Welcome to Woman In Cyber Security

The Story of Franziska Bühler-Schmocker, Between Web Server Security and Web Application Firewalls

by Magda CHELLY November 28, 2017

The Story of Franziska Bühler-Schmocker, Between Web Server Security and Web Application Firewalls

Franziska Bühler currently works as a Senior Systems Engineer in Switzerland.
Her main areas of responsibility are web server security and everything related to the access layer. In Switzerland, this typically includes authentication and web application firewalls.
She holds a Bachelor of Science degree in computer science with a specialization in IT security. She is also a Certified OSSTMM Professional Security Tester (OPST), accredited by ISECOM (Institute for Security and Open Methodologies).


Android Forensics

While studying, she did research in the field of Android forensics. First, she retrieved YAFFS2 (yet another flash file system 2) file system dumps. Then she managed to gain and understand the file system chunk metadata to recover deleted SMS, contacts and phone calls.
That was a new and unresolved challenge at that time. She presented the result and submitted it to federal authorities. Unfortunately, Android does not use this file system anymore.
Franziska likes to turn bits and bytes until she has resolved the puzzle. When she was growing up, she liked to solve all sorts of physical puzzles made of wood or metal. Maybe that was already an indication of her present preference.


Path to Cyber Security

Franziska's started her IT career as a system administrator for various Windows, UNIX and Linux server operating systems. She had to control, operate and monitor different types of systems and locate, isolate and resolve technical incidents.
Yet, she did not seek to transition into security. It came naturally when she changed to engineering exposed and critical systems where security and security awareness is a must.


Current Work

She's been working as a Systems Engineer with specialization in web server security and web application firewalls since 2009.
She holds technical responsibility for the reverse proxy platform and leads a group dedicated to all things reverse proxy.
She is responsible for identifying, analyzing and assessing risks, threats and vulnerabilities, and for maintaining the security of the platform.
In addition to building or reorganizing platforms, she also writes and implements security policies. She writes scripts and programs to automatically monitor policy compliance.
Topics related to DevOps are one of the topics of interest today. Her certification as a scrum master helps her with her involvement in agile projects and providing technical advice.
Another important part of her job is providing third level support for critical incidents. This sometimes makes the days unpredictable, but all the more exciting. It is a particular pleasure to investigate and resolve a problem for Franziska.

The Hobby: OWASP ModSecurity Core Rule Set

In her spare time, Franziska Bühler helps as a developer and committer to enhance the OWASP ModSecurity Core Rule Set. The Core Rule Set is a rule set for the ModSecurity web application firewall. See https://coreruleset.org.
It is the first line of defense against web application attacks, like those described by the OWASP Top Ten. The Core Rule Set is mentioned as one of the possible precautions against A10:2017-Insufficient Logging & Monitoring.
She co-developed the new paranoia mode, which helps to keep the number of false positives under control. This is very important for the usability of a WAF, to ensure there are as few false positives as possible.
She recently published a blog post (https://coreruleset.org/20171109/disassembling-sqli-rules/) describing disassembling many optimized regular expressions. They had been optimized with the help of an arcane Perl module a long time ago. The blog post describes how Franziska disassembled the regular expressions to retrieve the source pattern. This work is important to the OWASP Core Rule Set project and its maintainability.


The Challenge of Family and Working Life

In addition to the technical challenges that come from work or her hobby, the Core Rule Set project, it is also a challenge to harmonize a part-time job with her husband and their two children.
Fortunately, she is still able to do highly demanding technical work and not work on the side, even part-time. She owes that to her progressive employer, the Swiss Post.


Advice for other women

Franziska Bühler has been working in IT since 2001 and she has met different kinds of people throughout it. Most of them were friendly and open to women.
Some of them have very old-fashioned attitudes towards women. It may not be intentional on their part, it is ingrained in their minds. Franziska thinks that women cannot change them and convince them otherwise. It is not worth bothering, it's a lost cause. You would be better off associating with people who are nice and supportive.
Most people are open-minded. One of her mentors is Christian Folini. He believes that good people, women or men, should be supported and promoted. And he thinks that diversity is important and an asset to a team. Such well-meaning people are important and a gift. Let them guide you.
Another important point is to always be up to date. Especially in the field of cyber security, things change often and fast. Take courses, earn certifications, attend conferences and learn new technologies. Outside of being fun, they broaden your horizon and they also make you even more valuable.
And, most important, believe in yourself.

If you want to get in contact with Franziska Bühler, write her a message: @bufrasch on Twitter.



Magda Lilia Chelly, is the Managing Director of Responsible Cyber Pte. by day, and a cyber feminist hacker by night. Magda is the brand ambassador of Peerlyst, one of the strongest InfoSec online communities. She spends most of her time supporting chief information security officers in their cyber security strategy and roadmap. She reviews technical architectures, cloud migrations, and digital transformations. She is continuously raising cyber security awareness & diversity at a global scale. She is currently based in Singapore, with a global reach through her company in 19 locations worldwide. She speaks five languages fluently, and has a PhD in Telecommunication Engineering with a subsequent specialization in cyber security. She also was recently nominated as global leader of the year at the Women in IT Awards 2017, and TOP 50 cyber security influencer globally.

Also in Cyber Role Models

Amber C. Williamson, Cybersecurity is a fascinating field and it’s never a dull moment in this industry
Amber C. Williamson, Cybersecurity is a fascinating field and it’s never a dull moment in this industry

by Magda CHELLY November 19, 2017

Amber C. Williamson is an IT Mentor Advocate for upcoming aspirants in the Cybersecurity & Information Technology world. Her journey was introduced during her childhood and has never left. She is the first generation in her family to have a Double Bachelor’s and Double Master’s Degree in Biology, Computer Science, Information Systems, and Network Communications. Amber has over 12+ years of industry experience and currently pursuing her cybersecurity certifications for 2018. She is a force to be reckon with and willing to make a difference in the lives of others in Cyber Security.

Continue Reading

Sarah Hendrickson; Pen tests, vulnerability scanning, red team testing – I built it all !
Sarah Hendrickson; Pen tests, vulnerability scanning, red team testing – I built it all !

by Magda CHELLY November 12, 2017

I worked my way through college at a Research and Development lab for a company that milled flour and made baking mixes for consumers as well as restaurants.  I obtained my degree in Chemistry and the lab job included running the analyticals to write the product nutritionals (%fat, %carbs, %protein, etc.).  At almost 6’ tall, I was significantly taller than my manager and when she went to read the instrumentation, her results varied significantly than mine.  I used a software application to calibrate the instruments to remove the human error.  It worked well and they asked me to do this for the instruments in their Quality Assurance lab.  This was the only time I have ever “coded”. 

Continue Reading

Soniya Advant, On the journey for a CISSP
Soniya Advant, On the journey for a CISSP

by Magda CHELLY November 11, 2017

Some things inspire us and have a “wow” effect on us. Some things inspire us and make us wonder more but some things inspire us and make us take an action. I remember giving my first presentation about Cell phone viruses and security in 2008 for my intercollege paper presentation competition, and this was the first time I got interested in cyber security. After winning that competition, I started participating in more state and national level competitions, going to different colleges to listen to different speakers and reading the latest news about what is going on in this field.


Continue Reading