[Esapi-user] ESAPI WAF

Juan Diego Botiva juan.botiva at itac.com.co
Mon Jan 14 22:52:36 UTC 2013


Hi Everyone! 

We are securing a web application that is still in development phase, and we want to add a WAF to protect it. We want to know if the ESAPI WAF can protect against the OWASP Top Ten, and if there are some configuration files with basic rules to start with in order to achieve this protection (we couldn't find any example with top ten protection), or if it's better to use other WAF like ModSecurity or a hardware one. Thanks in advance for your advice.

Regards

Juan Botiva


More information about the Esapi-user mailing list