bits and bytes until she has resolved the puzzle. When she was growing up, she liked to solve all sorts of physical puzzles made of wood or metal. Maybe that was already an indication of her present preference.
Franziska's started her IT career as a system administrator for various Windows, UNIX and Linux server operating systems. She had to control, operate and monitor different types of systems and locate, isolate and resolve technical incidents.
Yet, she did not seek to transition into security. It came naturally when she changed to engineering exposed and critical systems where security and security awareness is a must.
She's been working as a Systems Engineer with specialization in web server security and web application firewalls since 2009.
She holds technical responsibility for the reverse proxy platform and leads a group dedicated to all things reverse proxy.
She is responsible for identifying, analyzing and assessing risks, threats and vulnerabilities, and for maintaining the security of the platform.
In addition to building or reorganizing platforms, she also writes and implements security policies. She writes scripts and programs to automatically monitor policy compliance.
Topics related to DevOps are one of the topics of interest today. Her certification as a scrum master helps her with her involvement in agile projects and providing technical advice.
Another important part of her job is providing third level support for critical incidents. This sometimes makes the days unpredictable, but all the more exciting. It is a particular pleasure to investigate and resolve a problem for Franziska.
In her spare time, Franziska Bühler helps as a developer and committer to enhance the OWASP ModSecurity Core Rule Set. The Core Rule Set is a rule set for the ModSecurity web application firewall. See https://coreruleset.org.
It is the first line of defense against web application attacks, like those described by the OWASP Top Ten. The Core Rule Set is mentioned as one of the possible precautions against A10:2017-Insufficient Logging & Monitoring.
She co-developed the new paranoia mode, which helps to keep the number of false positives under control. This is very important for the usability of a WAF, to ensure there are as few false positives as possible.
She recently published a blog post (https://coreruleset.org/20171109/disassembling-sqli-rules/) describing disassembling many optimized regular expressions. They had been optimized with the help of an arcane Perl module a long time ago. The blog post describes how Franziska disassembled the regular expressions to retrieve the source pattern. This work is important to the OWASP Core Rule Set project and its maintainability.
In addition to the technical challenges that come from work or her hobby, the Core Rule Set project, it is also a challenge to harmonize a part-time job with her husband and their two children.
Fortunately, she is still able to do highly demanding technical work and not work on the side, even part-time. She owes that to her progressive employer, the Swiss Post.
Some things inspire us and have a “wow” effect on us. Some things inspire us and make us wonder more but some things inspire us and make us take an action. I remember giving my first presentation about Cell phone viruses and security in 2008 for my intercollege paper presentation competition, and this was the first time I got interested in cyber security. After winning that competition, I started participating in more state and national level competitions, going to different colleges to listen to different speakers and reading the latest news about what is going on in this field.