At the end of last year, I went to a Cyber Security event and the keynote speaker Charlie Miller, renowned hacker, talked about vulnerabilities in code. In his opinion, because we are human, we make mistakes and when we make mistakes in writing code (very common) vulnerabilities are created. It is stated that 96% of Web applications have code vulnerabilities (Cenzic). Charlie found one tiny vulnerability in his Jeep which allowed him to hack the vehicle and take control of the steering wheel.
If Charlie could hack into a Ford and control the steering wheel, just imagine how easy it is for someone to take advantage of vulnerabilities on your website. When it comes to taking advantage of vulnerable code there are programs where you can pay $5 that will expose that code on your website. You do not even have to be a hacker these days to take advantage of companies. So how do you protect your web applications?
You have a firewall or firewalls that protect you at the network layer. But what about protecting your company at the application layer?
WAF or Web Application Firewalls are crucial in protecting your website and web applications from bad traffic while still allowing good traffic. The ability to add policy and protection to your web applications allows for greater security especially if you are in an industry where payments, customer information (PII), and other sensitive data are transferred via your web applications. WAF uses a GUI that allows you to tailor security rules whether that be a block request, block IP, block session, or alert. WAF helps cover the gap of vulnerability in poorly written code.
When looking at WAF solutions you can go with an on-prem solution or cloud. There are different capabilities with both but we like to recommend a cloud version and specifically Incapsula by Imperva.
Incapsula WAF has been the leader in the Gartner Magic Quadrant for the last 3 years and for a good reason. Their PCI-certified service protects against SQL injection, XSS, and other OWASP threats. Incapsula has dedicated POPs around the world that all offer WAF, OWASP, DDoS, CDN, Load Balancing, and is the only WAF solution supported by Azure, Amazon, and Google.
Incapsula from its roots has built a solution with 3 things in mind: Security, Performance, and Availability. With Incapsula, website traffic is routed through the Incapsula network and because it is in the cloud all bad that can happen such as DDoS is absorbed by Incapsula with no effect to your website. Security through their single solution can bring everything from WAF, DDoS, CDN, and Load Balancing on a single pane of glass entirely hosted in the cloud away from your website and network. These things allow for operations to experience greater availability of website services, stronger layer 7 security, and performance reliability even when attacks hit your site.
If you are considering a WAF solution or want to learn more about how a WAF can protect you from attacks, please give us a ring or email at 858-866-9702 or info@birdrockusa.com.
Our engineering experts can help explain the difference between the options on the market!
