![Linux Security Podcast artwork](https://is2-ssl.mzstatic.com/image/thumb/Podcasts123/v4/cc/62/ae/cc62ae76-0387-ff85-e59b-88da8696f9ca/mza_8730464046244216939.png/100x100bb.jpg)
What is a WAF and How Are They Different from Traditional Firewalls - Linux Security Podcast Ep. 5
Linux Security Podcast
English - May 10, 2018 11:00 - 10 minutes - 24.6 MB - ★★★★★ - 1 ratingTechnology atomicorp cybersecurity endpointprotection linuxsecurity mikeshinn scottshinn waf Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: OSSEC, SIEM and Logging - Linux Security Podcast Ep. 4
Web application firewalls (WAF) are a specialized form of firewall designed to protect applications from internet-based attacks. Firewalls must be lightweight to ensure people can quickly get onto the internet and data can be returned, but WAFs are much more sophisticated. They need to interact with data coming from the web server and the user and analyze it in ways that a traditional firewall cannot. It is an application itself. Atomicorp CEO and long-time Modsecurity contributor Mike Shinn talks about these differences, good and bad WAF attributes, software-based WAFs, the role of rules in making a WAF effective and the origin of the open source WAF Modsecurity.