Web Application Firewall (WAF) is like a force field that allows only legitimate requests and good traffic to access your website/ web application, filtering out and blocking bad requests and botnets.
Several WAF alternatives are flooding the market but not all WAFs are equal and they definitely do not provide the same level of security. In this article, we provide you with a set of 8 questions you must ask the WAF provider before making a decision.
1. What does the WAF protect against?
Always choose a comprehensive web app firewall that secures your web application against all known vulnerabilities. It must be equipped to detect known vulnerabilities from across the application, server, third-party resources, etc. and patch vulnerabilities until fixed by developers.
2. What detection techniques are used?
Web app firewalls analyze traffic to allow only legitimate users access to the application while filtering out bad/ malicious requests to thwart attacks/ threats. For this, the best web app firewalls will include a range of detection techniques such as signature matching, behavior analysis, normalization, etc.
Also, compare the proof of false-positive to negative rates, third-party test results, zero-day threats detected/ thwarted and how often and false-positive management policies of potential vendors while choosing the web app firewall.
3. How does it protect?
Evaluate how the web app firewall protects the web application based on answers to the following questions and the unique needs of your web application.
- Does it do so by only blocking bad requests?
- Is it capable of blocking specific sessions, users, IP addresses, etc.?
- How does it block requests — connection interruption, connection intermediation, connection reset, or alerting other devices?
- How does it protect against DDoS attacks?
- Does it protect hidden form fields from manipulation by users?
- Does it support data/ URL encryption?
- Does it provide instant support of protection through a combination of out-of-box rules and custom rules to protect against your existing application vulnerabilities identified by Security Assessments on a continuous basis?
4. Does it allow customization?
No two businesses or web applications are alike — their threats and vulnerabilities, risks, risk appetite, security needs, etc. vary based on their unique circumstances. The WAF policies/ rules, therefore, need to custom-built with surgical accuracy for heightened security and consistently and continuously tuned to keep pace with the dynamism of the application itself and emerging threats.
Choose a managed WAF that offers real-time insights and security analytics, 24×7 visibility of the risk posture and business impact like the one from AppTrana — It combines the power of automation with the intelligence and creative thinking skills of certified security experts who custom-build your WAF with surgical accuracy based on a deep understanding of your business and its unique needs and tune policies based on the security analytics, real-time insights, and visibility provided by the WAF.
5. Is it equipped with Accurate learning to keep updating its policies based on current risk levels of your application in production based on new threat vectors and risk postures of the application?
Choose an intelligent WAF that is equipped with AI, ML, and Global Threat Intelligence Database which enable it to learn from past attack history of the business itself and attacks across the globe, continuously finds new areas to crawl for vulnerabilities, and differentiate between bots and human traffic by using its learnings to allow, block, flag or challenge a request.
Read remaining questions at Indusface.com
For more cybersecurity features and news, follow Indusface on Twitter and Facebook.
Originally published at https://www.indusface.com on November 5, 2019.
