Is your business running on web applications? Web applications have gained huge popularity over the past decade due to the rapid advancement of network connectivity. While web applications stimulate business growth, they can also pose huge risks. Malicious users could steal your business data, intrude on customer privacy, and even cause downtime to your business. According to the 2016 WhiteHat Security Report, web application attacks represent the greatest threat to an organization’s security, which contributed to 40% of the total breaches in 2015. Target, who suffered a security breach that impacted 40 million users in 2013, recently settled the breach with a $18.5 million payout this year and they have also incurred $202 million in legal fees since the breach.
Why is a “traditional” security solution not enough?
Most business entities currently use traditional security solutions, such as network firewalls, intrusion detection systems, and intrusion protection systems. These security solutions apply rules in the network layer to prevent illegitimate traffic from accessing the origin servers. However, they are not designed to detect malicious traffic that attempts to access the applications, including SQL injections, cross-site scripting, and other types of attacks that are specifically associated to applications.
Web Application Firewalls (WAF) were created to address the problem. WAF examines HTTP requests thoroughly and blocks malicious traffic before it reaches the web servers. The WAF solutions currently available in the market generally include the following functions:
- Block OWASP Top 10 threats by default
- Web access control based on whitelisting and blacklisting IP or URLs
- PCI Certified to help organizations fulfill PCI requirements
- Real-time traffic monitoring
What are the advantages of using a cloud-based WAF?
While both on-premises and cloud-based WAF may provide the same features, an appliance has limitations on throughput, requires network configuration changes, demands maintenance over its lifetime, and eventually requires upgrade or worse – end of life decommissioning. Alternatively, cloud-based products are more flexible and have greater benefits.
- Ease of deployment. No hardware or software needs to be installed.
- Zero maintenance costs.
- Easy to scale. Cloud-based WAF providers usually possess large network capacity, virtually allowing most customers to scale infinitely.
- Intelligence built from big-data analysis. On-premises solutions usually process limited data, whereas cloud platforms gather attack information from all customers and develops intelligence over time. It updates the attack information database dynamically and improves protection rules continuously.
How does QUANTIL provide cloud-based WAF solutions?
QUANTIL launched its Cloud Security solution at the RSA Conference in San Francisco earlier this year and it is now launching its cloud-based WAF as an a-la-carte option driven by increasing customer demand. WAF will complement the QUANTIL CDN solution and take web application performance to the next level. Here are three quick highlights of QUANTIL WAF features:
- Hacker fingerprint database drawing upon big data security approach
- Self-learning whitelists
- Dynamically-updated signature pool
Bin Ni is the VP of Engineering of QUANTIL. He and his team is working on all technical aspects of all QUANTIL products.