Advanced Application Threats Require an Advanced WAF

New methods are needed to effectively automate the mitigation of fast-evolving threats

Published June 2018

Advanced WAF

The threat landscape is dramatically different than it was just 5 years ago. Traditional WAFs were created to address the problem of web application servers running code that was vulnerable to a myriad of known attacks, especially cross-site scripting (XSS) and SQL injection. WAFs have been deployed over the years to address these common vulnerabilities, but not without issues of false positives and operational complexity.

A traditional web application firewall (WAF) was once a very effective solution for mitigating application layer attacks, but now has trouble keeping up with the advanced capabilities and agility of attackers. Signatures often lag behind new exploits. Even when a traditional WAF is capable of mitigating the threat, implementing and managing it properly can be a challenge. Today, new methods are needed to effectively automate the mitigation of fast-evolving threats.

You will have to register, or log in, in order to download this paper.

Biting the hand that feeds IT © 1998–2018