Comment by awoimbee

Comment by awoimbee 8 hours ago

0 replies

View on Hacker News

I'm in the position where I have to run a WAF to pass security certifications. The only open source WAFs are modsecurity and it's beta successor, coraza. These things are dumb, they just use OWASP's coreruleset which is a big pile of unreadable garbage.