10-13-2012 02:41 AM - edited 10-13-2012 03:28 AM
I'd like to know what are the differences between WAF and WebInspect?
If a company already had WAF, do they need WebInspect or not?
Solved! Go to Solution.
10-15-2012 12:37 PM
HP WebInspect is a proactive testing tool used to high-light coding flaws expressed as web application security issues. Its ultimate goal is to help developers identify and fix these issues so that their live code is hardened and able to withstand attack, whether coming from external or internal sources.
"WAF" stands for "web application firewall" which is generally an in-line appliance or software that detects malicious web application specific attacks and blocks them on the perimeter. HP TippingPoint is a major product family in the WAF market, and is capable of absorbing HP WebInspect scan results to be used as blocking rules in the interim period that it takes for the development team to fix the issues high-lighted.
-- Habeas Data