This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

AppSecEU08 Evaluation Criteria for Web Application Firewalls

Jump to: navigation, search

Everyone needs a web application firewall (WAF), but the lack of standardised evaluation criteria is making the selection process unnecessarily difficult and clouded in mystery. This session will discuss which WAF features really matter, how to customise the work of the Web Application Firewall Evaluation Criteria project, and how to use the customised criteria to select the best product.