The Network Security. Org

Web application firewalls create breathing room

Having a Web application firewall in place can mean the difference between scrambling to fix a vulnerability -- taking an application offline and paying emergency overtime fees for developers and QA staff -- or having the breathing room to repair the vulnerability on your own schedule.

That's a tangible return on investment, said Mark Kraynak, director of product marketing at Imperva Inc. in Foster City, Calif., and contributor to the recently released Web Application Firewall Evaluation Criteria (WAFEC) from the Web Application Security Consortium (WASC).

Web application firewalls (WAFs) are an emerging category of firewall, defined by the consortium as "an intermediary device, sitting between a Web client and a Web server, analyzing OSI Layer 7 messages for violations in the programmed security policy. A Web application firewall is used as a security device protecting the Web server from attack." Web application firewalls create breathing room

More News

• Several vulnerabilities closed in the Linux kernel
  



• 8 Best Practices for Encryption Key Management and Data Security
  



• Free Honeypot Client Could Sting Malware
  



• What Firewalls Do & Donot Do
  



• Symantec fingers D Link for bot attacks
  



• WhiteHat: 90% of Sites Still Vulnerable
  



• Red Hat releases free security code
  



• A new type of Bluetooth security
  



• Dude, where is my perimeter?
  



• Scaring users into IT security
  



• VMware fixes security bugs
  



• The top 10 security land mines
  



• Encrypt volumes through a cross platform GUI with TrueCrypt 5.0
  



• The threat of the Ajax Super Worm
  



• eEye to Add Retina Web App Scanner
  



• FTP Hacking on the Rise
  



• Microsoft Patches 12 Office Security Holes
  



• Malware removes rival rootkits
  



• Security holes in VLC media player patched
  



• Five basic mistakes of security policy