Web Application Firewalls: More Essential Than Ever

April 21, 2021

Virtual meetings, online events, digital transactions and increased social media engagement is how many of us will remember changes brought about by 2020. However, as we scrambled to keep up with these changes, hackers took advantage of loosely protected applications, and cybercrimes skyrocketed.

According to The Hill, the FBI’s IC3 center reported 3,000 – 4,000 cybersecurity complaints every day, which is a jump from 1,000 per day pre-COVID-19. Take Zoom for example, more than half a million Zoom passwords were stolen and sold on the dark web. The scenario is indicative of the status quo for most applications today: in serious need of robust and adaptive security solutions.

So, how can you take strategic measures to make your IT security iron-clad and save your company from increasing web attacks and vulnerabilities? The answer is simple: understanding the key differences between various security solutions and learning which one actually protects your web applications. In this blog, we will discuss:

  • Why you need a web application firewall (WAF) vs. a traditional network firewall
  • 2020 cybercrimes: the tip of the iceberg
  • Risks mitigated by WAF technology
  • Array’s ICSA-certified WAF

Let’s learn how a WAF can secure your applications and your customers’ sensitive data.

Why You Need WAF Vs. Network Firewall

Many companies set up network firewalls, intrusion prevention systems and intrusion detection systems (IPS/IDS) and think their web applications are secured. This is far from the truth. Relying on a network firewall to protect web applications almost equivalent to leaving the doors to your web application open to hackers.

Think of web application firewall as an intelligent gatekeeper that operates on OSI level 7 and monitors the incoming and outgoing HTTP/HTTPS traffic. It filters and blocks out malicious or suspicious traffic and is more advanced than network firewalls in the sense that it protects your application against known and unknown vulnerabilities.

Web application firewalls are built to handle modern-day attacks, including zero-day, XSS, cookie manipulation, DDoS, and more. It protects applications like JavaScript, ActiveX, and Ajax.

Finally, WAFs operate independently of applications. This allows you to introduce a new feature into your application without getting thousands of false positive threat detections that new data flows cause.

Network firewalls, on the other hand, operate on OSI level 3 – 4 and protects network traffic and data transfer. A network firewall mitigates attacks like Domain Name System (DNS), Simple Mail Transfer Protocol (SMTP), Secure Shell (SSH), and Telnet.

In other words, WAFs mitigate risks that circumvent the network firewall.

For industries like banking, hospitals, software, and hospitality, web application firewalls are a must-have. In fact, any application that facilitates digital transactions and/or saves customer records and credentials in the database needs a WAF.

Losing information to hackers can not only break the bank in the near term, it can also stain a company’s reputation in the long term. As Arcserve 2020 Data Attack Surface Report says:

“59% of buyers are likely to avoid companies that suffered from a cyberattack in the past year.”

Now let’s take a look at how companies have taken heat due to cybercrime in 2020.

2020 Cybercrimes: The Tip Of The Iceberg

  • Twitter’s spear-phishing attack took the internet by storm when verified accounts of high-profile personalities like Elon Musk, Bill Gates and Barack Obama were hacked. 130 Twitter accounts were hacked, producing 300 transactions making hackers a whopping $121,000.
  • Magellan Health, a Fortune 500 insurance company, suffered a ransomware and data breach attack that affected 365,000 patients. After carrying out a phishing scheme and deploying malware in the system, hackers stole employee credentials like personal information, employee ID numbers and sensitive patient information like W-2 information and social security numbers.
  • Microsoft’s data breach in January 2020 exposed information belonging to 250 million users, including e-mail, support case details, IP addresses, and more. Even though the company states personal information was not leaked, hackers could have secured information for future attacks. Therefore, no matter the size of the company, the need for security is unquestionable.

This is just the tip of the iceberg. There were countless data breaches, leaks and web attacks in 2020 that give us all the more reason to have robust and dynamic security solutions.

Now let’s take a look at some of the risks that WAFs can protect your applications against.

What Risks Can WAF Mitigate?

So far, we’ve seen the critical differences between WAF and network firewall, and how companies have suffered from cybercrimes in 2020.

Here is a (partial) list of attacks WAF can mitigate and protect your applications against:

  1. The OWASP top 10: If the number of threats overwhelms you, this is the list you should refer to first. It includes threats such as injection flaws, for example: SQL, NoSQL, LDAP, and OS. Other threats in this list are cross-site scripting (XSS), security misconfiguration and XML External Entities (XXE). The good news is that WAF protects applications against all of these threats.
  2. DDoS: Each website has a limit to the traffic it can accommodate. When the amount of traffic crosses the bandwidth, the application stops responding, even to legitimate users. That’s what happens in DDoS — hackers flood the server with traffic from various locations, and botnets play an instrumental role in performing DDoS attacks. WAFs see these attacks as they emerge and put a stop to them before they have a chance to overrun applications.
  3. Zero-day attacks: Zero-day attacks are among the most dangerous because they’re unknown. That’s right – it’s the attack that only the hackers themselves know. Hackers attack the applications even before the developers have had a chance to fix them. A web application firewall is an ideal way to stop this attack.
  4. Phishing: Employees in an organization usually know they should not click on any links that look suspicious. However, hackers are becoming increasingly sophisticated and are curating links that look legitimate — a trap that, if you fall prey to, can compromise your precious data. In response, WAFs can step in and prevent security lapses due to inadvertent user activity.

Now that we’ve seen what WAF is, its benefits, and how it gains an edge over other firewalls, let’s learn why Array’s WAF solutions should be at the top of your list for consideration.

Array Networks WAF

Array’s WAFs are ICSA certified, which means they’re tested against the highest standards and the most dangerous threats like DoS, XSS, CSRF, information leakage, and other web application threats.

Our WAF was not susceptible to any of these threats, and it maintained integrity and confidentiality of the data. Moreover, Array’s WAF comes with extensive logging functionality and meets all persistency requirements expected of an advanced WAF. In other words, it is designed with enterprises and service providers in mind.

Talk to us today to protect your company’s web applications against known and unknown vulnerabilities and win your customers’ trust by securing their data!

Paul Andersen

Mr. Andersen has more than 20 years of high-tech industry experience, and has previously served in various roles at Cisco Systems, Tasman Networks and Sun Microsystems. He served as Senior Director of Marketing for Array Networks for more than ten years, leading critical positioning, sales generation and marketing efforts as well as sales training and partner marketing, enablement and management. Paul holds a Bachelor's Degree in Marketing from San Jose State University.