Web Application Firewall (WAF)
OWASP defines WAF as an appliance, server plugin, or filter that applies a set of rules to an HTTP conversation.
But in today’s IT world your WAF is more than that security officer who sits between the world and your website. These champions cover a host of threats:-
- Data Leak Prevention
- Credit card numbers (CCN)
- Social Security numbers (SSN)
- Signature Protection
- Cross site scripting (XSS)
- Web application vulnerabilities
- SQL injection, LDAP injection, OS command change
- Parameters Detection
- Buffer overflow (BO)
- Zero-day attacks
- Protocol Validation
- Evasions
- HTTP response splitting (HRS)
- User Behavior
- Cross site request forgery (CSRF)
- Cookie poisoning, session hijacking
- Brute force
- Preventing Data Theft and Manipulation of Sensitive Data
- Layer 7 ACL
- Folder / file level access control
A host of features from a host of vendors, which one fits you? Our consultants will help you choose the correct solution for you.