Web Application Firewall Evaluation Criteria Announced

The Web Application Firewall Evaluation Criteria project announced its first public release. The goal of the project is to develop a detailed web application firewall evaluation criteria; a testing methodology that can be used by any reasonably skilled technician to independently assess quality of a web application firewall.

Categories that are covered in the first public draft include:

  • Deployment Architecture
  • HTTP Support
  • Detection Techniques
  • Protection Techniques
  • Logging
  • Reporting
  • Management

For more information check out the full document located at Web Application Security Consortium web site.