feat: Remove WAF

devsecopsmaturitymodel · Nov 15, 2023 · cbd3326 · cbd3326
1 parent 8e1d6fd
commit cbd3326
Showing 1 changed file with 0 additions and 29 deletions.
diff --git a/src/assets/YAML/default/Implementation/ApplicationHardening.yaml b/src/assets/YAML/default/Implementation/ApplicationHardening.yaml
@@ -227,32 +227,3 @@ Implementation:
  comments: ""
  dependsOn:
  - App. Hardening Level 2
- Usage of a Web Application Firewall:
- uuid: 3e6253ab-89e5-4dea-aca0-3e770b78d39e
- risk:
- Using an insecure application might lead to a compromised application.
- This might lead to total data theft or data modification.
- measure: |
- The usage of an API Gateway / Web Application Firewall might mitigate it. There are debates on how useful a WAF is for APIs.
- difficultyOfImplementation:
- knowledge: 4
- time: 4
- resources: 4
- usefulness: 2
- level: 5
- implementation:
- - $ref: src/assets/YAML/default/implementations.yaml#/implementations/apiMyth
- references:
- samm2:
- - D-SR-3-A
- iso27001-2017:
- - Hardening is not explicitly covered by ISO 27001 - too specific
- - 13.1.3
- iso27001-2022:
- - Hardening is not explicitly covered by ISO 27001 - too specific
- - 8.22
- isImplemented: false
- evidence: ""
- comments: ""
- dependsOn:
- - App. Hardening Level 2