Web Application Security Forum

4a9464d2 daef 4573 a88c a841540cd4ae avatar
Information Security Engineer at a tech services company with 1,001-5,000 employees
Oct 12 2017
We required a 24/7 automated vulnerability monitoring tool for securing our web applications. We are looking for options like Sitelock and Immuniweb.
1ab7f0d0 41de 414f 9e5d f9769ff90cdd avatar
Omar Al IbrahimThere are various tools out there in the market such as web application firewalls (WAFs), DDoS prevention, and vulnerability scanning tools at various levels (host vs. web). You need to select a combination of the right toolset to do the job. However, web security is not just about the tools, you need to conduct proper assessment of your environment through penetration testing, code review, architecture review and so forth.
Travis le li?1428068347
Travis LeI haven't heard about SiteLock or Immuniweb, but I have used Qualys Web Application Scanning (WAS) and IBM SiteProtector. They are great vulnerability tools. I just want to add to what Omar said, having IDS/IPS tools like FireEye or QRadar is also benefits to protect assets. Let us know what your decision is.
D3c87271 2b2e 441b a653 2652ac9d83a6 avatar
Randy Varela CorderoA WAF can be an excellent solution, most of them are design to absorb large attacks such as DDOS attacks and also protects against common application attacks (SQLi, XSS, etc). Akamai is a good example of a CDN which includes WAF a cheaper option can be Cloudfare or AWS . Based on my experience I know Akamai WAF can generate a detail report with the type of attacks that is trying to be exploited as well bot information and GEO Tags.
Anonymous avatar x80
Project Manager with 1,001-5,000 employees
We are in the process of implementing a WAF, but we need to decide which WAF to acquire based on 3 main aspects: 1. Security: Which one offers the best response to known and 0 day threats? 2. Administration: Which one is more intuitive and easy to administrate? 3. Benefit vs. cost  Thanks
025d44ee 6244 4d7d bade 7365efc334da avatar
Product Manager ( HP EG Enterprise ) at Ingram Micro
Imperva WAF and Barracuda, which one is better?

Sign Up with Email