Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Application Layer Firewalls<br />Saumil Shah, Net-Square<br />TCS APPSECWEEK - 4.9.2009<br />
# who am i<br />Saumil Shah<br />CEO Net-square.<br />Hacker, Speaker, Trainer, Author.<br />M.S. Computer Science<br />Pu...
Agenda<br />
Application Layer Attacks<br />Input Tampering<br />SQL Injection<br />LDAP, XPATH, XQuery Injection<br />Cross Site Scrip...
Attacking the application<br />Netbanking Login<br />saumil<br />userid<br />xyz&apos; or 3=3 --<br />password<br />login<...
It is not easy to fix broken applications<br />
Application Layer Firewalls<br />(WAF)<br />
What do WAFs do?<br />
What do WAFs do?<br />
Types of WAFs<br />
Comparison<br />
Shall we see a demo?<br />
WAFs cure the symptoms, not the illness.<br />
THANK YOU<br />www.net-square.com<br />saumil@net-square.com<br />secure . automate . innovate<br />
Upcoming SlideShare
Loading in …5
×

Application Layer Firewalls

1,733 views

Published on

A quick introduction to WAFs - what they can do and what they can\'t do.

  • Be the first to comment

Application Layer Firewalls

  1. 1. Application Layer Firewalls<br />Saumil Shah, Net-Square<br />TCS APPSECWEEK - 4.9.2009<br />
  2. 2. # who am i<br />Saumil Shah<br />CEO Net-square.<br />Hacker, Speaker, Trainer, Author.<br />M.S. Computer Science<br />Purdue University.<br />Google: &quot;saumil&quot;<br />LinkedIn: saumilshah<br />
  3. 3. Agenda<br />
  4. 4. Application Layer Attacks<br />Input Tampering<br />SQL Injection<br />LDAP, XPATH, XQuery Injection<br />Cross Site Scripting (XSS)<br />Exception Handling<br />Session Manipulation<br />Buffer Overflow<br />HTTP Parameter Pollution (HPP)<br />...and many more<br />
  5. 5. Attacking the application<br />Netbanking Login<br />saumil<br />userid<br />xyz&apos; or 3=3 --<br />password<br />login<br />
  6. 6. It is not easy to fix broken applications<br />
  7. 7. Application Layer Firewalls<br />(WAF)<br />
  8. 8. What do WAFs do?<br />
  9. 9. What do WAFs do?<br />
  10. 10. Types of WAFs<br />
  11. 11. Comparison<br />
  12. 12. Shall we see a demo?<br />
  13. 13. WAFs cure the symptoms, not the illness.<br />
  14. 14. THANK YOU<br />www.net-square.com<br />saumil@net-square.com<br />secure . automate . innovate<br />

×