[Esapi-user] ESAPI WAF

Juan Diego Botiva juan.botiva at itac.com.co
Mon Jan 14 22:52:36 UTC 2013

Hi Everyone! 

We are securing a web application that is still in development phase, and we want to add a WAF to protect it. We want to know if the ESAPI WAF can protect against the OWASP Top Ten, and if there are some configuration files with basic rules to start with in order to achieve this protection (we couldn't find any example with top ten protection), or if it's better to use other WAF like ModSecurity or a hardware one. Thanks in advance for your advice.


Juan Botiva

More information about the Esapi-user mailing list