Select Page

WAF (Web Application Firewall) has been the first line of defence when it comes to application security for a while now. Many organizations have adopted WAF in one form or the other and most cases, compliance has been the driver for adoption.

But unfortunately, when it comes to the efficacy of WAF in thwarting attacks, it has not lived up to the expectations. In most organizations, WAF has always remained in log mode with a little process to monitor and react, rendering the solution ineffective.

The major challenge with effective deployment of WAF is:

  • Applications are unique, and there is no silver bullet set of rules that will protect them all,
  • Most WAF’s do not try to understand the risk profile of the application; they end up providing common out of box vanilla rules that seldom works. Each application has its own intricacies and the out of the box rules that many WAF vendors provide create a lot of FPs (False Positives) or FNs (False Negatives),
  • For proper implementation of WAF, there is a need to understand the context of the application and constant fine-tuning of rules to reduce FPs and FNs,
  • But this is easier said than done. Fine-tuning of the rules need expertise, and its efficacy depends on how well the solution can understand the context of the application and how effectively rules can be tweaked to meet the applications need and act as an effective first line of defence.

Not many organizations have this expertise, with the constantly changing applications, in-house security team tends to take a reactive approach, and in case of any issues, they usually tend to open up the rules or move the rules to log mode, without understanding the consequences of making the entire solution ineffective.

Only way WAF deployments will work as an effective defence against attacks is to have it managed by experts who know what they are doing, and it cannot be a one-time activity, it needs to be constant monitoring and fine-tuning.

Welcome to the world of AppTrana – the only fully managed Application security solution.

images from Hacker News