A Web application firewall (WAF) is designed to protect Web applications against common attacks such as <a href="http://blogs.csoonline.com/xss_the_spark_to_the_ajax_dynamite">cross-site scripting</a> and <a href="http://blogs.csoonline.com/sans_warns_of_mass_sql_injection_attacks">SQL injection</a>. Whereas network firewalls defend the perimeter of the network, WAFs sit between the Web client and Web server, analyzing application-layer traffic for violations in the programmed security policy, says Michael Cobb, founder of Cobweb Applications, a security consultancy.
Mary Brandel |
11 Jun |
Read more