tag:blogger.com,1999:blog-13756280.post687192749168670359..comments2024-02-08T03:44:23.780-08:00Comments on Jeremiah Grossman: WebAppSec meets the NFLJeremiah Grossmanhttp://www.blogger.com/profile/05017778127841311186noreply@blogger.comBlogger2125tag:blogger.com,1999:blog-13756280.post-25259497456096259202008-05-21T06:30:00.000-07:002008-05-21T06:30:00.000-07:00Ronald - your comment is the perfect example of wh...Ronald - your comment is the perfect example of why I hate the fact that the name "web application firewall" was the name that stuck for this type of security device. As you stated - anytime someone hears the word firewall, there is an implied blocking aspect however detection and prevention are two separate functions. There are many WAF users who do not block and are instead using it as either an http-level auditing device or a finely tuned web IDS system.<BR/><BR/>We actually had a good discussion of that value of WAFs in Listen-Only mode on the WebAppSec mail-list earlier this year - http://www.webappsec.org/lists/websecurity/archive/2008-01/msg00022.htmlRyan Barnetthttps://www.blogger.com/profile/12300602630139148313noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-21238230353747133142008-05-20T16:18:00.000-07:002008-05-20T16:18:00.000-07:00"Web application firewalls, that are running in De..."Web application firewalls, that are running in Detection Only modes, are like trying to have a real football game but only doing two-hand touch"<BR/><BR/>I don't know anybody elses definition of a Firewall, but for me a Firewall blocks. He means an IDS? then again I can't see use in an IDS without and IPS, but hey that's me.<BR/><BR/>Ronald.Anonymousnoreply@blogger.com