The Problem:

No day goes without the news of a colossal security breach that threatens to compromise our personal data and identity. A breach in one country can have far reaching impact on e-consumers in many other countries.

It is widely accepted that you have a duty of care to ensure that your web site(s) are protected from not just volumetric attacks that stop service, but also from stealth attacks. These stealth attacks are far more difficult to detect and can quietly extract sensitive data and/or hijack your site to launch other malicious attacks elsewhere.

The Solution:

Most websites today will sit behind a network-based firewall with some limited application protection capability. To be fair, they perform the necessary role of filtering much of the network-based attacks. However, a multi-layered solution is required to adequately address the defense of ever-complex websites. And as every website is unique, filtering network-based attacks alone cannot be the complete solution.

To protect valuable websites, you need to look at a Web Application Firewall.

You may be driven to do so by regulatory requirements (e.g. PCI-DSS, etc.). Or you accept your duty of care.

The Web Application Firewall or WAF is focused on defense of Port 80/443 applications and is highly customisable. It needs to be. Yes, it will have wizards to enable a wide range of prescribed protection rules, e.g. based on OWASP. But it must also have a powerful toolkit to create effective rules that deeply protect the uniqueness of your application environment.

Here are some of the features that should be on your shopping list:

  • Ability to scale for global applications
  • Distributed and delegated security model for security professionals
  • Wide range of proactive security measures with automated learning
  • Protection against key vulnerabilities such as SQL injection, Cross-Site Scripting and Cross Site Request Forgery
  • Integration with external security scanners and workflow tools such as Denim group’s Threadfix
  • Dual-mode “detect and protect” operation
  • Security automation using REST API