How to evaluate WAF blocking capabilities?

Question

OD

Application Security Data Analyst

How to evaluate WAF blocking capabilities?

Asked over 3 years ago

Does anybody know if there is a standart or any other public requremenets on a WAF/NGWAF blocking capabilities? What should be blocked by default, which types of attacks, vulnerabilities, etc.

API Security Software

Web Application Firewall (WAF) Software

Container Security Software

Comment

2 comments

2

Looks like you’re not logged in.

Users need to be logged in to answer questions

Log In

Ivan N. · Answer 1 · 2021-06-28T19:01:12-05:00

IN

Ivan N.

CEO at Wallarm, API security threat prevention solution. G2 API security leader. Secure REST, gRPC, GraphQL, WebSocket, SOAP and legacy APIs.

0

Answered over 3 years ago

We introduced n Open Source project GoTestWAF, you can use it as a Docker image or as an online service (https://www.wallarm.com/gotestwaf/overview) Please check this page https://www.wallarm.com/resources/go-test-waf Source code: https://github.com/wallarm/gotestwaf

delete edit

Looks like you’re not logged in.

Users need to be logged in to write comments

Log In

Reply

Anton K. · Answer 2 · 2021-06-18T03:18:38-05:00

AK

Anton K.

0

Answered over 3 years ago

Hello Oleksandra! Our WAF solution protects your applications and APIs from both behavior and input validation attacks. You can check the full list of attacks and vulnerability types we detect and block here (link https://docs.wallarm.com/attacks-vulns-list/).

How to evaluate WAF blocking capabilities?

About Wallarm API Security Platform