Cybersecurity Insights

Isabel Louisa Rawlings

What's a WAF, and Why Do I Need One?

22/07/19 16:00

Websites, servers and applications are prone to cyberattacks, but how can a WAF help you defend yourself against these attackers?

WAF stands for Web Application Firewall and is different from a traditional ‘firewall’, as it helps protect web applications by filtering and monitoring HTTP traffic. Unlike a traditional firewall, a WAF does not provide perimeter protection, it provides focused security attention around web applications, not the server. The WAF sits on the outside of your network in front of the public side of the web application and monitors incoming traffic which helps protect you from cyber-attacks. 

A WAF’s main job is to block bad traffic accessing your website or application. It will mainly block common attacks such as cross-site scripting (XSS) and SQL injection

Do I need one?

Just as online customers can access your webpage, so can hackers to conduct malicious interactions. Most attacks that we see in our Forensic Lab are SQL injections, cross-site scripting and file executions. A WAF is designed to protect your webpage against these, and other attacks too, as they limit traffic and seek out fraudulent interactions. Hackers are quick and sly and can weave code into even the safest of websites that aren't protected with a WAF.

What if my website has no vulnerabilities?

Even if your website seems secure, installing a WAF will provide constant monitoring for potential attacks, blocking and logging these attacks if it thinks they are malicious in any way. This will prove critical if you’re ever required to complete a PCI Forensic Investigation.

Logging all attacks allows the WAF to become a stronger defense tool, as it builds up a database of codes and blocked content. 

Ryan Marshall, Digital Forensic Investigator at Foregenix, says; Logging plays a pivotal role in understanding and determining how a breach occurred. Whether these be Windows event logs, Apache/Nginx access logs, error logs, system logs, SFTP logs, MySQL logs, you name it. These all record temporal information which can be used to understand when an attack occurred and sometimes even how. If you have a breach in January but your logs only cover February, there is simply no way of knowing how an attack took place as the information just isn't available for review.’

FGX-Web Protect plan can help you stay safe online, so you can focus on growing your business. 

FGX-Web Protect provides you with the following:

  1. Internal & External Monitoring
  2. Web Application Firewall
  3. Managed Service Available
  4. Breach Warranty Up To £50,000
  5. Dedicated WAF Engineer

 

To speak to us today about FGX-Web Protect, contact us on hello@foregenix, or call us.

More Infomation

TRENDING POSTS