Discover our tailor-made Security-as-a-Service solutions for IT infrastructures and web applications.
At one look
03
Against which threats does a web application firewall (WAF) provide protection?
Attacks a web application firewall (WAF) protects web applications against include:
Cross-site request forgery
These cyberattacks can affect all websites and web applications that require a user login to perform a specific action. They cause the user’s browser to send HTTP requests to the website to trigger undesirable actions.
Cross-site scripting (XSS)
In most cases, cross-site scripting is a code injection attack on the user side. Hackers insert unwanted code when loading a web page. Interactive websites and applications are particularly vulnerable to this.
SQL injection
In an SQL injection attack, cybercriminals use an SQL query field to transfer additional undesirable information.
OWASP Top 10
The Open Web Application Security Project (OWASP) is a non-profit organisation that periodically compiles a list of the top ten security issues related to web applications. The most important entries of the last few years include:
Broken authentication
Sensitive data exposure
XML external entities (XXE)
Broken access control
Security misconfiguration
Insecure deserialization
Using components with known vulnerabilities
Insufficient logging & monitoring
04
What are the benefits of using a WAF?
Companies that use a web application firewall on their website benefit from the following:
In combination with other security measures, a WAF offers an additional level of protection against unauthorized access.
Webmasters can put up a WAF in front of several applications simultaneously. This approach makes it possible to mitigate existing vulnerabilities.
Especially with software that has been in use for a long time and was not programmed in-house, security vulnerabilities can persist for a long time. A WAF provides additional security for this.
05
What types of WAFs are there?
There are three ways to build a WAF architecture: centralized as an appliance WAF, host-based directly on the web server, or a company using a Cloud SaaS solution.
Appliance WAFs are usually located directly behind a network firewall and in front of web servers. They analyze all of the traffic passing through them. Thus, this type of web application firewall takes a centralized approach. In this architecture, a single component often protects a number of web applications. The high performance needs to do this are reflected in the hardware requirements.
These web application firewalls are installed directly on each web server. They can also be centrally controlled using a central management console.
Numerous providers have developed Software-as-a-Service solutions for WAF. These solutions are hosted in the Cloud and generally mean less in-house effort for companies because the provider handles the administration of the WAF.
Discover our tailor-made Security-as-a-Service solutions for IT infrastructures and web applications.
08
What should companies consider when using a WAF?
A web application firewall is only as good as its filters and configuration. Anyone who makes a mistake or is too restrictive should expect to see some problems. This is why the management of a WAF requires experts who have the resources available to handle the day-to-day management of the firewall.
Companies that cannot guarantee this in-house rely on SaaS solutions from external providers, who handle the administrative work.
Want to learn more about our solutions, use cases and best practices for attack defense? In our download area you will find product sheets, fact sheets, white papers and case studies.