Web Application Security Statistics. Download pdf version Download Security Statistics 2007 The Web Application Security Consortium (WASC) is pleased to announce the WASC Web Application Security Statistics Project 2008.
Web Application Firewalls: How to Evaluate, Purchase and Implement. A Web application firewall (WAF) is designed to protect Web applications against common attacks such as cross-site scripting and SQL injection.
Whereas network firewalls defend the perimeter of the network, WAFs sit between the Web client and Web server, analyzing application-layer traffic for violations in the programmed security policy, says Michael Cobb, founder of Cobweb Applications, a security consultancy. While some traditional firewalls provide a degree of application awareness, it's not with the granularity and specificity that WAFs provide, says Diana Kelley, founder of consultancy Security Curve.
ModSecurity: Open Source Web Application Firewall. Web Application Firewall Evaluation Criteria. Get WAFEC 1.0 WAFEC 1.0 is available in several formats: PDF version, HTML Version and Text Version Please note that WAFEC, like all other WASC projects, is distributed under the creative common license.
Please respect this license. Particularly note that the license requires that if you use the information you attribute it to WASC and WAFEC. WAFEC Response Matrix 1.0. Www.cert-ist.com/documents/Document_Cert-IST_000333.pdf. OWASP Best Practices: Use of Web Application Firewalls.