Web Application Firewall Evaluation Criteria Announced

Cyber Chief Magazine brings you the tactics to uncover and neutralize the insider threat

The Web Application Firewall Evaluation Criteria project announced its first public release. The goal of the project is to develop a detailed web application firewall evaluation criteria; a testing methodology that can be used by any reasonably skilled technician to independently assess quality of a web application firewall.

Categories that are covered in the first public draft include:

  • Deployment Architecture
  • HTTP Support
  • Detection Techniques
  • Protection Techniques
  • Logging
  • Reporting
  • Management

For more information check out the full document located at Web Application Security Consortium web site.