Hacktica Security Evaluation – Protection Profiles Checklist
🛡️ Web Application Firewall (WAF)
⬜ Profile A – Basic Coverage
-
SQLi/XSS/CSRF detection
-
Basic false positive (FP) handling
-
Inline or reverse proxy mode supported
⬜ Profile AA – Enhanced Validation
-
Evasion detection and normalization checks
-
Signature scoping per entity (URI, headers, body, JSON/XML)
-
Reports organized by attack type
⬜ Profile AAA – Adaptive & Auditable
-
Policy audit trail with justification comments
-
CVE feed visibility and 0-day awareness
-
Infra-to-signature mapping
-
AMI3A readiness (under attack workflow mapping)
🤖 Bot Manager
⬜ Profile A – Basic Coverage
-
Header-based bot detection
-
CAPTCHA enforcement
-
Basic IP-based rate limiting
⬜ Profile AA – Enhanced Validation
-
JavaScript challenges and validation
-
Behavioral scoring based on request patterns
-
Threshold-based bot management
⬜ Profile AAA – Adaptive & Auditable
-
Device fingerprinting
-
Deception technologies (honeypots, traps)
-
Integration with threat intel feeds
-
Escalation to IR workflows
🌐 Web Application Network Firewall (Web APP NF)
⬜ Profile A – Basic Coverage
-
IP and port filtering
-
Geo-blocking
-
SSL passthrough support
⬜ Profile AA – Enhanced Validation
-
RFC compliance checks
-
Malformed request detection
-
Rate limiting and flood prevention
⬜ Profile AAA – Adaptive & Auditable
-
TLS termination and inspection
-
Threat-aware traffic routing
-
SIEM integration and event correlation
-
WAF/Bot context awareness
🔎 SAST/DAST Scanners
⬜ Profile A – Basic Coverage
-
Core CWE detection
-
Static/dynamic scan reports
-
Manual triage and remediation
⬜ Profile AA – Enhanced Validation
-
CI/CD pipeline integration
-
Contextual risk scoring (CVSS/RMS)
-
False positive suppression mechanisms
⬜ Profile AAA – Adaptive & Auditable
-
Prioritization with business impact
-
Full SPLC (secure lifecycle) alignment
-
Developer feedback loops (e.g., Jira integration)
-
SLA tracking and remediation workflow support