Whitehat WASC signature types for WAF use

The Citrix Web App Firewall accepts and generates blocking rules for all vulnerability types thatWhitehatscanners generate. However, certain vulnerabilities are most applicable to a web App Firewall. Following are lists of those vulnerabilities, categorized by whether they are addressed by WASC 1.0, WASC 2.0, or best practices signature types.

WASC 1.0 signature types

  • HTTP Request Smuggling
  • HTTP Response Splitting
  • HTTP Response Smuggling
  • Null Byte Injection
  • Remote File Inclusion
  • URL Redirector Abuse

WASC 2.0 signature types

  • Abuse of Functionality
  • Brute Force
  • Content Spoofing
  • Denial of Service
  • Directory Indexing
  • Information Leakage
  • Insufficient Anti-automation
  • Insufficient Authentication
  • Insufficient Authorization
  • Insufficient Session Expiration
  • LDAP Injection
  • Session Fixation

Best Practices

  • Autocomplete Attribute
  • Insufficient Cookie Access Control
  • Insufficient Password Strength
  • Invalid HTTP Method Usage
  • Non-HttpOnly Session Cookie
  • Persistent Session Cookie
  • Personally Identifiable Information
  • Secured Cachable HTTP Messages
  • Unsecured Session Cookie
Whitehat WASC signature types for WAF use