Re: Announcement: The Web Application Firewall Evaluation Criteria v1 Released
- From: Gadi Evron <ge@xxxxxxxxxxxx>
- Date: Sun, 22 Jan 2006 08:44:13 +0200
contact@xxxxxxxxxxxxx wrote:
The Web Application Firewall Evaluation Criteria project is proud to announce v1.0 of The Web Application Firewall Evaluation Criteria (WAFEC), its first official release.
WAFEC is a result of a collaboration between web application firewall vendors and independent security professionals to create a comprehensive, vendor-neutral, web application firewall evaluation criteria. The resulting framework can be used to evaluate and and compare web application firewalls.
WAFEC v1.0 can be downloaded from the project home page:
http://www.webappsec.org/projects/wafec/
Having a good framework by which to judge these applications is very cool as I had to do without quite a few times before. Thanks for creating it.
It is my belief that *today's* web application firewalls are a waste of money. Some people disagree and as I respect them, I will answer their questions one by one.
This is pretty long, check out: http://blogs.securiteam.com/index.php/archives/220
And the follow-up, answering questions and good arguments: http://blogs.securiteam.com/?p=237
I'd appreciate any input.
Gadi.
- References:
- Prev by Date: [eVuln] Note-A-Day Weblog Sensitive Information Disclosure
- Next by Date: [ GLSA 200601-11 ] KDE kjs: URI heap overflow vulnerability
- Previous by thread: Announcement: The Web Application Firewall Evaluation Criteria v1 Released
- Next by thread: MDKSA-2006:014 - Updated wine packages fix WMF vulnerability
- Index(es):
Relevant Pages
|
