May 11 2023
Apr 18 2023
Resource
BlogTopic
Edge SecurityDate
Dec 21, 2021During Q2-Q3 2021, SecureIQ Lab performed their first Cloud Web Application Firewall (WAF) assessment covering both security and operational efficiency of the tested solutions. Intentionally or not, the publication of the results (Cybersecurity Validation Report) was perfectly timed with the extension of our WAF offering to enterprises and with Cybersecurity Awareness Month in October, giving companies a good visibility into the performance of some solutions out there for more educated decision-making. Now, SecureIQ Labs has released their 2021 Year End Cloud WAF comparison report after examining the nine industry leading WAFs over the past six months.
SecureIQLab is a US-based independent, third-party cloud security solution validation and advisory provider. They are also a member of Anti-Malware Testing Standards Organization (AMTSO) and the Cloud Security Alliance (CSA). Their test covered both security and operational efficiency of the nine cloud WAF solutions tested, providing a thorough analysis for small-medium businesses and enterprises seeking WAF solutions.
A little bit about the test: SecureIQLab created simple e-commerce and multiuser web applications as targets and secured them using each of the participating WAF solutions. For the most part, they used the out-of-the-box settings, and for the rest they configured based on information available in the products’ documentation. Using Black-box and Grey-box testing, more than 22,000 attacks in multiple categories, covering OWASP Top 10, Bot, L7 DDoS, vulnerable web environments and more were launched against the cloud WAF protected applications.
We (and our customers) are very happy with our results as this provided yet another confirmation to the quality of our WAF. We scored the highest combined score, first in operational efficiency score (our system is truly easy to on-board and use) and a close forth in complete security score being a mere 4% lower than the highest score. This is quite impressive considering that we are a young company and are being compared to companies that have been regulars or leaders in the “Gartner Magic Quadrant for WAF/WAAP” and “Forrester Wave for WAF” for years.
SecureIQLab also released a comparative report with ROSI (Return of Security Investment) analysis of the various solutions which included “CyberRisk Ripples” to name the leaders, contenders, visionaries and upcomers for the combined ROSI, Security and Operation efficiency scores. StackPath was named a “Leader” in both Ripples reflecting our good scores and one of the best value-for-money solution. Below are the two Ripples combined in a single drawing taken from the comparative report published here.
Getting those impressive results is only part of the picture for us. Just as important to us was to use the test as another tool to find areas where we can improve. We have already addressed many of the issues SecureIQLab identified and are continuously improving our capabilities. We want to be the best and are working to make that happen.
Together with the first mention of StackPath as a “vendor to watch” in Gartner’s recent “Magic Quadrant for Web Application and API Protection” issued 10 days prior to SecureIQLab releasing StackPath’s test results, SP// WAF is becoming a proven leading web application security solution offering enterprise-grade protection.
So, in times when web-application based vulnerabilities are amongst the top breach vectors, we invite you to contact us to hear more about our WAF and the other services we provide such as CDN (Content Delivery Networks), edge compute, serverless and more.