DeepCode has been requested to evaluate the effectiveness of a Web Application Firewall (WAF) appliance from a foreign manufacturer.
DeepCode has been requested to evaluate the effectiveness of a Web Application Firewall (WAF) appliance from a foreign manufacturer. The client was considering purchasing the appliance for a SOC and wanted to verify some of the claims of the vendor. To complete this task, our team designed a methodology to evaluate up to 75 criteria expected from such an appliance. These criteria involved the presence of some key features and the successful identification and mitigation of common web-based attacks listed on the OWASP top 10 and based on the MITRE ATT&CK framework. A small laboratory simulating a small corporate network and web servers hosting popular web applications was stood up. Multiple attacks were launched against these servers with and without. The WAF was scored on each criterion and a full report was produced. The report contained the results, observations and recommendations about the WAF for the client’s specific purposes.