Franziska Bühler currently works as a Senior Systems Engineer in Switzerland.
Her main areas of responsibility are web server security and everything related to the access layer. In Switzerland, this typically includes authentication and web application firewalls.
She holds a Bachelor of Science degree in computer science with a specialization in IT security. She is also a Certified OSSTMM Professional Security Tester (OPST), accredited by ISECOM (Institute for Security and Open Methodologies).
While studying, she did research in the field of Android forensics. First, she retrieved YAFFS2 (yet another flash file system 2) file system dumps. Then she managed to gain and understand the file system chunk metadata to recover deleted SMS, contacts and phone calls.
That was a new and unresolved challenge at that time. She presented the result and submitted it to federal authorities. Unfortunately, Android does not use this file system anymore.
Franziska likes to turn bits and bytes until she has resolved the puzzle. When she was growing up, she liked to solve all sorts of physical puzzles made of wood or metal. Maybe that was already an indication of her present preference.
Path to Cyber Security
Franziska’s started her IT career as a system administrator for various Windows, UNIX and Linux server operating systems. She had to control, operate and monitor different types of systems and locate, isolate and resolve technical incidents.
Yet, she did not seek to transition into security. It came naturally when she changed to engineering exposed and critical systems where security and security awareness is a must.
She’s been working as a Systems Engineer with specialization in web server security and web application firewalls since 2009.
She holds technical responsibility for the reverse proxy platform and leads a group dedicated to all things reverse proxy.
She is responsible for identifying, analyzing and assessing risks, threats and vulnerabilities, and for maintaining the security of the platform.
In addition to building or reorganizing platforms, she also writes and implements security policies. She writes scripts and programs to automatically monitor policy compliance.
Topics related to DevOps are one of the topics of interest today. Her certification as a scrum master helps her with her involvement in agile projects and providing technical advice.
Another important part of her job is providing third level support for critical incidents. This sometimes makes the days unpredictable, but all the more exciting. It is a particular pleasure to investigate and resolve a problem for Franziska.
The Hobby: OWASP ModSecurity Core Rule Set
In her spare time, Franziska Bühler helps as a developer and committer to enhance the OWASP ModSecurity Core Rule Set. The Core Rule Set is a rule set for the ModSecurity web application firewall. See https://coreruleset.org.
It is the first line of defense against web application attacks, like those described by the OWASP Top Ten. The Core Rule Set is mentioned as one of the possible precautions against A10:2017-Insufficient Logging & Monitoring.
She co-developed the new paranoia mode, which helps to keep the number of false positives under control. This is very important for the usability of a WAF, to ensure there are as few false positives as possible.
She recently published a blog post (https://coreruleset.org/20171109/disassembling-sqli-rules/) describing disassembling many optimized regular expressions. They had been optimized with the help of an arcane Perl module a long time ago. The blog post describes how Franziska disassembled the regular expressions to retrieve the source pattern. This work is important to the OWASP Core Rule Set project and its maintainability.
The Challenge of Family and Working Life
In addition to the technical challenges that come from work or her hobby, the Core Rule Set project, it is also a challenge to harmonize a part-time job with her husband and their two children.
Fortunately, she is still able to do highly demanding technical work and not work on the side, even part-time. She owes that to her progressive employer, the Swiss Post.
Advice for Other Women
Franziska Bühler has been working in IT since 2001 and she has met different kinds of people throughout it. Most of them were friendly and open to women.
Some of them have very old-fashioned attitudes towards women. It may not be intentional on their part, it is ingrained in their minds. Franziska thinks that women cannot change them and convince them otherwise. It is not worth bothering, it’s a lost cause. You would be better off associating with people who are nice and supportive.
Most people are open-minded. One of her mentors is Christian Folini. He believes that good people, women or men, should be supported and promoted. And he thinks that diversity is important and an asset to a team. Such well-meaning people are important and a gift. Let them guide you.
Another important point is to always be up to date. Especially in the field of cyber security, things change often and fast. Take courses, earn certifications, attend conferences and learn new technologies. Outside of being fun, they broaden your horizon and they also make you even more valuable.
And, most important, believe in yourself.
If you want to get in contact with Franziska Bühler, write her a message: @bufrasch on Twitter.