InfoWorld: Are your Web apps secure?: February 06, 2004: By Curtis Franklin Jr.andJordan Wiens: Security: "Web-based applications have become vital pieces of business infrastructure. Along the way, they’ve also become major security risks for the organizations that rely on them. Large volumes of sensitive information exchanged through Web applications -- and stored in databases behind those applications -- hold an irresistible attraction for cyber thieves and vandals who know how to exploit structural and programmatic weaknesses. Low-profile, low-traffic sites, especially those that don’t host transactions, seldom elicit enough hacker interest to cause worry. On the other hand, high-visibility or high-traffic sites invite innovative attacks. The job of a dedicated Web application firewall is to guard against such sophisticated exploits. For this review, we tested four products dedicated to this task: KaVaDo InterDo 3.0, NetContinuum NC-1000 Web Security Gateway V3.5, Sanctum AppShield 4.0, and Teros Secure Application Gateway 100. For higher traffic volumes, these security systems make perfect sense, because they can apply special rules to Web-specific traffic while maintaining adequate network performance...."