Skip to content
Snippets Groups Projects
Closed Web Application Firewall - Minimal to Viable
  • Web Application Firewall - Minimal to Viable

  • Web Application Firewall - Minimal to Viable

    Closed Epic created by Kenny Johnston

    This epic is the set of issues we need to complete for our WAF offering to be considered viable. To mark this epic as complete, we must meet the maturity definition of "Viable: Used by users/customers to solve real problems."

    Specifically, for us to solve real problems, we must be able to address several needs:

    1. The ability to log and/or block malicious traffic
    2. The ability to easily update and modify what is considered "malicious"
    3. The ability to interact with the WAF directly as part of GitLab (rather than a shell in a remote system)
    4. The ability to run in a web app that receives a large amount of production-grade traffic, with a minimal amount of maintenance and required manual interaction

    Follow-on items for future maturity states, not included in Viable:

    1. Deep integration with other GitLab stages
    2. Virtual patching
    3. "Learning-mode" and auto-suggestion of new WAF rules
    4. Deployment configurations other than GitLab-managed Kubernetes clusters
    5. Responses to malicious actions beyond allow/block
    Edited by Sam White

    Linked items 0

  • Link items together to show that they're related or that one is blocking others.

    Activity

    • All activity
    • Comments only
    • History only
    • Newest first
    • Oldest first