DOSarrest's Cloud based WAF, allows customers to easily block any Layer 7 threat as well as define any rule-set that may be specific to one or more applications that may be running on their webserver. Enabling WAF protection provides customers with all of OWASP's CRS(Core Rules Set or top 10) Which includes :
- Remote file inclusion
- Cross Site Scripting (XSS)
- SQL Injection
- Cross Site Request Forgery (CSRF)
- Un-validated Redirects
- Sensitive Data Exposure
Any new vulnerabilities or zero day attacks that may be uncovered such as Heartbleed, Poodle, etc are already in place, because we are not like the other cloud based services, we use a positive security based model WAF. Zero day attacks are pretty much a thing of the past. No need to apply patches in the middle of the night to keep your webserver safe.
Most other WAF appliances and services rely on signatures or pattern matches to protect webservers, the problem with this method is that, new variations or small modifications to a particular string of malicious code can slip through and cause problems.
The WAF service inspects and analyses every packet at these levels:
- URL and Arguments
- HTTP Header (including Cookies)
- SQL Injection
- Body
Flexibility- The WAF service can be configured to apply to every directory on a website or only on specific URI's