Xiom is the premier web sites focusing on Web Application Firewalls (WAFs). On Xiom.com you can find:
- The WAF research center.
- ModSecurity information center.
- WASC Web Aapplication Firewall Evaluation Criteria (WAFEC) scratchpad
In addition you can find here the home page of several important industry initiatives that we lead, including:
- The Web Hacking Incident Database, hosted on this site.
- The OWASP Israeli chapter, which Ofer Shezaf, Xiom founder, leads.
The Xiom.com web site is lead by Ofer Shezaf, a renound world expert on web application firewalls.
What is a Web Application Firewall?
Web application security has become one of the biggest security issues facing the Internet and IT in general. In order to mitigate the web hacking risk, organizations are deploying real time application security solutions, primarily web application firewalls (WAFs).
Web applications firewalls are not new. The first one was introduced in 1997. But web application firewalls did not receive significant market attention until recently.One of the primary drivers for web application firewalls adaption today is the Payment Card Industry Data Security Standard or PCI for short.
Simply put, A WAF is an operational security control which monitors HTTP traffic in order to protect web applications from attacks, but only by defining the method used to protect applications, a WAF can be differentiated from other security solutions that inspect traffic, most notably IDS and IPS.