Advanced Application Threats Require an Advanced WAF
New methods are needed to effectively automate the mitigation of fast-evolving threats
Get an Alertwhen The Register has something new about ...
Check the boxes & select Email or Atom/RSS Feed.
The threat landscape is dramatically different than it was just 5 years ago. Traditional WAFs were created to address the problem of web application servers running code that was vulnerable to a myriad of known attacks, especially cross-site scripting (XSS) and SQL injection. WAFs have been deployed over the years to address these common vulnerabilities, but not without issues of false positives and operational complexity.
A traditional web application firewall (WAF) was once a very effective solution for mitigating application layer attacks, but now has trouble keeping up with the advanced capabilities and agility of attackers. Signatures often lag behind new exploits. Even when a traditional WAF is capable of mitigating the threat, implementing and managing it properly can be a challenge. Today, new methods are needed to effectively automate the mitigation of fast-evolving threats.
You will have to register, or log in, in order to download this paper.