Web Application Firewall

Web application firewalls (WAF) are a new breed of information security technology designed to protect web sites from attack. WAF solutions are capable of preventing attacks that network firewalls and intrusion detection/ prevention systems can't, and they do not require modification of application source code.

In general, Applications are vulnerable as application developers do not consistently employ secure coding practices. WAF is designed to combat all attack types that have been categorized as high-level threats, including:

  • Cross Site Scripting (XSS)
  • SQL injection flaws
  • OS command injections
  • Site reconnaissance
  • Session hijacking
  • Application denial of service
  • Malicious probes/crawlers
  • Cookie/session tampering
  • Path traversal
  • Information leakage

In addition, companies that transact online are faced with a host of growing industry regulations such as the Payment Card Industry Data Security Standard (PCI DSS), which mandates that all enterprise and Web applications handling credit card and account information must undergo an extensive and costly audit of custom application code. The alternative to satisfy PCI DSS Section 6.6 compliance is simply installing a WAF in place.

Articles

Barracuda Web Application Firewall

Published on January 24, 2011
The Barracuda Web Application Firewall is a complete and powerful security solution for Web applications and Web sites. The Barracuda Web Application Firewall provides award-winning protection against hackers leveraging protocol or application vulnerabilities to instigate data theft, denial of service or defacement of your Web site.

Other Links

» Security Solutions
» Data Loss/ Leakage Prevention
» Encryption
» End Point Security
» Web Application Firewall
» SSL-VPN

Featured Partners