AUSTIN, Texas – April 11, 2017 – NSS Labs, Inc., the global leader in operationalizing cybersecurity, today announced the results of its second Web Application Firewall (WAF) Group Test. A growing segment of the security market, WAFs employ a wide range of functions to work in conjunction with perimeter firewalls and intrusion prevention system (IPS) technologies to provide protection specifically for web applications. Of the five market-leading WAF vendors whose products had results published today, four products received a Recommended rating, while one product received a Caution rating.
Websites are exposed to web-based application attacks designed to bypass data center firewalls (DCFWs) and data center intrusion prevention systems (DCIPS). WAF products protect web servers by inspecting HTTP communication for malicious content. Although WAF products can be used as transparent bridges to inspect traffic, many enterprises are utilizing WAFs as reverse proxies that sit between the user and web server, allowing inspection of encrypted traffic. The ability of WAFs to inspect encrypted traffic has become increasingly important, as at least 75% of all web traffic will be encrypted by 2019.