web applications - To accurately stop
attacks, a Web application firewall must understand the protected application,
including URLs, parameters, and cookies.
ahead of hackers - A Web application
firewall must have up-to-date protection to defeat the latest Web-borne
evasion techniques - A Web application
firewall must include an analytics engine that can examine multiple attack
indicators to block attacks without false positives.
automated attacks and bots - A Web
application firewall must be able to stop automated attacks like site scraping,
comment spam, application DDoS, and vulnerability scans. Due to the explosion
in automated attacks, stopping malicious users can be as important as stopping
malicious sources - To protect Web
applications, a Web application firewall must recognize known malicious sources
and sites. It should identify users that are actively attacking other Websites
and stop them instantly, before they can inflict more damage.
patch vulnerabilities - A Web
application firewall must prevent attempts to exploit application
malware - A Web application firewall
must be able to mitigate the growing scourge of fraud malware.
payment and account origination fraud -
A Web application firewall must be able to mitigate payment and new account
fraud without requiring application changes.
on premise and cloud deployment - A Web
application firewall must provide flexible configuration options to satisfy
every organization’s unique requirements. As many businesses transition their
application infrastructure to the cloud, Web application firewalls must adapt,
supporting virtual appliance solutions for private clouds and cloud-based
security services to protect hosted Web applications.
- Automate and scale operations – A Web application firewall must deliver point-and-click security policies. Simple, but flexible policy configuration not only eases initial configuration, but it also makes it easier for administrators to review security policies developed by their peers.