Web Application Firewall (WAF) Testing Framework - Find Out If Your Application Security Controls Work

Imperva has developed a free evaluation toolkit that enables you to test your application security solution—your Web application firewall or network firewall or intrusion prevention system—and find out if it can stop advanced application attacks. The Web Application Firewall (WAF) Testing Framework conducts over 150 tests, including SQL injection, cross site scripting, and remote file inclusion. It leverages the same evasion techniques used by hackers to bypass simple signature-based solutions and it generates a report that reveals
overall security efficacy.

Measure False Positives
While you need to safeguard your applications, your ironclad defenses should not block legitimate users. You should evaluate whether your security solution can stop attacks without blocking valid traffic. The WAF Testing Framework determines the rate of false positives by inserting legitimate, but potentially suspicious, input into form fields and parameters. It produces clear, informative reports that summarize false positives and false negatives, allowing you to gauge the accuracy of your security solution.

The WAF Testing Framework allows you to:

  • Quickly evaluate the effectiveness of your application security solution
  • Recognize if your security controls might block legitimate users
  • Examine stateful attacks like cookie tampering and Cross Site Request Forgery (CSRF)
  • Produce clear, concise reports that illustrate overall security status
  • Extend the baseline set of security assessments to include custom tests
Application Security Test Environment
The WAF Testing Framework provides everything you need to test your application security controls. It includes a Java-based executable for Windows and WebGoat, an intentionally insecure Web application developed by OWASP. Download the WAF Testing Framework today to evaluate your Web application firewall today.

Download now 91.1 MB
Software RequirementsOperating Systems:
Windows XP/Vista/7/
Server 2003/Server 2008,
Redhat Linux
Sun Java JRE 1.6+File Size:

Source-