Why Businesses Should Consider Managed Cloud-Based WAF Protection

It’s very evident that cyber-attacks are not only costly in
terms of time and money but also bring extensive legal liability
with them. According to Juniper Research^[2]‘s prediction, the cost
of a data breach could cross $150 million by 2020.

With the rising cost of data breaches and cyber-attacks,
cybersecurity has become a board room conversation on an
unprecedented scale. In this ever-connected online world, web
application security is the cornerstone of the overall
cybersecurity of any company.

When it comes to application security, web application
firewall^[3] (WAF) based protection
has been the first line of defense against web attacks for a while
now.

A web application firewall is deployed in front of web
applications that aim to intercept the traffic to and from the web
servers with the intent of identifying malicious requests and
blocking them.

WAF is not a new technology and has been around for a while now,
where many organizations have some form of WAF deployed. But
unfortunately, the efficacy of WAF remains to be a question. The
ever-increasing cost of a data breach, as well as the number of
successful web attacks, suggest that WAF, in its traditional form,
has not been doing an effective job.

A recent independent study by Ponemon
institute^[4] further strengthens this
claim.

• 65% of the organizations surveyed have said that they are not
  sure about the effectiveness of WAF,
• 43% of them use WAF only in log/monitoring mode,
• 86% of them have experienced an application layer attack that
  has bypassed WAF.

In contrast:

• The annual spent on WAF has been increasing year by year,
• In total, organizations spend 620K/year on average,
• 420K on WAF products and 200 K annually on staff who spend 45
  hrs a week fine-tuning the rules and managing WAF.

It’s clear the traditional form of WAF is not working, and
that’s because:

• Static WAF rules in traditional WAF do not provide visibility
  to application vulnerabilities, nor do they provide complete
  protection when it comes to the everchanging threat landscape.
• Applications are continually changing, and it is hard for WAF
  to be deployed in block mode, as it requires constant monitoring
  and fine-tuning of rules.
• Management of WAF requires expertise, and not all organizations
  have the requisite skill set for proper deployments.
• Traditional WAFs are deployed in on-premise (customers
  infrastructure), which means it becomes customers’ job to manage
  the infra. This leads to additional CAPEX and OPEX.
• With sophisticated attacks, especially in the case of DDOS
  attacks, it becomes near impossible for On-premise deployments to
  scale to thwart such attacks.
• With the complex heterogeneous environment in an organization
  with different deployment models as well as languages and
  architectures used, it becomes nearly impossible to have an inbuilt
  team that could fine-tune WAFs to protect such a diverse
  environment.

Hence, there is a need for a better form of defense:

• That can scale with your business, leveraging the power and
  scalability of cloud networks.
• Dynamically change the protection profile to adapt to
  everchanging application and threat landscape.
• That does not require to build an army of resources inhouse who
  have security expertise.
• Have significantly lower CAPEX and OPEX.

Introducing AppTrana – Indusface’s Cloud Web Application
Firewall

AppTrana^[5] is a revolutionary
managed solution from Indusface that takes a more comprehensive
approach when it comes to application security.

Unlike traditional vendors, AppTrana does not give default rules
and ask customer to manage them, instead, it starts with
understanding the risk profile of application through its detection
module which scans the application for vulnerabilities, based on
the detection, rules are written and tweaked to meet the
application need ensuring there are no FPs with very little
FNs.

Being a wholly managed WAF, the rules are tweaked by AppTrana’s
security experts who have years of experience handling WAF security
for thousands of sites, so they know what they are doing.

And it does not stop there, the team of experts continuously
monitors the security space and keep the rules updated, ensuring
all zero-day vulnerabilities are immediately protected. Not only
that, in case of FPs due to any new changes in the application, the
team would immediately tweak the rules to ensure the issue is
immediately resolved without the need for opening up WAF and moving
the rules to log mode.

95% of sites start in block mode behind AppTrana from day zero,
and all applications move to block mode within 14 days.

Built bottom-up taking advantage of the infinitely scalable
cloud infrastructure, AppTrana is built to scale seamlessly to
business needs without needing to pre-provision extra
infrastructure.

This also means AppTrana can scale effectively to thwart massive
DDOS attacks. Not only that being a managed WAF solution,
Indusface’s security regularly ensures the rules are up-to-date,
providing WAF is effective against the everchanging the threat
landscape.

To conclude, Managed Cloud WAF, like AppTrana, is the perfect
solution to the problem that traditional WAF deployments face.

With AppTrana customers:

• Need not worry about scaling their WAF with their Business.
  Leveraging the power & scalability of cloud networks, Cloud WAF’s
  scale infinitely any amount of traffic.
• Reduce the risk of downtime, data loss with a WAF that can
  scale to protect against the largest DoS and DDoS attacks.
• Have no upfront CAPEX to build a huge infra to handle spikes of
  traffic. The entire WAF infrastructure is handled by the Cloud WAF
  players.
• Can deploy lot quicker, with onboarding happening in minutes
  without requirement of any downtime.
• Defend against new and emerging threats with a completely
  managed rule set that is kept up to date, which means customers
  need not invest in huge OPEX and build an in-house security
  team.

Try out AppTrana Free
Trial^[6].