Web Application Firewall (WAF)

According published reports by active institutions in the field of cyber security, more than 70 percent of internet attack performed via web application by intrusion to organization portal or website. Web application have often riddled with vulnerabilities that are used by attackers to gain access to either the web server or the database server.

WAFs (Web Application Firewall) are a species of firewall that has been created to respond to threats beyond the scope of traditional firewalls. These threats are dangerous because they utilize authorized protocol (such as http) but attack the application or underlying infrastructure over the protocol.

This is especially dangerous because hackers can attack over trusted protocols to directly compromise systems and steal information, effectively bypassing traditional firewall or intrusion detection/prevention systems (IDS/IPS).

Our WAF protects a Web application by controlling its input and output and the access to, and from the application. It run as an appli­ance and inspects every HTML, HTTPS, SOAP and XML RPC data packet. Through customizable inspection, this product is able to prevent various

attacks such as:

- Injection attacks such as Command Injection, Null Byte Injection, LDAP Injection, SQL Injection etc.

- Script attack covering XSS and CSRF

- Overflow attack covering Format String Attack, Integer Overflow, and Buffer Overflow etc.

- Attacks related to cookies and session information such as Session Hijacking attack etc.

- Attacks due information leakage

- Attacks due infected file upload

- Attacks related to XML data

- Denial of Service (DoS/DDoS) attacks

- Furthermore our WAF applies the following security measures on user’s requests:

- Scrutiny structure of messages and adjustment them with structure of HTTP protocol

- Scrutiny message contents to find anomalies and detect suspicious packets

- Apply basic restrictions on requests such as number of parameters, parameter’s size etc.

- Apply Message normalization and Anti-evasion techniques to prevent bypassing firewalls