Re: Difference between Web Application Firewall (WAF) and WebInspect
HP WebInspect is a proactive testing tool used to high-light coding flaws expressed as web application security issues. Its ultimate goal is to help developers identify and fix these issues so that their live code is hardened and able to withstand attack, whether coming from external or internal sources.
"WAF" stands for "web application firewall" which is generally an in-line appliance or software that detects malicious web application specific attacks and blocks them on the perimeter. HP TippingPoint is a major product family in the WAF market, and is capable of absorbing HP WebInspect scan results to be used as blocking rules in the interim period that it takes for the development team to fix the issues high-lighted.
-- Habeas Data Micro Focus Fortify Customers-Only Forums – https://community.saas.hpe.com/t5/Fortify/ct-p/fortify