Web application firewall
Download as PPTX, PDF0 likes1,050 views
A web application firewall (WAF) protects web applications from common attacks like SQL injection, command injection, and DDoS attacks. It monitors HTTP/HTTPS traffic between clients and servers, blocking any traffic that violates predefined security policies. WAFs are available as software, appliances, or services and provide an extra layer of defense for organizations involved in e-commerce, online banking, and other web-based businesses to defend against data theft and fraud.
Web application firewall
- 1. WEB APPLICATION FIREWALL CB.EN.P2CYS19001 – AJU MATHEW THOMAS 1
- 2. What is WAF • WAF stands for Web Application Firewall • It is used to protect web applications from attacks like SQL injection, command line injection and DDOS attacks etc. • Monitors all HTTP/HTTPS/SOAP web services traffic between client and servers based up on their pre defined signatures in the database. • Basic goal is to monitor and block the contents that violates pre defined policy • Available in the form of software, appliance or delivered as a service 2
- 3. Need of WAF • Organizations & other business units employs WAF to defend themselves and their clients from cyber attacks. • Helps companies involved in e-commerce,online financial services & various other web based products from data theft and other fraud activities. • WAF adds an extra layer of defence to an already robust application security program. • Helps security professionals to receive alerts for activities which violates pre determined guidelines and rules. 3
- 4. Working of WAF • Protects the web application by filtering and monitoring malicious HTTP/HTTPS traffic coming to the application and prevents unauthorized data from leaving the app. • Designs its own rules to determine whether the traffic is malicious or not • Functions as a reverse proxy server by protecting the web application server from malicious clients • Policies can be customized to meet the needs of your web application 4
- 5. General Techniques to by-pass WAF • Null character injection • Inline comments • Buffer overflow • Keyword splitting • URL encoding • Ignoring cookies • Using Data URIs • Header Injection • Replaced keywords 5
- 6. Modes of Deployment • (1) Cloud based fully managed as a service – Recommended for fastest & hassle free way to get WAF in your apps • (2) Cloud based + Self managed - Get all the flexibility & security policy portability of the cloud while still retaining control of traffic management and security policy settings. • (3) Cloud based + Auto provisioned - Easiest way to start WAF in the cloud. Can deploy security policy in an easy, cost effective way • (4) On Premises Advanced WAF - Recommended for most demanding deployment requires where flexibility, performance and more advanced security concerns are mission critical 6
- 7. Advantages of WAF • Protects against attacks like SQL Injection,XSS, DDOS and application specific attacks. • Provides automatic protection from diverse threats with strong default rule sets • Provides real time reporting and robust logging • Enables security teams to make a decision on what should be allowed & what not through a WAF. • Helps teams to receive timely notifications of an attack in progress so that they can respond much more rapidly to potential security incidents. 7
- 8. Comparison of Network Firewall & WAF Network Firewall • Offers DDOS protection in network layer • Offers minimal web application protection • Lack of threat detection/prevention techniques • Does not offer SSL/encrypted traffic inspection • Works at 3rd and 4th layer of OSI layer Web Application Firewall • Offers protection in the application layer • Offers extensive that includes full application layer coverage web application protection • WAF has signatures, protocol anomaly detection , app specific anomaly detection techniques • Offers SSL encryption • Works from 3rd to 7th layer of OSI layer 8
- 9. Conclusion There are many benefits for having a web application firewall as part of your business compared to network Firewall. Network Firewall offers the minimal web application protection, whereas, WAF offers Extensive, including full application layer coverage web application protection. 9
- 10. THANK YOU 10