[OWASP-Security101] ModSecurity vs Commercial Products

Campbell, Dominic dominic.campbell at logica.com
Mon Aug 20 10:13:49 UTC 2012

Hi All,
I've been tasked with protecting XML content and am looking at 3 options:

1.       ModSecurity

2.       Vordel

3.       Layer7
I want to choose ModSecurity as it ticks all the boxes in terms of the features I need (as do the others, but they cost a lot of money).
However, I need to convince my customer (believe it or not), who is worried about:

1.       Supportability and long-term life (specifically of the supportability of rule-sets)

2.       It's "quite new" so not necessarily heavily used (i.e. no pedigree)

3.       Where is it used/who uses it (i.e. looking for some "big names")
So, any help to bolster my case for ModSecurity over the others would be massively appreciated.
If this isn't the right forum for such a question, then being pointed in the right direction would be helpful.
Many Thanks,

Think green - keep it on the screen.

This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.

More information about the Security101 mailing list