XML firewalls (WAF)

["Chris Hughes" <chughes () l8c com>]

After a reply to a previous post I was clued in on XML vulnerabilities with
web applications.  Off I went to do more reading when I discovered WAF.
> From what I read, the type of protection afforded by a WAF will address some
portion of the XML vulnerabilities for both internal as well as externally
facing web applications.  Now I'm left wondering which web based
applications actually use XML or other mechanisms (SOAP) that are at risk.
I have a big MS SharePoint implementation that I'm particularly concerned
about.

 

Is there a way short of calling the vendors to see if they present the risk
that WAF's allegedly help protect against?

 

Thanks

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards