Network Based (Proxy, Bridge or Sniffer)
- Armor Logic - Profense
- Assurent - Web Application Firewall
- Barracuda (fromerly NetContinuum) - Web Application Firewall
- Bee-Ware - i-Suite
- Breach Security - WebDefend
- BugSec - WebSniper
- Citrix (Formerly Teros) - Application Firewall
- Cisco - ACE XML Gateway
- Deny All - rWeb
- F5 - Application Security Manager
- Fujitsu - IPCOM EX (Xiom Coverage)
- GeNUA - GeNUScreen (Based on Art of Defence)
- Guardian@JUMPERZ.NET (open source)
- Imperva - SecureSphere
- Imperva’s DIY syslog format - intersting article about the internals of Imperva's flexible syslog mechanism
- JetNexus - Enterprise Traffic Manager JAF (Based on Art of Defence hyperguard)
- Mykonos - The Mykonos Security Appliance
- Protegrity - Defiance
- Radware - AppWall (Based on Protegrity)
- Armorize - smartWAF (Various hosts, Based on Art of Defence)
- Art of Defence - Hyperguard (Various hosts)
- Applicure - dotDefender (Apache and IIS)
- HTTP Data Integrity Validator (HDIV) (Java, open source) (1)
- ModSecurity (Apache, open source)
- Privacyware - ThreatSentry (IIS)
- Port80 - ServerDefender (IIS)
- IISwall (IIS)
- OWASP ESAPI WAF (Java)
Many of the tools in this section have been proclaimsed by their creators as WAFs, but do not qualify by Xiom definition. This observation is based on available documentation, which in many cases is lacking, and we are open to comments and corrections.
Unless noted otherwise, HTTP aware IDPS solutions are host based.
- DragonSoft - Personal WAF (IIS, Sold as a WAF)
- Nec - SiteShell (Apache and IIS, sold as a WAF).
- PHP IDS (Open Source, PHP)
- Anit Hacker (Open Source, PHP)
- AQTRONIX - WebKnight (Open Source, IIS, offered as a WAF)
- jFirewall - commercial but cheap solution specifically targeting Joomla sites.
- Microsoft - URLscan (Free, IIS).
- Additional URLscan resources can be found at CGI security
- EEye - SecureIIS (IIS)
- Gothan - Secure Parameter Filter for IIS (SPF) (Free, IIS). an IIS filter that signs URLs, parameters and cookies sent to the client to ensure that they are not tampered with. Also includes rudimentary black list signatures.
- Web Application Firewall for ColdFusion (ColdFusion, still not released