The Latest in IT Security

Web Application Firewalls Tested Against XSS Attacks

16
Sep
2015
Web Application Firewalls Tested Against XSS Attacks

Managed-Firewall-Services

A researcher has conducted experiments to some of the most popular () and see how efficient they are in protecting against cross-site scripting (XSS) attacks.

A WAF is an appliance, a plugin or a filter that applies a set of rules to web communications in an effort to block common types of attacks, such as SQL injection and XSS. However, UAE-based security researcher Mazin Ahmed has attempted to demonstrate that many WAFs, including open source and commercial products, have weaknesses that could be exploited by malicious actors.

Ahmed published a paper last week detailing XSS filter evasion tests made on F5 Networks’ Big-IP, Incapsula’s WAF, AQTRONIX WebKnight, PHP-IDS, Trustwave’s ModSecurity, Sucuri’s WAF, QuickDefence, and Barracuda’s WAF.

Read More

Leave a reply


Categories

SUNDAY, DECEMBER 17, 2017

Featured

Archives

Latest Comments

Social Networks