Implementing a web application firewall only is not enough to secure web applications

As demonstrated during an OWASP Europe 2009 presentation, WAF’s (web application firewalls) also have vulnerabilities.  Sandro Gauci (founder and CSO for EnableSecurity) and Wendel Henrique (member of SpiderLabs) showed how an attacker can easily identify and bypass several well known web application firewalls using XSS (Cross site scripting) attacks, the same types of exploits WAF’s […]

Read More →