"Now that the WS-Security spec is "ready for prime time" and many security products are supporting it, organizations should start to develop a Web services security strategy, according to Anne Thomas Manes, a vice president and research director at Burton Group in Midvale, Utah.
However, in her recent report, Web Services Security: A Plethora of Products, Manes stressed that there are as yet no standards for configuring security. In the interim, she recommends externalizing security so it can be managed and controlled centrally. For now, she said, XML security gateways and Web services management products remain the best way to do this. " - TechTarget