Subscribe to RSS - WAFs

WAFs

Suto strikes again, or getting the desired results regardless of data

Submitted by Ofer Shezaf on 17 November 2011 - 11:37pm
Share/Save

Larry Suto, who brought scanners wars 1 and 2 has published a WAF effectiveness research. As usual, Larry’s work is fun to dissect. While Larry’s research is not worse than your average analyst’s work, he does try to base his conclusion on more concrete and pseudo-scientific research making it much more vulnerable to scrutiny.

Tags: 
Solutions Accuracy
WAFs
Scanners
Larry Suto
Research Analysis

First Chinese Entry

Submitted by Ofer Shezaf on 10 May 2011 - 12:14am
Share/Save

NFOCUS WAF is a new entrant to the WAF market. This new entrant to the WAF market is unique but not due to its bell and whistles but rather because it is the first Chinese WAF we are aware of. NFOCUS is not a new company and exist since 2000, but just recently started operations in the US. Based on its customers list, the company is well established in the Chinese market.

Tags: 
NFOCUS
China
WAFs

Commercial vs. Open Source, The WAF example

Submitted by Ofer Shezaf on 20 March 2011 - 11:18pm
Share/Save

An interesting case study by Joshua Drummond from UC Irvine compares two open source WAFs, ModSecurity and WebKnight to an unnamed commercial WAF. The results shed light not just on the difference between open source and commercial solutions but also highlight key requirements from a WAF. It seems that the two issues Joshua finds with Open Source WAFs are manageability and positive security. It would be interesting to see if the two new Open Source WAFs on the block would address those shortcomings.

Tags: 
Open Source
WAFs
ModSecurity
WebKnight
UC Irvine
Joshua Drummond

If it is Patented, Why Bother with the Feature?

Submitted by Ofer Shezaf on 10 March 2011 - 3:40pm
Share/Save

While the Cenzic and Sanctum pen testing patents discussed in an earlier blog article questions the value of information security patents to the society, the classic Sanctum web application firewall patent presents another risk brought on by information security patents: the risk of obscurity.

Tags: 
WAFs
Patents
Sanctum
Watchfire
IBM
Checkpoint
Statefull Inspection
FTP

Why WAFs Fail?

Submitted by Ofer Shezaf on 23 February 2011 - 10:41pm
Share/Save

While securing web applications is a well understood need, and while WAFs have clear advantages over code review and testing such as immediate mitigation and higher automation, the WAF market is still a small market. The attached presentation discusses and offers some explanations to this phenomenon. 

Tags: 
WAFs
WAFEC
Research Analysis

ModSecurity Works!

Submitted by Ofer Shezaf on 19 February 2009 - 3:21am
Share/Save

Well sure it works. However a short blog entry of an insulted WordPress lover shows that it also delivers security.

The story is quoting a hosting provider recommending to a client to be very careful with a WordPress installation as it is often defaced, and the reason? WordPress does not work well with ModSecurity and therefore an exception is needed to remove ModSecurity protection. This results in the WordPress site being defaced more often...

Tags: 
ModSecurity
WAFs

Fortinet Joins the WAF Market

Submitted by Ofer Shezaf on 19 February 2009 - 1:39am
Share/Save

More players are welcomed news in the WAF market, a market which seems to be aging in its infancy. Therefore Fortinet entry to the market is certainly good news. As a company that is positioned to join the big three firewall vendors, Fortinet can certainly provide much needed credibility to the WAF market. Saying that, we must recall that Cisco entry into the WAF market last year made little impact on the market place, probably due to an overprices but underpowered offering.

Tags: 
Fortinet
WAFs