wasc-wafec@lists.webappsec.org
WASC Web Application Firewall Evaluation Criteria Project Mailing List
View all threadsGartner’s Magic Quadrant
Since the Gartner Magic Quadrant I believe we should include
consideration of http://blogs.gartner.com/adam-hils/tag/waf/ within
the next release of WAFEC, specifically if there is something missing
from WAFEC that was considered by Gartner?
Aside from Common Criteria, the Gartner Magic Quadrant is a major
factor in selecting a WAF product?
This may also increase the visibility of the next release of WAFEC if
it is cited by Gartner.
Please let me know your thoughts?
--
Regards,
Christian Heinrich
Gartner MQ is normally high level, and wide in aspects considered (market
share, global/regional presence, and the testimonial of users about the
product and support). The product is just one of then. And I see wafec with
the potential for a technical view, that MQ don't offer. Allows the user to
a more deep technical evaluation of the products.
Be referred by Gartner will bring good exposure, no doubt.
Klaubert
Em 20/06/2014 19:42, "Christian Heinrich" christian.heinrich@cmlh.id.au
escreveu:
Since the Gartner Magic Quadrant I believe we should include
consideration of http://blogs.gartner.com/adam-hils/tag/waf/ within
the next release of WAFEC, specifically if there is something missing
from WAFEC that was considered by Gartner?
Aside from Common Criteria, the Gartner Magic Quadrant is a major
factor in selecting a WAF product?
This may also increase the visibility of the next release of WAFEC if
it is cited by Gartner.
Please let me know your thoughts?
--
Regards,
Christian Heinrich
wasc-wafec mailing list
wasc-wafec@lists.webappsec.org
http://lists.webappsec.org/mailman/listinfo/wasc-wafec_lists.webappsec.org
Klaubert,
On Sat, Jun 21, 2014 at 2:05 PM, Klaubert Herr da Silveira
klaubert@gmail.com wrote:
Gartner MQ is normally high level, and wide in aspects considered (market
share, global/regional presence, and the testimonial of users about the
product and support). The product is just one of then. And I see wafec with
the potential for a technical view, that MQ don't offer. Allows the user to
a more deep technical evaluation of the products.
Be referred by Gartner will bring good exposure, no doubt.
I agree with the above but without a reasonable analysis of the
methodology used by Gartner to produce the Magic Quadrant I can't make
a definitive assertion.
At the very least we will learn what Gartner consider important which
may not be technical aspects of a WAF, such as vendor solvency,
support, etc.
Inversely, we may be able to influence Gartner in what technical
feature should be mandatory for a WAF for their next release of the
Magic Quadrant.
I have created and an informal TODO list at
https://github.com/cmlh/WAFEC/issues and added this to it.
--
Regards,
Christian Heinrich
On Fri, Jun 20, 2014 at 6:42 PM, Christian Heinrich <
christian.heinrich@cmlh.id.au> wrote:
Since the Gartner Magic Quadrant I believe we should include
consideration of http://blogs.gartner.com/adam-hils/tag/waf/ within
the next release of WAFEC, specifically if there is something missing
from WAFEC that was considered by Gartner?
Aside from Common Criteria, the Gartner Magic Quadrant is a major
factor in selecting a WAF product?
This may also increase the visibility of the next release of WAFEC if
it is cited by Gartner.
Please let me know your thoughts?
Well, I am not from the team that created the document, but I was one of
the reviewers.
If you have any data you want to pass to the author team, I'd be happy to
do it. The doc is very new and at this point [frankly] is not yet a major
force for WAF selection -- but given the influence of other MQ docs, it is
very likely to be.
Also, if you [or anybody else on the list] has any specific feedback you
want passed to the team authors, I can do that too.
--
Dr. Anton Chuvakin
Site: http://www.chuvakin.org
Twitter: @anton_chuvakin
Work: http://www.linkedin.com/in/chuvakin
Anton,
On Mon, Jun 23, 2014 at 1:03 PM, Anton Chuvakin anton@chuvakin.org wrote:
Well, I am not from the team that created the document, but I was one of the
reviewers.
If you have any data you want to pass to the author team, I'd be happy to do
it. The doc is very new and at this point [frankly] is not yet a major force
for WAF selection -- but given the influence of other MQ docs, it is very
likely to be.
Also, if you [or anybody else on the list] has any specific feedback you
want passed to the team authors, I can do that too.
Would you be able to take the lead (with another person who would
perform due diligence} on correlating the next release of WAFEC to the
Gartner MQ after we have completed the review of the current WAFEC
release and published the draft additional content that we intend to
include/exclude [in the next release of WAFEC]?
--
Regards,
Christian Heinrich
On Mon, Jun 23, 2014 at 3:29 PM, Christian Heinrich <
christian.heinrich@cmlh.id.au> wrote:
Anton,
On Mon, Jun 23, 2014 at 1:03 PM, Anton Chuvakin anton@chuvakin.org
wrote:
Well, I am not from the team that created the document, but I was one of
the
reviewers.
If you have any data you want to pass to the author team, I'd be happy
to do
it. The doc is very new and at this point [frankly] is not yet a major
force
for WAF selection -- but given the influence of other MQ docs, it is very
likely to be.
Also, if you [or anybody else on the list] has any specific feedback
you
want passed to the team authors, I can do that too.
Would you be able to take the lead (with another person who would
perform due diligence} on correlating the next release of WAFEC to the
Gartner MQ after we have completed the review of the current WAFEC
release and published the draft additional content that we intend to
include/exclude [in the next release of WAFEC]?
Sure, that sounds like something I can do. Frankly, MQ will be orthogonal
to WAFEC [IMHO] except for maybe defining what constitutes a WAF...
--
Dr. Anton Chuvakin
Site: http://www.chuvakin.org
Twitter: @anton_chuvakin
Work: http://www.linkedin.com/in/chuvakin