[AusNOG] web App firewalls.

Adrian Chadd adrian at creative.net.au
Fri May 28 14:16:41 EST 2010


On Fri, May 28, 2010, Dobbins, Roland wrote:

> And as far as PCI DSS is concerned, mod_security on the Web servers themselves fulfills the requirement admirably, without detracting from one's security posture in the manner of a stateful 'web application firewall'.

But it doesn't come with a justifyable increase in the allocated cap-ex budget
for your fiefdom.


Adrian




More information about the AusNOG mailing list