[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [avdl] Adding more protection to AVDL?
These are good suggestions. We should consider it for 2.0 revision. The remediation section for a vulnerability description provides generic handles to support block-types which can carry aggregate information, e.g. patch-information, test-generator, user-descriptions etc. It should be fairly easy to add a protective-filter capability with regex support that can be applied to specific ACL handles. thx, -Srinivas == Anton Chuvakin, Ph.D. wrote: > Ivan and all, > >> Basically I think extending AVDL to export protection >> rules (in portable web application firewall rule format) >> is a really good idea. Vulnerability scanners can be >> equipped with protection rules for known vulnerabilities, >> or can design a set of filters on the fly. > > > I am not often that slow, but I just realized that I also have > interest in that. I was analyzing some web attack classes and possible > matching protection measures for some project (with questions like: > can NIPS protect against SQL injection? Can web application hardening > stop XSS? etc) > > It looks like it is pretty hard to relate them and AVDL can help, if > extended in that direction. > > Best,
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]