Events for all Levels and InterestsStay
Jump Start Your Career GrowthStay
Get on the Higher Ed IT MapStay
Uncommon Thinking for the Common Good™Stay
Enhancing Application Security With a Web Application Firewall
Thursday, February 17, 2011
UC Irvine has done extensive research in comparing the many different options short of physically testing each appliance. After meeting with each vendor, UC Irvine asked them to send a completed version of the Web Application Firewall Evaluation Criteria from the Web Application Security Consortium (WASC). UC Irvine combined these into a single document that allowed for side-by-side comparison of each feature and created a list of core requirements: "positive" security model that profiles application behavior and rejects anomalies, centralized device that won't introduce a bottleneck in performance, strong attack signatures with updates and the ability to write custom rules, detection only and block modes of operation, and data leakage protection.