This is the place to find out information and commons terms on application security, that you will find in common use throughout the DenyAll website and documentation.
What is a Web Application Firewall (WAF)?
A Web Application Firewall (WAF) is a device which is going to take over the Web Server and receive the requests from the client. Then, as it fully understands the request and the context, it will be capable to filter attacks, transform requests and responses, accelerate the traffic, force encryption of sensitive data and perform authentication on behalf of the server itself
Do you provide transparent mode?
The transparent mode tricks the normal behavior of WAFs as it doesn’t behave in the same way as a Web Server. It means that some type of traffic, which is understood by the Web Servers and is legitimate, will not be properly handled by devices which implement transparent mode. As a consequence a lot of techniques used by hackers to bypass detection are very efficient against WAFs in transparent mode.
What type of attacks do you block?
Which applications need protection?
Any Web Application is exposed to attacks, either directly or indirectly via compromised clients. However main targets are Webmail applications, ERP frontends and collaborative infrastructure portals, as they provide direct access to enterprise critical data. In the meantime any Web Application which deals with sensitive data, such as ebanking, ebusiness applications handling credit cards etc. is an ideal target.
Do I still need a network firewall?
Of course. Network firewalls ensure that only some specific type of traffic is authorized to access the IT infrastructure. However they do not guarantee that the data transported by this traffic is safe. A Web Application Firewall ensures that this traffic doesn’t contain an attack.
Do I still need an intrusion prevention system?
Intrusion Prevention Systems are network based devices. It means that they try to identify attacks by analyzing the network traffic with a very limited understanding of the application context. While they can be very efficient against network and operating systems layer attacks they are no longer relevant at the application layer.
Do I still need a load balancer?
Web Application Firewalls implement Load-Balancing capabilities. As an example rWeb is able to Load-Balance the incoming traffic between a cluster of rWebs devices and the outgoing traffic to Web servers farms. In such a case a Load-Balancer is not necessary for the Web traffic.
How can I test your product?
The test process of a Web Application Firewall highly depends on the needs and the technical environment in which they will be deployed. However it is mandatory to keep in mind that the most important feature is security. Performing security tests implies that application security specialists are involved in order to launch “real-life” attacks and fully understand the results. Otherwise there will be no way to clearly distinguish the difference between the players, while they are huge…
What is a vulnerability scanner?
A vulnerability scanner is a software which performs active security tests on assets of the IT infrastructure. The scanner can identify potential flaws (in applications, systems and networks), provide remediation tips and prioritize the action plan.Therefore, a vulnerability scanner is a must use tool to proactively prevent intrusions.