Deliver Your News to the World

ICSA Labs Releases New Testing Criteria for Web Application Firewall Products


MECHANICSBURG, Pa. - November 07, 2006 - ICSA Labs®, an independent division of Cybertrust®, the global information security specialist, today announced that it has updated testing criteria for Web application firewall products to accommodate recent product enhancements and application vulnerabilities. The goal of ICSA Labs’ Web application firewall testing and certification program is to evaluate and certify products that implement security policy enforcement for the protection of HTTP and HTTPS Web-based applications. In conjunction with ongoing efforts in the industry to classify and categorize application security issues and mitigate potential vulnerabilities, the Web application firewall certification criteria were developed to provide security managers with confidence in the products that secure vital application services from exploitation or attack.

While IT professionals work to secure the network perimeter, Web applications continue to remain vulnerable. Web applications can expose critical systems to threats from internal and external sources. These applications are constantly evolving to keep up with business requirements and provide additional functionality. With these enhancements come a greater potential for security flaws, making Web application security imperative for the enterprise, as well as an ongoing challenge.

“Citrix deeply values ICSA Labs certification as the industry’s benchmark for security assurance,” said Kurt Roemer, chief security officer, Citrix. “In the demanding realm of application security, increasingly blended attacks require an evolving set of criteria to ensure that security requirements are met. Citrix is pleased to work with ICSA Labs to provide certified application security solutions for the most demanding environments.”

“F5 is pleased that our BIG-IP Application Security Manager (ASM) application firewall is part of this certified group of application security appliances,” said Jason Needham, director of product management at F5. “Initiatives such as PCI Requirement 6.6, along with overall application and network attack trends, are helping to drive application firewalls to become a mainstream security device on the network. F5 will take an active role in working with ICSA Labs to further evolve the application firewall certification that application security vendors can leverage as common ground.”

“Customers often ask us how we assure that our security products really do the job, and ICSA Labs Certification testing is a key part of our answer,” said Pete Abrams, vice president of marketing at NetContinuum. “A quick review of the WASC threat classification database indicates how diverse and pernicious attacks against enterprise applications have become. It is important to have an independent, respected testing body able to comprehensively certify the security capabilities of our application firewalls.”

“As Web applications become more complex and therefore more susceptible to attack, Web application firewall technologies and our ability to evaluate their effectiveness must also evolve to thwart those attacks,” says George Japak, vice president of ICSA Labs. “ICSA Labs is uniquely positioned to evaluate these products because our certification process is dynamic; our testing methodology and evaluation techniques stay current with product enhancements and the changing threat environment.”

The second round of Web application firewall product testing is expected to be completed in the second quarter of 2007. To attain ICSA Labs Certified status, Web application firewall products must pass a rigorous set of functional, performance and platform security requirements. Products certified by ICSA Labs in the initial round of testing produced three ICSA Labs Certified Web application firewall products: Citrix Application Firewall, F5 Networks’ BIG-IP Application Security Module and NetContinuum’s NC-AF. To view the associated lab reports and additional information on the certification program, please visit Click on the Web Application Firewalls link.


About Cybertrust

Cybertrust is the global information security specialist, delivering services that secure critical data, protect identities and help customers demonstrate ongoing compliance. Headquartered in Herndon, Virginia, United States, with more than 30 offices around the globe, Cybertrust is one of the world’s largest providers of information security and is recognized as the global market leader in managed security services. For more information, visit

About ICSA Labs

ICSA Labs, an independent division of Cybertrust, Inc., offers vendor-neutral testing and certification of security products. Hundreds of the world’s top security vendors submit their products for testing and certification at ICSA Labs. The end-users of security technologies rely on ICSA Labs to authoritatively set and apply objective testing and certification criteria for measuring product compliance and reliability. The organization tests products in key technology categories such as anti-virus, anti-spyware, firewall, IPSec VPN, cryptography, network intrusion prevention, PC firewall, SSL-VPN, application firewall, anti-spam and Wireless LAN. For more information about ICSA Labs, please visit:

©Cybertrust 2006. All Rights Reserved.

Cybertrust and ICSA Labs are trademarks or registered trademarks of Cybertrust Holdings, Inc. and/or its affiliates. All other trademarks are property of their respective owners.


This news content was configured by WebWire editorial staff. Linking is permitted.

News Release Distribution and Press Release Distribution Services Provided by WebWire.