If the code on your webserver is up to date, patches are applied as soon as they become available and you are doing regular Vulnerability Testing , you can get away with not utilizing a WAF…maybe. In todays typical website environment, where websites are sometimes being updated, changed, application addons added and removed, etc on A daily or weekly basis, security holes can be inadvertently exposed. A well managed WAF is added protection. The best way to think of it, as "Virtual Patch".Request a Quote
You know there are vulnerabilities, but you don't have the programing skills/resources available to fix the code on the website.
A vulnerability or major security hole becomes known and you have no one to actually fix the code or apply a patch on the website in a timely manner.
Extremely complex/legacy code running on the site which no one in your organization wants to touch for fear it will make the site unstable.
DOSarrest's Cloud based WAF, allows customers to easily block any Layer 7 threat as well as define any rule-set that may be specific to one or more applications that may be running on their webserver. Enabling WAF protection provides customers with all of OWASP's CRS(Core Rules Set or top 10) Which includes :
Any new vulnerabilities that may be uncovered such as HeartBleed, Poodle, etc,? Are automatically added in real-time to the core rules for all customers utilizing DOSarrest's WAF service to secure a customers website. No need to apply patches in the middle of the night to keep your webserver safe.
Most other WAF appliances and services rely on signatures or pattern matches to protect webservers, the problem with this method is that, new variations or small modifications to a particular string of malicious code can slip through and cause problems.
DOSarrest's cloud based WAF service does not rely on signatures, instead the system analyses every packet and looks for exact matches on specific characters that are known to potentially cause problems, when a match is found, it is given a score, once a predetermined threshold score has been exceeded the packet is dropped and never makes it to the customers webserver.
The WAF service inspects and analyses every packet at these levels:
Flexibility- The WAF service can be configured to apply to every directory on a website or only on specific URI's.
Some Core rules can be too strict for some websites, which can cause the website to not function properly. In such cases Whitelists allow you to use some forbidden symbols and rules when you need them. A white list can be applied site wide or on a particular URI.