Web Application Firewall
Utilizing Web Application Firewalls for Enhanced Security
Enhance your Web AppSec strategyTable of Contents
WHAT IS A WEB APPLICATION FIREWALL?
A web application firewall (WAF) is a network defense that filters, monitors, and blocks HTTP traffic to and from a web application. Unlike a regular firewall that serves as a safety gate between servers, a web application firewall is able to watch application-level traffic and decide to allow or disallow based on the data that is visible over the network. WAF security typically performs SSL termination to watch decrypted traffic for pattern-matching or volumetric attacks. Organizations often deploy WAFs to detect and block known threats, but these alone cannot protect modern applications from exploitation.
What are Some Types of Web Application Firewalls?
WAFs may come in the form of an appliance, a server plugin, a filter, or a WAF operated by a cloud or service provider. Web application firewalls can be customized to an application, but the effort to perform this customization can be significant and needs to be maintained as the application is modified. The ideal solution is one that provides continuous visibility, application intelligence, and very rapid response.
Benefits of a Web Application Firewall
By an organization adding a web application firewall it can proactively address threats, hackers, bots, and vulnerabilities that can lead to expensive attacks.
Are there disadvantages of a Web Application Firewall?
Rule-based WAFs must be configured and maintained in order to achieve sufficient protection. Organizations must also adjust the configurations and rules as their organization grows and/or changes.
Contrast is the clear customers’ choice
Contrast is named a Customers’ Choice in the 2021 Gartner Peer Insights “Voice of the Customer”: Application Security Testing report. With the highest percentage of 5-star ratings, this is the third consecutive year Contrast has received this powerful endorsement from customers.
Built for Developers. Trusted by Security.
Learn Secure Code
CROSS SITE SCRIPTING (XSS)
Learn about Cross site scripting (XSS) and how it affects your Java source code
SQL INJECTION
Learn about SWL injection and how it affects your Java source code
CLIENT SIDE INJECTION
Learn about client-side injection and how it can affect your source code