Abstract

Because the web is an essential business tool and in constant use by organizations small and large, it is also the most likely path for attacks to enter an organization. The threats are ever-changing and a challenge for most security vendors to detect. Failure to detect attacks can disrupt the flow of business; at the same time, legitimate users need to access the web server for convenience and efficiency. Penta Security has designed the WAPPLES web application firewall security engine to block web attacks, while providing accurate detection and minimizing performance degradation.

Penta Security Systems, Inc. commissioned Tolly to evaluate the effectiveness, performance and functionality of its WAPPLES WAF and compare that to a widely deployed competing product (identified in this report as Vendor X).

Tests showed that the Penta Security solution provided more effective security both at default and maximum settings, delivered higher performance at both settings and delivered greater functionality than the Vendor X solution.