Security Basics mailing list archives

Re: PCI DSS Req. 6.6 ( Web Application )

From: Adriel Desautels <adriel () netragard com>
Date: Tue, 27 May 2008 19:03:34 -0400

Mohamed,

I do not specifically have any options, only recommendations. Have youalready performed a Web Application Security Assessment against yourapplication? Are you using the reverse proxy to protect an applicationso that you can try and avoid having the assessment done? Tell me moreabout your requirements and maybe I can help.


Regards,
        Adriel T. Desautels
        Chief Technology Officer
        Netragard, LLC.
        Office : 617-934-0269
        Mobile : 617-633-3821
        http://www.linkedin.com/pub/1/118/a45

        Join the Netragard, LLC. Linked In Group:
        http://www.linkedin.com/e/gis/48683/0B98E1705142

---------------------------------------------------------------
Netragard, LLC - http://www.netragard.com  -  "We make IT Safe"
Penetration Testing, Vulnerability Assessments, Website Security

Netragard Whitepaper Downloads:
-------------------------------
Choosing the right provider : http://tinyurl.com/2ahk3j
Three Things you must know  : http://tinyurl.com/26pjsn


Mohamed Farid wrote:

Thanks - but do you have another options ?

Mohamed Farid ,CISSP,CCSP,S+m.farid.shawara () gmail com-----Original Message-----From: Adriel Desautels [mailto:adriel () netragard com]Sent: Tuesday, May 27, 2008 11:24 PM

To: Mohamed Farid
Cc: security-basics () securityfocus com
Subject: Re: PCI DSS Req. 6.6 ( Web Application )

Mohamed,
        There is an entire thread about this subject. My recommendation was

touse Mod Security. http://www.modsecurity.org.


Regards,
        Adriel T. Desautels
        Chief Technology Officer
        Netragard, LLC.
        Office : 617-934-0269
        Mobile : 617-633-3821
        http://www.linkedin.com/pub/1/118/a45

        Join the Netragard, LLC. Linked In Group:
        http://www.linkedin.com/e/gis/48683/0B98E1705142

---------------------------------------------------------------
Netragard, LLC - http://www.netragard.com  -  "We make IT Safe"
Penetration Testing, Vulnerability Assessments, Website Security

Netragard Whitepaper Downloads:
-------------------------------
Choosing the right provider : http://tinyurl.com/2ahk3j
Three Things you must know  : http://tinyurl.com/26pjsn


Mohamed Farid wrote:

Dear All :

Any recommendations for a cost effective Web Application Firewall to cover
the PCI DSS Requirement 6.6 ?
Thanks ,,,
Mohamed Farid ,,,

Current thread:

PCI DSS Req. 6.6 ( Web Application ) Mohamed Farid (May 27)
- Re: PCI DSS Req. 6.6 ( Web Application ) Adriel Desautels (May 27)
  - Message not available
    - Re: PCI DSS Req. 6.6 ( Web Application ) Adriel Desautels (May 28)
- RE: PCI DSS Req. 6.6 ( Web Application ) Rui Pereira (WCG) (May 27)
  - Message not available
    - Fwd: PCI DSS Req. 6.6 ( Web Application ) Amar Kulo (May 28)
- Re: PCI DSS Req. 6.6 ( Web Application ) DaKahuna (May 28)