Expert opinions, TECHNOLOGY

WAF against cyber attacks

Russia has recently seen several major data leaks in the banking and communications sectors; millions of people had their personal data compromised. Not every company operates so much data, but every business can face the threat of a breach. WAF solutions effectively  protect web applications and the information they process from cyberattacks.

Caution, website at risk

Until recently, most company websites were just regular pages, where user interaction boiled down to a simple sequence: open the page, find the necessary information (address, phone number), close. Modern company websites have become more complex; they are an important link in the customer journey and the façade of the business. A visitor to a web page is no longer just looking for product information or the store’s contacts – they can fill out and submit personalized forms, make online payments, and communicate with customer support online. These resources are more than just websites – rather, they are full-fledged web applications aimed to increase customer loyalty, and their databases store a huge amount of customer details and preferences.

The more information on their customers web services have, the more appealing they are as targets to cyber criminals. This is due to the fact that more and more businesses are going digital. A successful cyber-attack is not just about stealing important data or disabling an app. It is often about financial loss and damaged reputation.

Why are there so many cyber-attacks and data leaks? Because web application development is not always perfect and the final product might have vulnerabilities – be it an SME or a major brand with its own IT department. According to High-Tech Bridge Security Research, web apps of the 92% of companies in the FT Global 500 have vulnerabilities that could be exploited by malefactors to obtain confidential data about customers.

How can companies minimize information security risks for web apps?

First of all, they should consider security of their web apps at the time of development. Secure programming courses for software developers will improve the general security of their codes while special IT solutions will help testers to detect and correct vulnerabilities in the application code without interrupting the development process.

Secondly, it is necessary to use the Web Application Firewall when the web app is already working. WAF will become the main line of defense for your product and the data it contains.

What’s important

The objective of WAF is to filter the incoming internet traffic and prevent internet threats, while allowing the requests of ordinary users. At the same time, it is important to minimize delays and avoid false alarms. WAF intercepts all HTTP/HTTPS requests to the app, for instance, the search for a product using filters, or registration on a website. The system analyses each of these requests before it makes a decision whether it should be forwarded to the web server or not. If WAF considers the request dangerous, it can either block it or create a notification about the possible attack. Each company prefers their own WAF settings: for online stores, it is always important to be available to the user, while the key priority of web apps that contain financial and personal data is to keep the data safe and prevent theft.

When machine is better than man

The Web Application Firewall technology is among the most efficient methods of protecting web applications – and from the economic point of view as well. The system detects and prevents attacks that web scanners may skip. However, previously such solutions often required human involvement for adjustment and attack detection. With new types of attacks and threats emerging, specialists first had to update a WAF version to download new rules and then check whether it works correctly; meanwhile, hackers managed to invent new methods and types of attacks and always were one step ahead.

This led to WAF solutions emerging in the market that utilize AI capabilities and machine learning. First, they are able to continuously monitor traffic without any human involvement. Second, such systems adapt faster to the business logic of a trusted application. And, most importantly, such intellectual WAF systems are constantly self-learning; they adapt to the changes on the fly leaving hackers with no advantage.

By Anastasia Novikova, Chief Operating Officer, Onsec

Previous ArticleNext Article