Web Application Firewall: A web application firewall (WAF) is an appliance, server plugin, or filter that applies a set of rules to an HTTP conversation. Generally, these rules cover common attacks such as cross-site scripting (XSS) and SQL injection. By customizing the rules to your application, many attacks can be identified and blocked. The effort to perform this customization can be significant and needs to be maintained as the application is modified.
We offer both Negative and Positive models of WAF deployment based on your application requirement.
Pros: it’s easy to manage as someone else does all the hard work for you in identifying the bad things and it can be automatically updated.
Cons: It provides limited protection against attacks, Symantec said in May 2014 that Antivirus is dead. A study found that even after 2 weeks of a 0-day vulnerability, majority of AV vendors didn’t have a signature to block them.
Pros: It allows you to finely control what is allowed and what is not. It provides a high level of security as each request has to be known.
Cons: In a highly dynamic environment, it’s really hard for developers to maintain a list of objects/requests/parameters/cookies/fields/variables, it becomes hard to keep track of. The security engineer who then tries to manage an application security policy around this application is going to have an even harder time.
Which one suits me better?
Not to worry as our highly professional Security Architects shall help you opting for the best model based on your application/platform standards.
Apart from blocking against method based attacks, WAF Solution includes the following free add-ons:
- Geo Lists (Country and City Level)
- IP ACL’s (IP Whitelists and Blacklists)