Comparative penetration test against three web application firewall solutions.
Zero Science Lab published a comparative analysis of the safety of the three leading WAF-solutions.
According to experts, the highest attack rate lock was fixed with a free product ModSecurity.
Information security experts from the company Zero Science Lab published the results of the comparative penetration tests carried out in relation to the three” leading Web Application Firewall (WAF) solutions.
“Our goal was to bypass security restrictions, by any means available to us, including the circumvention of existing data services filter” – experts say. The document also shows that a point of comparison were two cloud solutions from companies and Incapsula CloudFlare, as well as a free service by Trustwave SpiderLabs ModSecurity.
The table below shows the overall test statistics, which implies that the highest ratio of blocking attacks was recorded in product ModSecurity:
“Given that ModSecurity is free, we signed up for both CloudFlare and Incapsula paid Business plan. They have noticeably different prices for their paid plans. CloudFlare Business Plan is $200/month (the WAF is also available in the Pro Plan, for $20/month). Incapsula Business Plan is $59/month “, – says the researchers. Thus, the lowest level of information security has been assigned the most expensive of the services.
Read the report Zero Science Lab here.