Commercial vs. Open Source, The WAF example

Submitted by Ofer Shezaf on 20 March 2011 - 11:18pm
Share/Save

An interesting case study by Joshua Drummond from UC Irvine compares two open source WAFs, ModSecurity and WebKnight to an unnamed commercial WAF. The results shed light not just on the difference between open source and commercial solutions but also highlight key requirements from a WAF. It seems that the two issues Joshua finds with Open Source WAFs are manageability and positive security. It would be interesting to see if the two new Open Source WAFs on the block would address those shortcomings.

The full article can be found here.

Tags: 
Open Source
WAFs
ModSecurity
WebKnight
UC Irvine
Joshua Drummond

Post new comment

More information about text formats

Full HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.