John,
Can you expand on #2? How do you measure the number of attacks stifled?
_--
Rafal
_Mobile: (404) 606-6056
_Email: Rafal.Los@Seventy7.Consulting<mailto:Rafal.Los@Seventy7.Consulting>
From: John Lampe via Dailydave <dailydave(a)lists.aitelfoundation.org>
Reply-To: John Lampe <jlampe(a)tenable.com>
Date: Saturday, July 11, 2020 at 9:52 PM
To: Dave Aitel <dave.aitel(a)gmail.com>
Cc: "dailydave(a)lists.aitelfoundation.org"
<dailydave(a)lists.aitelfoundation.org>
Subject: [Dailydave] Re: [EXTERNAL] WAF Metrics
So, I recently did an integration for a company that took their web app scanner results
and mapped those to existing WAF rules. I can think of 2 metrics based off that
1) How many real-world vulns have a corresponding check in the WAF? and
2) Once the WAF rules have been put in place to protect actually-vulnerable endpoints, how
many attacks were actually stifled?
John
On Sat, Jul 11, 2020 at 12:51 PM Dave Aitel via Dailydave
<dailydave@lists.aitelfoundation.org<mailto:dailydave@lists.aitelfoundation.org>>
wrote:
*** CAUTION: This email was sent from an EXTERNAL source. Think before clicking links or
opening attachments. ***
________________________________
So I'm making a video on metrics, of all things, and I wanted to post both this
question <https://twitter.com/daveaitel/status/1281629327776522242?s=20> and the
best answer so far to the list to see if anyone had any other ideas or followups.
-dave
[cid:image001.png@01D65902.CB3B5C00]
[cid:image002.png@01D65902.CB3B5C00]
_______________________________________________
Dailydave mailing list --
dailydave@lists.aitelfoundation.org<mailto:dailydave@lists.aitelfoundation.org>
To unsubscribe send an email to
dailydave-leave@lists.aitelfoundation.org<mailto:dailydave-leave@lists.aitelfoundation.org>