The Web Application Firewall

The Web Application Firewall

Warriors robust Web Application Firewall and Intrusion Prevention System (WAF/IPS) is one of the core technologies of Warrior’s web security platform. We will protect your business from all vulnerabilities in the OWASP Top 10 and many more. Warrior’s WAF is effective against known threat vectors and blocking zero-day attacks.

The Approach

Warrior’s WAF/IPS uses a variety of techniques to accurately identify and block malicious traffic. The techniques used are application Whitelisting/Blacklisting, Granular ACL, and Behavioural Analysis & Machine Learning.

Application Whitelisting

This automatic mechanism yields fine-grained application rule sets defining allowed headers, HTTP methods, resources, content types, encoding, languages, forms, input fields, etc within an application. Once this set is defined, it is virtually impossible for an attacker to inject code of any kind.

Blacklisting

This is a database of virtually all web-related vulnerabilities ever published. The database is updated with solutions that neutralize any new threats and the changes are pushed immediately to all deployments of the Warrior WAF worldwide.

Granular ACL (Access Control Lists) Warrior’s Web Application Firewall (WAF) works in conjunction with ACL control technology that filters traffic in three forms and levels;

  1. Static Lists
    Semi-Dynamic,
    3. Dynamic Static ACL

Static lists are straightforward. Access is granted or denied according to Ip address, ranges of IP addresses, organization, ISP, or geolocation.

Semi-Dynamic ACLs are datasets that Warrior updates periodically. These include lists such as TOR networks, anonymous proxies, VPN providers, and other managed lists such as cloud infrastructures and various blacklists. We refresh these lists and update the platform at various intervals. For example, TOR is updated every 30 minutes, while lists of cloud providers and proxy servers are updated every 24 hours.

Dynamic ACL As the name suggests, Dynamic ACLs are rulesets and logic defined by the user and platform itself. Warrior dynamically applies them automatically (per behavior and activity) with no need for user intervention. Examples of dynamic ACLs are Bots, Unknown Proxies, Brute Force, and others.

Warrior’s ACLs are easy to set up and activate, and they provide granular, separate security policies for the protected platform: from a globally applied ACL down to specific clusters of sites, or individual sites or applications, or even individual URLs. The platform’s combined ACL capabilities are among the most powerful in the industry. They can be fine-tuned to whatever degree of precision you need.

 

Сomments
28.03.2021
No comments yet.