My basis for this is discussions with PCI assessors from multiple firms that perform large numbers of assessments per year.
Next time I run into some, I'll ask to see if the usage has increased, its been a few months since I asked this of any of them. --D On Tue, Jan 5, 2010 at 1:02 AM, Dobbins, Roland <rdobb...@arbor.net> wrote: > > On Jan 5, 2010, at 3:58 PM, Darren Bolding wrote: > > > I believe their is strong evidence that the use of web application > firewalls to meet this DSS requirement is smaller than you might think. I > would not be surprised if it was significantly less than 50%- perhaps 20%. > > This directly contradicts my experience working for vendor of such > products, FWIW. > > But I hope this is indeed the case, as it will lead to higher availability > for organizations which go this route! > > ----------------------------------------------------------------------- > Roland Dobbins <rdobb...@arbor.net> // <http://www.arbornetworks.com> > > Injustice is relatively easy to bear; what stings is justice. > > -- H.L. Mencken > > > > > -- -- Darren Bolding -- -- dar...@bolding.org --
