Over the last few years, web applications have increasingly been the target of online attacks. While traditional network-based Intrusion Detection and Prevention Systems [1] (IDS/IPS) can stop IP-related attacks, they cannot be relied upon solely to prevent attacks at the web application level.
While web services penetration testing and secure code reviews are measures of the application at a specific point in time, changes to the application or infrastructure may make the results obsolete. In general, web application firewalls (WAFs) can protect you against approximately 50% of the vulnerabilities listed on the OWASP Top 10. PureWAF, our unique WAF solution, uses the Pure Hacking WAF Mitigation Library to protect you against issues that normal WAFs do not detect and provides continuous protection regardless of changes made elsewhere. In addition, PureWAF can be used to protect against 0-day vulnerabilities when a patch isn’t available for the software versions that run your websites.
PureWAF is a managed service. WAFs are not set and forget devices. Resources are needed to analyze events to clarify whether they are false positives, an actual attack or contain information that within a certain context may be suspicious and requires further analysis. By outsourcing the WAF management to a company that specializes in security, you are able to lower your total cost of ownership by only being notified of issues that actually concern you and letting you focus on your primary business.
As opposed to infrastructure servers, web applications are often custom written to fit a unique business need. A one size fits all rule-set approach does not scale when dealing with custom applications. This is especially true for non-syntax based attacks, such as business logic flaws. The PureWAF ruleset is a created based on the results of a penetration test or secure code review. This allows PureWAF to mitigate risks that normal WAFs can not.
PureWAF allows administrators to easily monitor and track questionable requests, access the compete audit trail for suspicious events and view high level attack statistics generated based on your applications' traffic.PureWAF can be implemented as a virtual appliance on your internal network or in the cloud.
It is important to understand, WAFs are not magic bullets, they are tools that if used properly can decrease the attack surface and help mitigate risk. Monitoring services are often looked at for the first few weeks, but afterwards are ignored. This is often due to the high signal to noise ratio, i.e. too many false positives. By outsourcing the WAF management to a team of security experts, you can get the most value out of the investment over the long term, both in terms of protection coverage and in terms of accurate notifications.
Contact Pure Hacking [2] today to find out more about how PureWAF can become a valuable tool in your security arsenal, assisting with PCI compliance, incidence response and digital forensics.
Links:
[1] http://www.purehacking.com/products-service/managed-service-testing
[2] http://www.purehacking.com/contact/make-an-enquiry
[3] http://www.purehacking.com/products-service