DeMISTIfying Infosec: Web Application Firewall

May 23, 2016
By Katherine Teitler

Web Application Firewall

A web application firewall (WAF) is a network- or host-based firewall that monitors, filters, and can block potentially malicious traffic to a web application from the internet in real or near-real time. WAFs can run as an appliance, server, plug-in, or cloud-based service. 

Deployed in-line, typically through a proxy, a WAF is placed in front of web applications to protect them from web-based attacks. A WAF inspects traffic requests based on a set of configured rules, which can be created to reflect an organization’s current threats or requirements, for unusual or anomalous patterns or requests. WAFs are known to be difficult to implement but remain one of the best protections against the most common types of web-based attacks because they can analyze down to Layer 7. WAFS can help prevent:

  • Cross-site scripting (XSS)
  • SQL injection
  • Session hijacking
  • Buffer overflows
  • Application-specific attacks
  • Invalid input

Despite the advantages, a WAF cannot protect against application logic vulnerabilities or vulnerabilities which require an understanding of complex business logic.

Gartner estimates the WAF market size is roughly $420 million USD. ISACA recommends using a WAF as a key security control in DevOps.

 

Get the DeMISTIfying InfoSec newsletter every Tuesday!

 

prestitial ad