Web Application Firewalls: The Definitive Primer
Firewalls have traditionally been focused on network layer traffic. As attacks have evolved, however, they have climbed the ladder of the Open Systems Interconnection (OSI) model. Web Application Firewalls (WAFs) have developed as a result, not only to track network traffic but also to understand protocol structures at the application layer, and ultimately to parse the “good” from the “bad” traffic.
WAFs can accomplish this type of protection through several means. We commissioned a comprehensive study that explores WAF functionality in-depth (including adjacent WAF technologies) and clarifies how it fits into a network’s overall technology design. The eBook is available for download, courtesy of Imperva.
WAF Technology and the Current Threat Landscape
The eBook covers the current application threat landscape, types of attacks, the evolution of WAF technologies, and modern deployment architectures. Written to help readers to get up to speed on the latest developments in the space, it outlines how to incorporate and integrate WAF technology with existing and planned technology deployments, including cloud, on-premises, and hybrid topologies.
- The current application threat landscape, types of attacks, the evolution of WAF technologies, and modern deployment architectures.
- Shift from attacks perpetrated by individual hackers to industrialized attacks through the use of distributed botnets.
- New DevOps attack vectors as a result of third-party libraries being used during the application development process.
- Open Web Application Security Project (OWASP) Top 10, which outlines the most prevalent vulnerabilities found in applications.
Emerging Functionality and Integrations
In addition to the specifics of WAF functionality, the eBook covers emerging functionality and integrations with adjacent security technologies to unveil how WAFs fit in an overall technology design. Adjacent WAF technologies and functionality include the following:
- API gateways
- Bot management and mitigation
- Runtime Application Self-Protection (RASP)
- Distributed Denial of Service (DDoS) protection
- Content Delivery Networks (CDNs)
- Data Loss Prevention (DLP)
- Data Masking and Redaction
- Security Information and Event Management (SIEMs)
- Security orchestration and incident response automation
The eBook also addresses various deployment models including:
- In-line reverse proxy
- Transparent proxy/network bridge
- Out of band/port mirroring/Secure Sockets Layer (SSL) termination
- Software appliance-based
- Native cloud
Lastly, several use cases are presented with recommended technologies and deployment models based on a given set of business and technical requirements.