Secure Coding mailing list archives

Another WAF in town

From: list-spam at secureconsulting.net (Benjamin Tomhave)
Date: Thu, 24 Sep 2009 14:00:50 -0700

Define "firewall" in this context, I guess, right? Something that
controls network and application access, separate from the application
itself? I don't recall it being defined in PCI DSS itself, so I'm sure
it'll be fine so long as one can properly explain it to the QSA. :)

-ben

McGovern, James F (HTSC, IT) wrote:

Interesting approach. Curious to know if this will satisfy a PCI
auditor as a compensating control (section 6)

-----Original Message----- From: sc-l-bounces at securecoding.org 
[mailto:sc-l-bounces at securecoding.org] On Behalf Of Kenneth Van Wyk 
Sent: Thursday, September 24, 2009 12:03 PM To: Secure Coding 
Subject: [SC-L] Another WAF in town

FYI, some activity in the open source WAF space:

http://www.darkreading.com/security/app-security/showArticle.jhtml?artic
 leID=220100630

Cheers,

Ken

----- Kenneth R. van Wyk SC-L Moderator

************************************************************ This
communication, including attachments, is for the exclusive use of
addressee and may contain proprietary, confidential and/or privileged
information.  If you are not the intended recipient, any use,
copying, disclosure, dissemination or distribution is strictly
prohibited.  If you are not the intended recipient, please notify the
sender immediately by return e-mail, delete this communication and
destroy all copies. 
************************************************************


_______________________________________________ Secure Coding mailing
list (SC-L) SC-L at securecoding.org List information, subscriptions,
etc - http://krvw.com/mailman/listinfo/sc-l List charter available at
- http://www.securecoding.org/list/charter.php SC-L is hosted and
moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free,
non-commercial service to the software security community. 
_______________________________________________


-- 
Benjamin Tomhave, MS, CISSP
falcon at secureconsulting.net
Blog: http://www.secureconsulting.net/
Twitter: http://twitter.com/falconsview
Photos: http://photos.secureconsulting.net/
Web: http://falcon.secureconsulting.net/
LI: http://www.linkedin.com/in/btomhave

[ Random Quote: ]
"Perhaps in time the so-called Dark Ages will be thought of as including
our own."
Georg Christoph Lichtenberg

Current thread:

Another WAF in town Kenneth Van Wyk (Sep 24)
- Another WAF in town McGovern, James F (HTSC, IT) (Sep 24)
  - Another WAF in town Wall, Kevin (Sep 24)
    - Another WAF in town Ivan Ristic (Sep 24)
  - Another WAF in town Benjamin Tomhave (Sep 24)