[Esapi-user] ESAPI WAF

Kevin W. Wall kevin.w.wall at gmail.com
Mon Jan 14 23:18:51 UTC 2013


I'm partial to AppSensor. Suggest taking a look at that if your application
is a JavaEE one.

-kevin
Sent from my Droid; please excuse typos.
On Jan 14, 2013 5:53 PM, "Juan Diego Botiva" <juan.botiva at itac.com.co>
wrote:

> Hi Everyone!
>
> We are securing a web application that is still in development phase, and
> we want to add a WAF to protect it. We want to know if the ESAPI WAF can
> protect against the OWASP Top Ten, and if there are some configuration
> files with basic rules to start with in order to achieve this protection
> (we couldn't find any example with top ten protection), or if it's better
> to use other WAF like ModSecurity or a hardware one. Thanks in advance for
> your advice.
>
> Regards
>
> Juan Botiva
> _______________________________________________
> Esapi-user mailing list
> Esapi-user at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/esapi-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/esapi-user/attachments/20130114/77f3d0a2/attachment.html>


More information about the Esapi-user mailing list