[Esapi-user] ESAPI WAF
Juan Diego Botiva
juan.botiva at itac.com.co
Mon Jan 14 22:52:36 UTC 2013
We are securing a web application that is still in development phase, and we want to add a WAF to protect it. We want to know if the ESAPI WAF can protect against the OWASP Top Ten, and if there are some configuration files with basic rules to start with in order to achieve this protection (we couldn't find any example with top ten protection), or if it's better to use other WAF like ModSecurity or a hardware one. Thanks in advance for your advice.
More information about the Esapi-user