Web Application Firewall (WFA)

What is Web Application Firewall

A web application firewall is a specific form of application firewall that filters, monitors, and blocks HTTP traffic to and from a web service. A WAF or web application firewall helps protect web applications by filtering and monitoring HTTP traffic between a web application and the Internet. 

Why we need Web Application Firewall for our organization?

A WAF protects your web apps by filtering, monitoring, and blocking any malicious HTTP/S traffic traveling to the web application, and prevents any unauthorized data from leaving the app. It does this by adhering to a set of policies that help determine what traffic is malicious and what traffic is safe.

WAF or Web Application Firewall is considered a critical part of an effective security solution that fortifies website security and strengthens the overall security posture. 

Features of Web Application Firewall

  • Web traffic filtering
  • WAF Bot Control
  • Account takeover fraud prevention
  • Full feature API
  • Real-time visibility

Web traffic filtering

WAF lets you create rules to filter web traffic based on conditions that include IP addresses, HTTP headers and body, or custom URIs. This gives you an additional layer of protection from web attacks that attempt to exploit vulnerabilities in custom or third party web applications. In addition, WAF makes it easy to create rules that block common web exploits like SQL injection and cross site scripting.

WAF Bot Control

WAF Bot Control is a managed rule group that gives you visibility and control over common and pervasive bot traffic that can consume excess resources, skew metrics, cause downtime, or perform other undesired activities. With just a few clicks, you can block, or rate-limit, pervasive bots, such as scrapers, scanners, and crawlers, or you can allow common bots, such as status monitors and search engines. The Bot Control managed rule group can be used alongside other Managed Rules for WAF or your own custom WAF rules to protect your applications.

Account takeover fraud prevention

WAF Fraud Control – Account Takeover Prevention is a managed rule group that monitors your application’s login page for unauthorized access to user accounts using compromised credentials. You can use the rule group to help protect against credential stuffing attacks, brute force login attempts, and other anomalous login activities. With optional JavaScript and iOS/Android SDKs, you can receive additional telemetry on user devices that attempt to log in to your application to better protect your application against automated login attempts by bots.

Full feature API

 WAF can be completely administered via APIs. This provides organizations with the ability to create and maintain rules automatically and incorporate them into the development and design process. For example, a developer who has detailed knowledge of the web application could create a security rule as part of the deployment process. This capability to incorporate security into your development process avoids the need for complex handoffs between application and security teams to make sure rules are kept up to date.

Real-time visibility

WAF provides real-time metrics and captures raw requests that include details about IP addresses, geo locations, URIs, User-Agent and Referrers. WAF is fully integrated with CloudWatch, making it easy to setup custom alarms when thresholds are exceeded or particular attacks occur. This information provides valuable intelligence that can be used to create new rules to better protect applications.

Authorized Partner