Comment to “Vulnerability assessment integration with web application firewalls”
November 9th, 2009
No comments
That’s an excellent post on the vision of WAF and vulnerability assessment. I agree to the points that “accuracy” should be the top priority of remote web assessment and integration between VM and WAF.
However, this gives us another hint – we need a commonly adopted standard format to exchange the message – similarly what the industry did on IDMEF before. It’s not an optimistic goal from historical perspective. So in short term, before that standards, integration inside one single vendor and product alliance will be the pioneer on the automation/ integration between VM+WAF.
Recent Comments