Panos Kampanakis Thu, 03/18/2010 - 17:18
User Badges:
  • Cisco Employee,

Tough question, depends on the products. WAFs in general are not there yet and do not catch as much as they could.

IPS on the other hand catches based on patterns and signatures which means it cannot always catch we app attacks.

Theoretically speking, WAS should be better at temote scripting, sql injection, server configuration and access control attacks.

I hope it helps a little.



This Discussion