Example: bankruptcy

Web Application Firewall (WAF)

Web Application Firewall (WAF). Today's Web App Environment Web site & Application security challenges across industry WAF Edge Compliance Source: The Web Application Security Consortium DDoS. 2011 Akamai Powering a Better Internet Tokenization Management Today's Web App Environment Web site & Application security challenges across industry WAF Edge Compliance Source: The Web Application Security Consortium DDoS. 2011 Akamai Powering a Better Internet Tokenization Management Today's Web App Environment Web site & Application security challenges across industry 95% of corporate Web apps have severe vulnerabilities. WAF Edge Compliance Source: The Web Application Security Consortium DDoS. 2011 Akamai Powering a Better Internet Tokenization Management Today's Web App Environment Web site & Application security challenges across industry 95% of corporate Web apps have severe vulnerabilities.

OWASP Top 10 Security and Compliance •Helps meet PCI DSS 6.6 •Secures web applications and the data they serve Application Aware •Stops SQL Injections and Cross Site Scripts •Inspects HTTP requests for validity •Enables fast blocking of IP’s to stop ―Bad‖ clients

Fullscreen Download

Tags:

  Applications, Owasp, Owasp top 10

Information

Domain:

Source:

Link to this page:

Please notify us if you found a problem with this document:

Other abuse

Transcription of Web Application Firewall (WAF)

1 Web Application Firewall (WAF). Today's Web App Environment Web site & Application security challenges across industry WAF Edge Compliance Source: The Web Application Security Consortium DDoS. 2011 Akamai Powering a Better Internet Tokenization Management Today's Web App Environment Web site & Application security challenges across industry WAF Edge Compliance Source: The Web Application Security Consortium DDoS. 2011 Akamai Powering a Better Internet Tokenization Management Today's Web App Environment Web site & Application security challenges across industry 95% of corporate Web apps have severe vulnerabilities. WAF Edge Compliance Source: The Web Application Security Consortium DDoS. 2011 Akamai Powering a Better Internet Tokenization Management Today's Web App Environment Web site & Application security challenges across industry 95% of corporate Web apps have severe vulnerabilities.

2 Over 95% of corporate web applications have severe vulnerabilities WAF Edge Compliance Source: The Web Application Security Consortium DDoS. 2011 Akamai Powering a Better Internet Tokenization Management Today's Web App Environment Web site & Application security challenges across industry 95% of corporate Web apps have severe vulnerabilities. 80% of ALL active vulnerabilities are at the app layer WAF Edge Compliance Source: The Web Application Security Consortium DDoS. 2011 Akamai Powering a Better Internet Tokenization Management Today's Web App Environment Web site & Application security challenges across industry 95% of corporate Web apps have severe vulnerabilities. 80% of ALL active vulnerabilities are at the app layer WAF Edge Compliance Source: The Web Application Security Consortium DDoS.

3 2011 Akamai Powering a Better Internet Tokenization Management Today's Web App Environment Web site & Application security challenges across industry 95% of corporate Web apps have severe vulnerabilities. 80% of ALL active vulnerabilities are at the app layer The average time-to-fix for large organizations is 15-weeks WAF Edge Compliance Source: The Web Application Security Consortium DDoS. 2011 Akamai Powering a Better Internet Tokenization Management Today's Web App Environment Web site & Application security challenges across industry 95% of corporate Web apps have severe vulnerabilities. 80% of ALL active vulnerabilities are at the app layer The average time-to-fix for large organizations is 15-weeks Why? Competition drives website innovation Migration of enterprise apps to the Web, outside Firewall Recent surveys show majority of customers have 20+ Web Apps Introduction of many new technologies for programmers Increasing complexity Web , AJAX, XHTML, 3rd party, etc.

4 Developers create mistakes with rapidly changing code WAF Edge Compliance Source: The Web Application Security Consortium DDoS. 2011 Akamai Powering a Better Internet Tokenization Management It's a Challenge On The Front Line Serious Vulnerabilities Across Industry Overall Insurance Financial Services Social Education Retail IT. Networking Banking Healthcare Telecom Average Number of Serious Vulnerability Sorted by Industry WhiteHat Website Security Statistics Data Breaches Across Industries Large Sized Organizations by Industry (2,5 00 Employees and Over). Verizon Breach Report Industry Leaders Above Average Laggards Top 25% Mid 25% 50% Lower 50% 75%. Overall 35 15 6. Banking 24 12 2. Education 24 14 4. Financial Services 19 9 3. Healthcare 22 8 4.

5 Time-To-Fix Across Industry Insurance IT. 38. 24. 21. 12. 10. 6. Retail 43 22 8. Social Networking 18 12 8. Telecommunications 28 27 26. Large Sized Organizations by Industry (2,5 00 Employees and Over). WhiteHat Website Security Statistics Report |. 10th Edition | Fall 2010. thing stood out, thereWAF Edge Compliance DDoS. When looking at the time-to- x results data one does not appear to us that there is anything 2011 Akamai Powering a Better Internet technically preventing vulnerabilities from being xed quickly. It would seem when an Tokenization Management organization is motivated to x an Peak Attack Traffic per year 124. 125. 100. 100. Attack Size Gbps 75. 49. 50. 40. Hardware WAF. 24. 25 (max. throughput) 17. 10. 5. 0. 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 Akamai (Arbor Networks) (Jul 4, 2009).

6 WAF Edge Compliance DDoS. 2011 Akamai Powering a Better Internet Tokenization Management Web Application without Akamai (Cloud). Datacenters X End User Traffic 10000. 1000. 100. 10. 1. WAF Edge Compliance DDoS. 2011 Akamai Powering a Better Internet Tokenization Management Web Application with Akamai Cloud Security (Cloud). Datacenters End User Traffic 10000. 1000. 100. 10. 1. WAF Edge Compliance DDoS. 2011 Akamai Powering a Better Internet Tokenization Management Akamai Web Application Firewall Stop Unseen Hackers At The Edge Stops Most Common Hacking Attempts owasp Top 10. Security and Compliance Helps meet PCI DSS Secures web applications and the data they serve Application Aware Stops SQL Injections and Cross Site Scripts Inspects HTTP requests for validity Enables fast blocking of IP's to stop Bad.

7 Clients Enables a White List of known Good . clients WAF Edge Compliance DDoS. 2011 Akamai Powering a Better Internet Tokenization Management Akamai Web Application Firewall Stop Unseen Hackers At The Edge Stops Most Common Hacking Attempts owasp Top 10. Stops malicious traffic Security and Compliance at the Edge Helps meet PCI DSS Secures web applications and the data they serve Application Aware World's most scalable Stops SQL Injections and Cross Site and available WAF. Scripts Inspects HTTP requests for validity Enables fast blocking of IP's to stop Bad . clients Enables a White List of known Good . clients WAF Edge Compliance DDoS. 2011 Akamai Powering a Better Internet Tokenization Management The Akamai Difference Stops malicious traffic close to source, protects origin interface and traffic costs In-band benefits without single point of failure Integrates into existing security infrastructure Usage based billing Protects cloud-based services and applications Exponentially more scalable, available, and flexible Attacks are at 10 Gbps 100 Gbs or more.

8 Can your WAF scale to protect you? WAF Edge Compliance DDoS. 2011 Akamai Powering a Better Internet Tokenization Management

Show more