Kytec can design, implement and manage a cloud-based, Web Application Firewall solution by leveraging the capability of our partner, Radware.
Traditional firewalls provide protection at layers 3 and 4 in the OSI Stack (Open Systems Interconnection) but a WAF solution provides protection at layers 5 to 7 where a traditional firewall cannot distinguish between legitimate and malicious traffic.
A WAF protects your web apps by filtering, monitoring, and blocking any malicious HTTP/S traffic travelling to your web application, and prevents any unauthorised data from leaving the app. It stops attacks in the cloud before they get to your application. Typical web facing applications include your VPN, website, e-commerce engine and CRM.
A WAF protects against malicious attacks, such as:
- SQL injection – a hacking technique used to extract sensitive information from a database.
- Malicious file execution – a harmful technique which allows a person to execute code remotely after a user accepts a malicious file.
- Cross-site scripting – when malicious script is injected into the code of an otherwise trusted website, allowing potentially sensitive user data such as cookies to be accessed
Some applications may not be built with sufficient security, you may have legacy applications and some applications might need patching. Weaknesses in your applications can be exploited.
Most organisations have a range of different applications and ensuring security at the individual application level can be challenging. A cloud-based WAF means security settings can be configured in one place to protect a whole range of applications. The WAF solution can also identify vulnerabilities in your applications for remedial action.
Full coverage of OWASP top-10 attacks
Provides protection from 0-day web attacks
Single ‘pane of glass’ with unified portal
Automatically adapts protection to evolving threats
IP-agnostic source tracking to detect and block threats posed by advanced bots, such as web scraping, web application DDoS, and brute force attacks for password cracking and clickjacking.
Application Analytics Simplifies Security Management
Reduce the risk of downtime, data theft and security breaches
Cloud solution minimise costs by avoiding the need for expensive dedicated hardware
Ongoing web application security testing
Application visibility demonstrates compliance
“Advanced sandboxing is key. Can an application A) talk to application and B) when it senses a benign threat turning malicious?”