# How to evaluate WAF blocking capabilities?

Does anybody know if there is a standart or any other public requremenets on a WAF/NGWAF blocking capabilities? What should be blocked by default, which types of attacks, vulnerabilities, etc.

##### Post Metadata
- Posted at: almost 5 years ago
- Author title: Application Security Data Analyst
- Net upvotes: 1


## Comments
### Comment 1

We introduced n Open Source project GoTestWAF, you can use it as a Docker image or as an online service (https://www.wallarm.com/gotestwaf/overview)

Please check this page https://www.wallarm.com/resources/go-test-waf 

Source code: https://github.com/wallarm/gotestwaf

##### Comment Metadata
- Posted at: almost 5 years ago
- Author title: CEO at Wallarm, API security threat prevention solution. G2 API security leader. Secure REST, gRPC, GraphQL, WebSocket, SOAP and legacy APIs.



### Comment 2

Hello Oleksandra!

Our WAF solution protects your applications and APIs from both behavior and input validation attacks. You can check the full list of attacks and vulnerability types we detect and block here (link https://docs.wallarm.com/attacks-vulns-list/).

##### Comment Metadata
- Posted at: almost 5 years ago




## Related Product
[Wallarm API Security Platform](https://www.g2.com/products/wallarm-api-security-platform/reviews)

## Related Category
[API Security](https://www.g2.com/categories/api-security)

## Related discussions
- [How well does Trello scale into a larger team?](https://www.g2.com/discussions/1-how-well-does-trello-scale-into-a-larger-team)
  - Posted at: about 13 years ago
  - Comments: 6
- [Can we please add a new section](https://www.g2.com/discussions/2-can-we-please-add-a-new-section)
  - Posted at: about 13 years ago
  - Comments: 0
- [Quantifiable benefits from implementing your CRM](https://www.g2.com/discussions/quantifiable-benefits-from-implementing-your-crm)
  - Posted at: about 13 years ago
  - Comments: 4