The Latest in IT Security

Web Application Firewalls Tested Against XSS Attacks

16
Sep
2015
Web Application Firewalls Tested Against XSS Attacks

Managed-Firewall-Services

A researcher has conducted experiments to some of the most popular () and see how efficient they are in protecting against cross-site scripting (XSS) attacks.

A WAF is an appliance, a plugin or a filter that applies a set of rules to web communications in an effort to block common types of attacks, such as SQL injection and XSS. However, UAE-based security researcher Mazin Ahmed has attempted to demonstrate that many WAFs, including open source and commercial products, have weaknesses that could be exploited by malicious actors.

Ahmed published a paper last week detailing XSS filter evasion tests made on F5 Networks’ Big-IP, Incapsula’s WAF, AQTRONIX WebKnight, PHP-IDS, Trustwave’s ModSecurity, Sucuri’s WAF, QuickDefence, and Barracuda’s WAF.

Read More

Leave a reply


Categories

SUNDAY, SEPTEMBER 15, 2019
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments

Social Networks