Many web security solutions, including some WAFs, focus on signature-based protection. In the attached paper, I will explore the
shortcomings of such an approach and how more advanced methods such as "positive" security, session monitoring and application
processing monitoring are crucial in protecting a web application.
Beyond negative security
No comments:
Post a Comment