I was offline for a bit to deal with some family issues. Good to be back.
Today’s quick post is on a hot-off-the-press report I just published: “Web Application Firewall: 2010 And Beyond”. http://bit.ly/9utFJG.
The premise is that pure WAFs are morphing into WAF+, which finds its place in firms’ network infrastructure.
A quick abstract: “Having been thrust into the spotlight by payment card industry (PCI) data security standard (DSS) requirements three years ago, Web application firewall (WAF) — a technology that detects and blocks attacks against Web applications — has significantly matured. It’s taken on a decidedly interesting identity, and standalone WAFs are almost nonexistent. In its place are solutions that include additional network functionality like content acceleration, application visibility, authentication, and database monitoring. We dub this new family of products “WAF+”. Forrester estimates the 2009 market revenue of the WAF+ market to be nearly $200 million, and the market will grow by a solid 20% in 2010. Security and risk managers can expect two WAF trends in 2010: 1) midmarket-friendly WAFs will become available, and 2) larger enterprises will gravitate toward the increasingly prevalent WAF+ solutions.”
Pingback: Scanners and WAFs Work Hand-in-Hand « Hyperguarding your Web Applications