SlideShare a Scribd company logo

Webscale webinar about Web Application Firewall

Download as PPTX, PDF
Webscale Networks
Webscale Networks

Hackers are smart. 
Time to be smarter. Webscale's webinar gives you more information about Unmanaged web applications: the vulnerabilities you don’t know about and the risks they pose to your business. There is also an overview of recent cyber threats and the latest trends in cyber security. You can also find 5 simple steps to take back control of your web applications.

1 of 37
WEBSCALE WEBINAR Hackers are smart. Time to be smarter. Jay Smith| Founder & CTO, Webscale Sonal Puri | CEO, Webscale Your hosts: 10th October, 2017
• EVOLUTION OF WEB APPLICATIONS • INTRODUCTION TO WEB APPLICATION FIREWALL (WAF) • WHY WAF • WEB APPLICATION THREATS • A BRIEF INTRODUCTION TO WEBSCALE • WEBSCALE CLOUD SECURE • WEBSCALE UNIFIED PORTAL AGENDA
EVOLUTION OF WEB APPLICATIONS
1997 1999 2001 2003 CDN 1.0 | CACHING EDGE DELIVERY ROUTE OPTIMIZATION PEERING POINTS APP SERVER INTERNET CLOUD • Peering Points • Server Overload • Bandwidth Cost PROBLEMS • Performance BUSINESS REQUIREMENTS WEB 1.0 | STATIC
2005 2007 2009 2011 MOBILE OPTIMIZATION EDGE INTELLIGENCE FRONT END OPTIMIZATION • Connectivity • Edge to Device • Increasing Dynamic Content PROBLEMS • Performance • Availability BUSINESS REQUIREMENTS CACHE WEB 2.0 | DYNAMIC DYNAMIC CONTENT RICH MEDIA
2013 2015 2017 2019 COMMODITY CDN UTILITY CLOUD INFINITELY SCALEABLE APPS BIG DATA HTTP/2 • Application & Infrastructure • Dynamic Content Problems • Performance • Availability • Security Business Requirements WEB 3.0 | INTERACTIVE
WEB APPLICATION FIREWALL (WAF)
User 1 | SAFE User 2 | SAFE User 3 | UNSAFE Web Application Firewall Identifies and blocks malicious web traffic and requests User 1 User 2 x Web Application Server WHAT IS A WAF ?
Internet Web Application Firewall Network Firewall Non HTTP Attacks HTTP Attacks NETWORK FIREWALL VS. WAF NETWORK FIREWALL WEB APPLICATION FIREWALL • Layer 3 (Network) & 4 (Transport) • Authorization decisions based on source & destination IP addresses, protocol type & port numbers • Susceptible to exploits like buffer overruns, IP spoofing, ICMP tunneling • Layer 7 (Application Layer) • Scans transmitted data for malicious content • Acts as reverse proxy to application servers • Less susceptible to attacks
WHY WAF ?
75%Percentage of all cyber attacks targeting web applications - Gartner 4BNumber of records leaked in 2016 - IBM 32%Growth in number of hacked sites in 2016 - Google After Joomla, WordPress accounted for 10% and Magento with 7% of all web application attacks. WEB APPLICATION ATTACKS 70%Retailers take days or longer to investigate the source of attack - RSA 25%Percentage of all web application attacks targeting Joomla- AlertLogic 88MAttacks ecommerce industry experienced in Q2’17 - ThreatMatrix
Application Security • Application Vulnerabilities • OWASP Top 10 Protection • DDoS Mitigation Proactive Defense • IP Black/White Listing • Geo Blocking Application Performance • SSL Offload • Caching Compliance • Logging and reporting • Visibility WHY WAF ?
WEB APPLICATION THREATS
Overwhelming a site with requests for information, severely slowing the operation of a website or bringing it down entirely. Inserting JavaScript in the pages of a trusted site to completely alter its contents. Jumping into the session of another user, reading information as it passes between the user and the server. Allows attackers to trick users into performing actions without their knowledge. Injecting malicious SQL statements into the site to trick the interpreter into executing unintended commands or accessing data without proper authorization. SQL INJECTION DENIAL OF SERVICE CROSS SITE SCRIPTING SESSION HIJACKING CROSS-SITE REQUEST FORGERY (CSRF) COMMON WEB APPLICATION THREATS
EQUIFAX DATA BREACH One of the most significant data breaches in recent history with social security numbers of 143 million Americans potentially compromised. RECENT CYBER ATTACKS WANNACRY RANSOMWARE Largest online extortion attack ever recorded that crippled government and infrastructure in more than 150 countries. NOTPETYA MALWARE Like WannaCry ransomware, NotPetya malware also exploited EternalBlue vulnerability in Microsoft Windows that caused serious disruption at large firms in Europe and the US. HBO DATA HACK Hackers obtained all of HBO’s social media logins, GIPHY credentials, and leaked scripts and episodes of their most popular series – Game of Thrones.
• Cyber attacks continue to grow in size, complexity, and frequency • Mobile & IoT are emerging to be the new cybercrime targets • Ransomware and other advanced threats are target retailers • Attacks are evolving from isolated attacks on large organizations to networked attacks targeting multiple key infrastructures and organizations • Increasing number of attacks appearing from emerging and growth economies • Businesses in the US continue to be the target of attacks from cybercriminals across the globe EMERGING TRENDS IN CYBER SECURITY 16
TOP ECOMMERCE SEGMENTS AFFECTED BY FRAUD 17 19% 15% 13% 10% 4% 4% 2% Money Transfer Travel Business Services Electronics Fashion Entertainment Casino & Gambling Source: RSA 2017 Global Fraud and Cybercrime Report
FIVE STEPS TO STRONGER PROTECTION Implement a robust security solution Continuous assessment for vulnerabilities Conduct regular audits and trainings Incident response and disaster recovery plan Enable role based access controls
A BRIEF INTRODUCTION
A BRIEF HISTORY NPS Score 71 In just 4 years, Webscale has migrated more than 600 web applications and ecommerce storefronts to the cloud, delivering performance, availability, security and control to more than 100 customers across 7 countries. Delivering up to 75% reductions in costs while providing up to 50% improvement in site performance, Webscale is the only company focused on delivering a true multi-cloud platform, for complete web application delivery and control to mid-market businesses transacting online. INTRODUCTION TO WEBSCALE
WEB APPLICATIO N CLOUD CDN MANAGED HOSTING ADC SECURITY SYSTEM INTEGRATO R LOAD BALANCING BACKUP ADC SECURITY | WAF WEBSCALE PLATFORM
WEBSCALE CLOUD SECURE The application-aware WAF
• Be Application Aware • Control the Application • Provide fool-proof security without impacting performance • Provide Custom Security Policies • Support Multi-Cloud Requirements • Provide Real Time Analytics • Be Protected from known and unknown threats including Bots • Be Multi-tenant NOT ALL WAFS ARE CREATED EQUAL A robust WAF must:
SAMPLE VERTICAL: E-COMMERCE THE IMPORTANCE OF APPLICATION AWARENESS 600+ storefronts deployed across these and other platforms 42% of web application attacks Real-time learning across large customer base creates deep understanding of known exploits and fixes ACTIVE MONITORING OF BACKEND BLACKLIST WHITELIST BLOCK SHIELD MODE ROBUST PROTECTION OF WEB APPLICATIONS THROUGH AUTOMATIC UPDATES AND SIMPLE DIY TOOLS
CLOUD SECURE The application-aware firewall
APPLICATION AWARE DECENTRALIZED CONTROL AND DATA PLANES RATE LIMITING VIRTUAL PATCHING CUSTOM SECURITY RULES BLACKLISTING WHITELISTING KEY FEATURES
WEBSCALE ENTERPRISE CLOUD SECURITY More than just an application-aware firewall
BENEFITS MITIGATE DDoS ATTACKS PCI-DSS COMPLIANT REAL-TIME ACCESS CONTROL PROTECT AGAINST OWASP TOP 10 TRUE CLOUD SAAS BEST-IN-CLASS HTTPS SUPPORT
CHALLENGES • Reduce DDoS attacks to eliminate downtime and outages • Manage scale out capacity and associated costs PROCESS RESULTSSOLUTION RESULTS Deployed Webscale Pro • Comprehensive DDoS protection • PCI-DSS compliant • Predictive auto-scaling • Disaster Recovery • Uptime increased 100% • Cost of IT Infrastructure management reduced by 60% • Protection against external web threats The amount of support we receive from Webscale is unprecedented. Their proactive support team has an answer for me before I even call, because they are constantly monitoring our systems. INDUSTRY Online Stores APPLICATION E-Commerce MONTHLY VISITS 440,000 RESCUED FROM Peer1 CASE STUDY: EVENT NETWORK A leading operator of over 100 online gift shops for cultural centers.
• Integration, deployment, configuration and management of web application through unified portal • Apply custom rulesets • Monitor access control • Traffic visualization • Real-time application status UNIFIED PORTAL
• Web controls - Manage how the web application responds to Web Requests (traffic) • Each control consists of a set of conditions that when true will cause the ADC (data plane) to execute whatever actions are associated with the control • EXAMPLE: Redirects, denying requests, routing to alternate servers or clusters • Cloud controls - Detect Conditions within the Application and its Infrastructure • Webscale applies an automated control to alter the Application Infrastructure in response to the detected condition. • EXAMPLE: Scale out when increase in response times or shortfall in CPU or network capacity is detected WEBSCALE WEB AND CLOUD CONTROLS THE FASTEST, EASIEST WAY TO ALIGN SECURITY AND PERFORMANCE
WEBSCALE UNIFIED PORTAL
MAIN PAGE AND APPLICATION VIEW
ADDING BLACKLIST/WHITELIST RULES
ADD NEW HOSTNAMES IN SECONDS
EASILY ADD TRAFFIC RELATED CONTROLS
THANK YOU

Recommended

Kona Site Defender Product Brief - Multi-layered defense to protect websites ...
Kona Site Defender Product Brief - Multi-layered defense to protect websites ...Kona Site Defender Product Brief - Multi-layered defense to protect websites ...
Kona Site Defender Product Brief - Multi-layered defense to protect websites ...
Akamai Technologies
 
Cloudflare Speed Week Recap
Cloudflare Speed Week RecapCloudflare Speed Week Recap
Cloudflare Speed Week Recap
Cloudflare
 
Protect Your Data and Apps in the Public Cloud
Protect Your Data and Apps in the Public CloudProtect Your Data and Apps in the Public Cloud
Protect Your Data and Apps in the Public Cloud
Imperva
 
Fight bad bot on the internet
Fight bad bot on the internetFight bad bot on the internet
Fight bad bot on the internet
Cloudflare
 
F5 Offers Advanced Web Security With BIG-IP v10.1
F5 Offers Advanced Web Security With BIG-IP v10.1F5 Offers Advanced Web Security With BIG-IP v10.1
F5 Offers Advanced Web Security With BIG-IP v10.1
DSorensenCPR
 
AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...
AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...
AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...
Amazon Web Services
 
Dissecting ssl threats
Dissecting ssl threatsDissecting ssl threats
Dissecting ssl threats
Zscaler
 
3 Reasons You Need Proactive Protection Against Malware
3 Reasons You Need Proactive Protection Against Malware3 Reasons You Need Proactive Protection Against Malware
3 Reasons You Need Proactive Protection Against Malware
Akamai Technologies
 

Recommended

Kona Site Defender Product Brief - Multi-layered defense to protect websites ...
Kona Site Defender Product Brief - Multi-layered defense to protect websites ...Kona Site Defender Product Brief - Multi-layered defense to protect websites ...
Kona Site Defender Product Brief - Multi-layered defense to protect websites ...
Akamai Technologies
 
Cloudflare Speed Week Recap
Cloudflare Speed Week RecapCloudflare Speed Week Recap
Cloudflare Speed Week Recap
Cloudflare
 
Protect Your Data and Apps in the Public Cloud
Protect Your Data and Apps in the Public CloudProtect Your Data and Apps in the Public Cloud
Protect Your Data and Apps in the Public Cloud
Imperva
 
Fight bad bot on the internet
Fight bad bot on the internetFight bad bot on the internet
Fight bad bot on the internet
Cloudflare
 
F5 Offers Advanced Web Security With BIG-IP v10.1
F5 Offers Advanced Web Security With BIG-IP v10.1F5 Offers Advanced Web Security With BIG-IP v10.1
F5 Offers Advanced Web Security With BIG-IP v10.1
DSorensenCPR
 
AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...
AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...
AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...
Amazon Web Services
 
Dissecting ssl threats
Dissecting ssl threatsDissecting ssl threats
Dissecting ssl threats
Zscaler
 
3 Reasons You Need Proactive Protection Against Malware
3 Reasons You Need Proactive Protection Against Malware3 Reasons You Need Proactive Protection Against Malware
3 Reasons You Need Proactive Protection Against Malware
Akamai Technologies
 
Getting Started with Sitelock on ResellerClub
Getting Started with Sitelock on ResellerClubGetting Started with Sitelock on ResellerClub
Getting Started with Sitelock on ResellerClub
ResellerClub
 
The cyber house of horrors - securing the expanding attack surface
The cyber house of horrors - securing the expanding attack surfaceThe cyber house of horrors - securing the expanding attack surface
The cyber house of horrors - securing the expanding attack surface
Jason Bloomberg
 
Top Five Security Must-Haves for Office 365
Top Five Security Must-Haves for Office 365Top Five Security Must-Haves for Office 365
Top Five Security Must-Haves for Office 365
Imperva
 
Leveraging Technology for Government Service Delivery
Leveraging Technology for Government Service DeliveryLeveraging Technology for Government Service Delivery
Leveraging Technology for Government Service Delivery
eGov Magazine
 
Why you should replace your d do s hardware appliance
Why you should replace your d do s hardware applianceWhy you should replace your d do s hardware appliance
Why you should replace your d do s hardware appliance
Cloudflare
 
Andrew Useckas Csa presentation hacking custom webapps 4 3
Andrew Useckas Csa presentation hacking custom webapps 4 3Andrew Useckas Csa presentation hacking custom webapps 4 3
Andrew Useckas Csa presentation hacking custom webapps 4 3
Trish McGinity, CCSK
 
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCThe Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
Cloudflare
 
Kona Web Application Firewall Product Brief - Application-layer defense to pr...
Kona Web Application Firewall Product Brief - Application-layer defense to pr...Kona Web Application Firewall Product Brief - Application-layer defense to pr...
Kona Web Application Firewall Product Brief - Application-layer defense to pr...
Akamai Technologies
 
Top 10 web application security risks akash mahajan
Top 10 web application security risks akash mahajanTop 10 web application security risks akash mahajan
Top 10 web application security risks akash mahajan
Akash Mahajan
 
F5 ASM HEALTH CHECKS
F5 ASM HEALTH CHECKSF5 ASM HEALTH CHECKS
F5 ASM HEALTH CHECKS
Marco Essomba
 
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
CA Technologies
 
Zero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastZero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fast
Cloudflare
 
3 Reasons It's Time for a New Remote Access Model
3 Reasons It's Time for a New Remote Access Model3 Reasons It's Time for a New Remote Access Model
3 Reasons It's Time for a New Remote Access Model
Akamai Technologies
 
Three Key Steps for Moving Your Branches to the Cloud
Three Key Steps for Moving Your Branches to the CloudThree Key Steps for Moving Your Branches to the Cloud
Three Key Steps for Moving Your Branches to the Cloud
Zscaler
 
A DevOps Guide to Web Application Security
A DevOps Guide to Web Application SecurityA DevOps Guide to Web Application Security
A DevOps Guide to Web Application Security
Imperva Incapsula
 
Advanced Threat protection – Digital Era - Ajit Pillai, Director Sales – Indi...
Advanced Threat protection – Digital Era - Ajit Pillai, Director Sales – Indi...Advanced Threat protection – Digital Era - Ajit Pillai, Director Sales – Indi...
Advanced Threat protection – Digital Era - Ajit Pillai, Director Sales – Indi...
eGov Magazine
 
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...
Cloudflare
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud Journey
Cloudflare
 
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons Learned
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons LearnedAWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons Learned
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons Learned
AWS Summits
 
Don't Get Schooled: Performance and Security Tips from a Leading Education Sa...
Don't Get Schooled: Performance and Security Tips from a Leading Education Sa...Don't Get Schooled: Performance and Security Tips from a Leading Education Sa...
Don't Get Schooled: Performance and Security Tips from a Leading Education Sa...
Meghan Weinreich
 
Losing money because of your web hosting provider?
Losing money because of your web hosting provider? Losing money because of your web hosting provider?
Losing money because of your web hosting provider?
Webscale Networks
 
Radware - WAF (Web Application Firewall)
Radware - WAF (Web Application Firewall)Radware - WAF (Web Application Firewall)
Radware - WAF (Web Application Firewall)
Deivid Toledo
 

More Related Content

What's hot

Getting Started with Sitelock on ResellerClub
Getting Started with Sitelock on ResellerClubGetting Started with Sitelock on ResellerClub
Getting Started with Sitelock on ResellerClub
ResellerClub
 
The cyber house of horrors - securing the expanding attack surface
The cyber house of horrors - securing the expanding attack surfaceThe cyber house of horrors - securing the expanding attack surface
The cyber house of horrors - securing the expanding attack surface
Jason Bloomberg
 
Top Five Security Must-Haves for Office 365
Top Five Security Must-Haves for Office 365Top Five Security Must-Haves for Office 365
Top Five Security Must-Haves for Office 365
Imperva
 
Leveraging Technology for Government Service Delivery
Leveraging Technology for Government Service DeliveryLeveraging Technology for Government Service Delivery
Leveraging Technology for Government Service Delivery
eGov Magazine
 
Why you should replace your d do s hardware appliance
Why you should replace your d do s hardware applianceWhy you should replace your d do s hardware appliance
Why you should replace your d do s hardware appliance
Cloudflare
 
Andrew Useckas Csa presentation hacking custom webapps 4 3
Andrew Useckas Csa presentation hacking custom webapps 4 3Andrew Useckas Csa presentation hacking custom webapps 4 3
Andrew Useckas Csa presentation hacking custom webapps 4 3
Trish McGinity, CCSK
 
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCThe Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
Cloudflare
 
Kona Web Application Firewall Product Brief - Application-layer defense to pr...
Kona Web Application Firewall Product Brief - Application-layer defense to pr...Kona Web Application Firewall Product Brief - Application-layer defense to pr...
Kona Web Application Firewall Product Brief - Application-layer defense to pr...
Akamai Technologies
 
Top 10 web application security risks akash mahajan
Top 10 web application security risks akash mahajanTop 10 web application security risks akash mahajan
Top 10 web application security risks akash mahajan
Akash Mahajan
 
F5 ASM HEALTH CHECKS
F5 ASM HEALTH CHECKSF5 ASM HEALTH CHECKS
F5 ASM HEALTH CHECKS
Marco Essomba
 
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
CA Technologies
 
Zero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastZero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fast
Cloudflare
 
3 Reasons It's Time for a New Remote Access Model
3 Reasons It's Time for a New Remote Access Model3 Reasons It's Time for a New Remote Access Model
3 Reasons It's Time for a New Remote Access Model
Akamai Technologies
 
Three Key Steps for Moving Your Branches to the Cloud
Three Key Steps for Moving Your Branches to the CloudThree Key Steps for Moving Your Branches to the Cloud
Three Key Steps for Moving Your Branches to the Cloud
Zscaler
 
A DevOps Guide to Web Application Security
A DevOps Guide to Web Application SecurityA DevOps Guide to Web Application Security
A DevOps Guide to Web Application Security
Imperva Incapsula
 
Advanced Threat protection – Digital Era - Ajit Pillai, Director Sales – Indi...
Advanced Threat protection – Digital Era - Ajit Pillai, Director Sales – Indi...Advanced Threat protection – Digital Era - Ajit Pillai, Director Sales – Indi...
Advanced Threat protection – Digital Era - Ajit Pillai, Director Sales – Indi...
eGov Magazine
 
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...
Cloudflare
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud Journey
Cloudflare
 
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons Learned
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons LearnedAWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons Learned
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons Learned
AWS Summits
 
Don't Get Schooled: Performance and Security Tips from a Leading Education Sa...
Don't Get Schooled: Performance and Security Tips from a Leading Education Sa...Don't Get Schooled: Performance and Security Tips from a Leading Education Sa...
Don't Get Schooled: Performance and Security Tips from a Leading Education Sa...
Meghan Weinreich
 

What's hot (20)

Getting Started with Sitelock on ResellerClub
Getting Started with Sitelock on ResellerClubGetting Started with Sitelock on ResellerClub
Getting Started with Sitelock on ResellerClub
 
The cyber house of horrors - securing the expanding attack surface
The cyber house of horrors - securing the expanding attack surfaceThe cyber house of horrors - securing the expanding attack surface
The cyber house of horrors - securing the expanding attack surface
 
Top Five Security Must-Haves for Office 365
Top Five Security Must-Haves for Office 365Top Five Security Must-Haves for Office 365
Top Five Security Must-Haves for Office 365
 
Leveraging Technology for Government Service Delivery
Leveraging Technology for Government Service DeliveryLeveraging Technology for Government Service Delivery
Leveraging Technology for Government Service Delivery
 
Why you should replace your d do s hardware appliance
Why you should replace your d do s hardware applianceWhy you should replace your d do s hardware appliance
Why you should replace your d do s hardware appliance
 
Andrew Useckas Csa presentation hacking custom webapps 4 3
Andrew Useckas Csa presentation hacking custom webapps 4 3Andrew Useckas Csa presentation hacking custom webapps 4 3
Andrew Useckas Csa presentation hacking custom webapps 4 3
 
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDCThe Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC
 
Kona Web Application Firewall Product Brief - Application-layer defense to pr...
Kona Web Application Firewall Product Brief - Application-layer defense to pr...Kona Web Application Firewall Product Brief - Application-layer defense to pr...
Kona Web Application Firewall Product Brief - Application-layer defense to pr...
 
Top 10 web application security risks akash mahajan
Top 10 web application security risks akash mahajanTop 10 web application security risks akash mahajan
Top 10 web application security risks akash mahajan
 
F5 ASM HEALTH CHECKS
F5 ASM HEALTH CHECKSF5 ASM HEALTH CHECKS
F5 ASM HEALTH CHECKS
 
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
Pre-Con Ed: Privileged Identity Governance: Are You Certifying Privileged Use...
 
Zero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastZero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fast
 
3 Reasons It's Time for a New Remote Access Model
3 Reasons It's Time for a New Remote Access Model3 Reasons It's Time for a New Remote Access Model
3 Reasons It's Time for a New Remote Access Model
 
Three Key Steps for Moving Your Branches to the Cloud
Three Key Steps for Moving Your Branches to the CloudThree Key Steps for Moving Your Branches to the Cloud
Three Key Steps for Moving Your Branches to the Cloud
 
A DevOps Guide to Web Application Security
A DevOps Guide to Web Application SecurityA DevOps Guide to Web Application Security
A DevOps Guide to Web Application Security
 
Advanced Threat protection – Digital Era - Ajit Pillai, Director Sales – Indi...
Advanced Threat protection – Digital Era - Ajit Pillai, Director Sales – Indi...Advanced Threat protection – Digital Era - Ajit Pillai, Director Sales – Indi...
Advanced Threat protection – Digital Era - Ajit Pillai, Director Sales – Indi...
 
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud Journey
 
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons Learned
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons LearnedAWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons Learned
AWS Summit Singapore 2019 | Banking in the Cloud: 10 Lessons Learned
 
Don't Get Schooled: Performance and Security Tips from a Leading Education Sa...
Don't Get Schooled: Performance and Security Tips from a Leading Education Sa...Don't Get Schooled: Performance and Security Tips from a Leading Education Sa...
Don't Get Schooled: Performance and Security Tips from a Leading Education Sa...
 

Similar to Webscale webinar about Web Application Firewall

Losing money because of your web hosting provider?
Losing money because of your web hosting provider? Losing money because of your web hosting provider?
Losing money because of your web hosting provider?
Webscale Networks
 
Radware - WAF (Web Application Firewall)
Radware - WAF (Web Application Firewall)Radware - WAF (Web Application Firewall)
Radware - WAF (Web Application Firewall)
Deivid Toledo
 
SolarWinds Federal Webinar - Maximizing Your Deployment with Appstack (Jan2016)
SolarWinds Federal Webinar - Maximizing Your Deployment with Appstack (Jan2016)SolarWinds Federal Webinar - Maximizing Your Deployment with Appstack (Jan2016)
SolarWinds Federal Webinar - Maximizing Your Deployment with Appstack (Jan2016)
hayesct
 
SolarWinds Federal Webinar - Maximizing Your Deployment with Appstack (Jan2016)
SolarWinds Federal Webinar - Maximizing Your Deployment with Appstack (Jan2016)SolarWinds Federal Webinar - Maximizing Your Deployment with Appstack (Jan2016)
SolarWinds Federal Webinar - Maximizing Your Deployment with Appstack (Jan2016)
SolarWinds
 
A business driven approach to security policy management a technical perspec...
A business driven approach to security policy management a technical perspec...A business driven approach to security policy management a technical perspec...
A business driven approach to security policy management a technical perspec...
AlgoSec
 
AWS Summit Manila - Opening Keynote by Dr. Werner Vogels
AWS Summit Manila - Opening Keynote by Dr. Werner Vogels AWS Summit Manila - Opening Keynote by Dr. Werner Vogels
AWS Summit Manila - Opening Keynote by Dr. Werner Vogels
Amazon Web Services
 
F5 Synthesis Toronto February 2014 Roadshow
F5 Synthesis Toronto February 2014 RoadshowF5 Synthesis Toronto February 2014 Roadshow
F5 Synthesis Toronto February 2014 Roadshow
patmisasi
 
Cloud vs. On-Premises Security: Can you afford not to switch?
Cloud vs. On-Premises Security: Can you afford not to switch?Cloud vs. On-Premises Security: Can you afford not to switch?
Cloud vs. On-Premises Security: Can you afford not to switch?
Zscaler
 
Cloud flare issa_annual_summit_june_5_2015
Cloud flare issa_annual_summit_june_5_2015Cloud flare issa_annual_summit_june_5_2015
Cloud flare issa_annual_summit_june_5_2015
ISSA LA
 
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...
NetworkCollaborators
 
ciscothousandeyesusecase
ciscothousandeyesusecaseciscothousandeyesusecase
ciscothousandeyesusecase
RENJITHKNAIR5
 
Prevent threats With Analytics Driven Web Application Firewall
Prevent threats With Analytics Driven Web Application FirewallPrevent threats With Analytics Driven Web Application Firewall
Prevent threats With Analytics Driven Web Application Firewall
Avi Networks
 
Developing Modern Applications in the Cloud
Developing Modern Applications in the CloudDeveloping Modern Applications in the Cloud
Developing Modern Applications in the Cloud
Cobus Bernard
 
Novinky F5 pro rok 2018
Novinky F5 pro rok 2018Novinky F5 pro rok 2018
Novinky F5 pro rok 2018
MarketingArrowECS_CZ
 
Sam Herath - Six Critical Criteria for Cloud Workload Security
Sam Herath - Six Critical Criteria for Cloud Workload SecuritySam Herath - Six Critical Criteria for Cloud Workload Security
Sam Herath - Six Critical Criteria for Cloud Workload Security
centralohioissa
 
The Imperative for Visibility into Cloud Native Web Services Traffic
The Imperative for Visibility into Cloud Native Web Services TrafficThe Imperative for Visibility into Cloud Native Web Services Traffic
The Imperative for Visibility into Cloud Native Web Services Traffic
DevOps.com
 
The simplest cloud migration in the world by Webscale
The simplest cloud migration in the world by WebscaleThe simplest cloud migration in the world by Webscale
The simplest cloud migration in the world by Webscale
Webscale Networks
 
Sangfor's Presentation.pdf
Sangfor's Presentation.pdfSangfor's Presentation.pdf
Sangfor's Presentation.pdf
ssusera76ea9
 
TitanHQ WebTitan Web Filtering Presentation at Wifi Now London 2016 - DNS Fil...
TitanHQ WebTitan Web Filtering Presentation at Wifi Now London 2016 - DNS Fil...TitanHQ WebTitan Web Filtering Presentation at Wifi Now London 2016 - DNS Fil...
TitanHQ WebTitan Web Filtering Presentation at Wifi Now London 2016 - DNS Fil...
Dryden Geary
 

Similar to Webscale webinar about Web Application Firewall (20)

Losing money because of your web hosting provider?
Losing money because of your web hosting provider? Losing money because of your web hosting provider?
Losing money because of your web hosting provider?
 
Radware - WAF (Web Application Firewall)
Radware - WAF (Web Application Firewall)Radware - WAF (Web Application Firewall)
Radware - WAF (Web Application Firewall)
 
SolarWinds Federal Webinar - Maximizing Your Deployment with Appstack (Jan2016)
SolarWinds Federal Webinar - Maximizing Your Deployment with Appstack (Jan2016)SolarWinds Federal Webinar - Maximizing Your Deployment with Appstack (Jan2016)
SolarWinds Federal Webinar - Maximizing Your Deployment with Appstack (Jan2016)
 
SolarWinds Federal Webinar - Maximizing Your Deployment with Appstack (Jan2016)
SolarWinds Federal Webinar - Maximizing Your Deployment with Appstack (Jan2016)SolarWinds Federal Webinar - Maximizing Your Deployment with Appstack (Jan2016)
SolarWinds Federal Webinar - Maximizing Your Deployment with Appstack (Jan2016)
 
A business driven approach to security policy management a technical perspec...
A business driven approach to security policy management a technical perspec...A business driven approach to security policy management a technical perspec...
A business driven approach to security policy management a technical perspec...
 
AWS Summit Manila - Opening Keynote by Dr. Werner Vogels
AWS Summit Manila - Opening Keynote by Dr. Werner Vogels AWS Summit Manila - Opening Keynote by Dr. Werner Vogels
AWS Summit Manila - Opening Keynote by Dr. Werner Vogels
 
F5 Synthesis Toronto February 2014 Roadshow
F5 Synthesis Toronto February 2014 RoadshowF5 Synthesis Toronto February 2014 Roadshow
F5 Synthesis Toronto February 2014 Roadshow
 
Cloud vs. On-Premises Security: Can you afford not to switch?
Cloud vs. On-Premises Security: Can you afford not to switch?Cloud vs. On-Premises Security: Can you afford not to switch?
Cloud vs. On-Premises Security: Can you afford not to switch?
 
Cloud flare issa_annual_summit_june_5_2015
Cloud flare issa_annual_summit_june_5_2015Cloud flare issa_annual_summit_june_5_2015
Cloud flare issa_annual_summit_june_5_2015
 
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...
Cisco Connect 2018 Thailand - Enabling the next gen data center transformatio...
 
ciscothousandeyesusecase
ciscothousandeyesusecaseciscothousandeyesusecase
ciscothousandeyesusecase
 
Solution Brief
Solution BriefSolution Brief
Solution Brief
 
Prevent threats With Analytics Driven Web Application Firewall
Prevent threats With Analytics Driven Web Application FirewallPrevent threats With Analytics Driven Web Application Firewall
Prevent threats With Analytics Driven Web Application Firewall
 
Developing Modern Applications in the Cloud
Developing Modern Applications in the CloudDeveloping Modern Applications in the Cloud
Developing Modern Applications in the Cloud
 
Novinky F5 pro rok 2018
Novinky F5 pro rok 2018Novinky F5 pro rok 2018
Novinky F5 pro rok 2018
 
Sam Herath - Six Critical Criteria for Cloud Workload Security
Sam Herath - Six Critical Criteria for Cloud Workload SecuritySam Herath - Six Critical Criteria for Cloud Workload Security
Sam Herath - Six Critical Criteria for Cloud Workload Security
 
The Imperative for Visibility into Cloud Native Web Services Traffic
The Imperative for Visibility into Cloud Native Web Services TrafficThe Imperative for Visibility into Cloud Native Web Services Traffic
The Imperative for Visibility into Cloud Native Web Services Traffic
 
The simplest cloud migration in the world by Webscale
The simplest cloud migration in the world by WebscaleThe simplest cloud migration in the world by Webscale
The simplest cloud migration in the world by Webscale
 
Sangfor's Presentation.pdf
Sangfor's Presentation.pdfSangfor's Presentation.pdf
Sangfor's Presentation.pdf
 
TitanHQ WebTitan Web Filtering Presentation at Wifi Now London 2016 - DNS Fil...
TitanHQ WebTitan Web Filtering Presentation at Wifi Now London 2016 - DNS Fil...TitanHQ WebTitan Web Filtering Presentation at Wifi Now London 2016 - DNS Fil...
TitanHQ WebTitan Web Filtering Presentation at Wifi Now London 2016 - DNS Fil...
 

Recently uploaded

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Inflectra
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
Frank van Harmelen
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
Product School
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
Abida Shariff
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
Bhaskar Mitra
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
Cheryl Hung
 

Recently uploaded (20)

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 

Webscale webinar about Web Application Firewall

  • 1. WEBSCALE WEBINAR Hackers are smart. Time to be smarter. Jay Smith| Founder & CTO, Webscale Sonal Puri | CEO, Webscale Your hosts: 10th October, 2017
  • 2. • EVOLUTION OF WEB APPLICATIONS • INTRODUCTION TO WEB APPLICATION FIREWALL (WAF) • WHY WAF • WEB APPLICATION THREATS • A BRIEF INTRODUCTION TO WEBSCALE • WEBSCALE CLOUD SECURE • WEBSCALE UNIFIED PORTAL AGENDA
  • 3. EVOLUTION OF WEB APPLICATIONS
  • 4. 1997 1999 2001 2003 CDN 1.0 | CACHING EDGE DELIVERY ROUTE OPTIMIZATION PEERING POINTS APP SERVER INTERNET CLOUD • Peering Points • Server Overload • Bandwidth Cost PROBLEMS • Performance BUSINESS REQUIREMENTS WEB 1.0 | STATIC
  • 5. 2005 2007 2009 2011 MOBILE OPTIMIZATION EDGE INTELLIGENCE FRONT END OPTIMIZATION • Connectivity • Edge to Device • Increasing Dynamic Content PROBLEMS • Performance • Availability BUSINESS REQUIREMENTS CACHE WEB 2.0 | DYNAMIC DYNAMIC CONTENT RICH MEDIA
  • 6. 2013 2015 2017 2019 COMMODITY CDN UTILITY CLOUD INFINITELY SCALEABLE APPS BIG DATA HTTP/2 • Application & Infrastructure • Dynamic Content Problems • Performance • Availability • Security Business Requirements WEB 3.0 | INTERACTIVE
  • 8. User 1 | SAFE User 2 | SAFE User 3 | UNSAFE Web Application Firewall Identifies and blocks malicious web traffic and requests User 1 User 2 x Web Application Server WHAT IS A WAF ?
  • 9. Internet Web Application Firewall Network Firewall Non HTTP Attacks HTTP Attacks NETWORK FIREWALL VS. WAF NETWORK FIREWALL WEB APPLICATION FIREWALL • Layer 3 (Network) & 4 (Transport) • Authorization decisions based on source & destination IP addresses, protocol type & port numbers • Susceptible to exploits like buffer overruns, IP spoofing, ICMP tunneling • Layer 7 (Application Layer) • Scans transmitted data for malicious content • Acts as reverse proxy to application servers • Less susceptible to attacks
  • 11. 75%Percentage of all cyber attacks targeting web applications - Gartner 4BNumber of records leaked in 2016 - IBM 32%Growth in number of hacked sites in 2016 - Google After Joomla, WordPress accounted for 10% and Magento with 7% of all web application attacks. WEB APPLICATION ATTACKS 70%Retailers take days or longer to investigate the source of attack - RSA 25%Percentage of all web application attacks targeting Joomla- AlertLogic 88MAttacks ecommerce industry experienced in Q2’17 - ThreatMatrix
  • 12. Application Security • Application Vulnerabilities • OWASP Top 10 Protection • DDoS Mitigation Proactive Defense • IP Black/White Listing • Geo Blocking Application Performance • SSL Offload • Caching Compliance • Logging and reporting • Visibility WHY WAF ?
  • 14. Overwhelming a site with requests for information, severely slowing the operation of a website or bringing it down entirely. Inserting JavaScript in the pages of a trusted site to completely alter its contents. Jumping into the session of another user, reading information as it passes between the user and the server. Allows attackers to trick users into performing actions without their knowledge. Injecting malicious SQL statements into the site to trick the interpreter into executing unintended commands or accessing data without proper authorization. SQL INJECTION DENIAL OF SERVICE CROSS SITE SCRIPTING SESSION HIJACKING CROSS-SITE REQUEST FORGERY (CSRF) COMMON WEB APPLICATION THREATS
  • 15. EQUIFAX DATA BREACH One of the most significant data breaches in recent history with social security numbers of 143 million Americans potentially compromised. RECENT CYBER ATTACKS WANNACRY RANSOMWARE Largest online extortion attack ever recorded that crippled government and infrastructure in more than 150 countries. NOTPETYA MALWARE Like WannaCry ransomware, NotPetya malware also exploited EternalBlue vulnerability in Microsoft Windows that caused serious disruption at large firms in Europe and the US. HBO DATA HACK Hackers obtained all of HBO’s social media logins, GIPHY credentials, and leaked scripts and episodes of their most popular series – Game of Thrones.
  • 16. • Cyber attacks continue to grow in size, complexity, and frequency • Mobile & IoT are emerging to be the new cybercrime targets • Ransomware and other advanced threats are target retailers • Attacks are evolving from isolated attacks on large organizations to networked attacks targeting multiple key infrastructures and organizations • Increasing number of attacks appearing from emerging and growth economies • Businesses in the US continue to be the target of attacks from cybercriminals across the globe EMERGING TRENDS IN CYBER SECURITY 16
  • 17. TOP ECOMMERCE SEGMENTS AFFECTED BY FRAUD 17 19% 15% 13% 10% 4% 4% 2% Money Transfer Travel Business Services Electronics Fashion Entertainment Casino & Gambling Source: RSA 2017 Global Fraud and Cybercrime Report
  • 18. FIVE STEPS TO STRONGER PROTECTION Implement a robust security solution Continuous assessment for vulnerabilities Conduct regular audits and trainings Incident response and disaster recovery plan Enable role based access controls
  • 20. A BRIEF HISTORY NPS Score 71 In just 4 years, Webscale has migrated more than 600 web applications and ecommerce storefronts to the cloud, delivering performance, availability, security and control to more than 100 customers across 7 countries. Delivering up to 75% reductions in costs while providing up to 50% improvement in site performance, Webscale is the only company focused on delivering a true multi-cloud platform, for complete web application delivery and control to mid-market businesses transacting online. INTRODUCTION TO WEBSCALE
  • 22. WEBSCALE CLOUD SECURE The application-aware WAF
  • 23. • Be Application Aware • Control the Application • Provide fool-proof security without impacting performance • Provide Custom Security Policies • Support Multi-Cloud Requirements • Provide Real Time Analytics • Be Protected from known and unknown threats including Bots • Be Multi-tenant NOT ALL WAFS ARE CREATED EQUAL A robust WAF must:
  • 24. SAMPLE VERTICAL: E-COMMERCE THE IMPORTANCE OF APPLICATION AWARENESS 600+ storefronts deployed across these and other platforms 42% of web application attacks Real-time learning across large customer base creates deep understanding of known exploits and fixes ACTIVE MONITORING OF BACKEND BLACKLIST WHITELIST BLOCK SHIELD MODE ROBUST PROTECTION OF WEB APPLICATIONS THROUGH AUTOMATIC UPDATES AND SIMPLE DIY TOOLS
  • 27. WEBSCALE ENTERPRISE CLOUD SECURITY More than just an application-aware firewall
  • 28. BENEFITS MITIGATE DDoS ATTACKS PCI-DSS COMPLIANT REAL-TIME ACCESS CONTROL PROTECT AGAINST OWASP TOP 10 TRUE CLOUD SAAS BEST-IN-CLASS HTTPS SUPPORT
  • 29. CHALLENGES • Reduce DDoS attacks to eliminate downtime and outages • Manage scale out capacity and associated costs PROCESS RESULTSSOLUTION RESULTS Deployed Webscale Pro • Comprehensive DDoS protection • PCI-DSS compliant • Predictive auto-scaling • Disaster Recovery • Uptime increased 100% • Cost of IT Infrastructure management reduced by 60% • Protection against external web threats The amount of support we receive from Webscale is unprecedented. Their proactive support team has an answer for me before I even call, because they are constantly monitoring our systems. INDUSTRY Online Stores APPLICATION E-Commerce MONTHLY VISITS 440,000 RESCUED FROM Peer1 CASE STUDY: EVENT NETWORK A leading operator of over 100 online gift shops for cultural centers.
  • 30. • Integration, deployment, configuration and management of web application through unified portal • Apply custom rulesets • Monitor access control • Traffic visualization • Real-time application status UNIFIED PORTAL
  • 31. • Web controls - Manage how the web application responds to Web Requests (traffic) • Each control consists of a set of conditions that when true will cause the ADC (data plane) to execute whatever actions are associated with the control • EXAMPLE: Redirects, denying requests, routing to alternate servers or clusters • Cloud controls - Detect Conditions within the Application and its Infrastructure • Webscale applies an automated control to alter the Application Infrastructure in response to the detected condition. • EXAMPLE: Scale out when increase in response times or shortfall in CPU or network capacity is detected WEBSCALE WEB AND CLOUD CONTROLS THE FASTEST, EASIEST WAY TO ALIGN SECURITY AND PERFORMANCE
  • 33. MAIN PAGE AND APPLICATION VIEW
  • 35. ADD NEW HOSTNAMES IN SECONDS
  • 36. EASILY ADD TRAFFIC RELATED CONTROLS

Editor's Notes

  1. By 2020 all apps would be HTTP based
  2. Jay- 7 mins
  3. RANSOMWARE Malicious software that locks down systems, preventing access until the hacker’s monetary demands are met. PHISHING Delivering malware or tricking the user into divulging sensitive information.
  4. Equifax: According to Equifax, hackers exploited a security vulnerability in a U.S.-based application to gain access to consumers’ personal files. The company has not yet said which application or which vulnerability was the source of the unauthorized breach. More on: http://clark.com/personal-finance-credit/equifax-breach-how-to-protect-yourself-from-whats-coming-next/ WannaCry: WannaCry is a ransomware virus that holds computers hostage until the user meets the demands. The WannaCry software infected computers operating on Microsoft and displayed messages demanding users to pay $300 in bitcoin — type of digital currency widely used online. The required payment would typically double to $600 if the first ransom wasn't paid within days and, after a week failed action, all files on the infected computer would be destroyed. The malware paralyzed computers in factories, banks, government agencies and transport systems, hitting 200,000 victims in more than 150 countries. NotPetya: The ransomware takes over computers and demands $300, paid in Bitcoin. The malicious software spreads rapidly across an organization once a computer is infected using the EternalBlue vulnerability in Microsoft Windows (Microsoft has released a patch, but not everyone will have installed it) or through two Windows administrative tools. The malware tries one option and if it doesn’t work, it tries the next one.  When a computer is infected, the ransomware encrypts important documents and files and then demands a ransom, typically in Bitcoin, for a digital key needed to unlock the files. If victims don’t have a recent back-up of the files they must either pay the ransom or face losing all of their files. More on : https://www.theguardian.com/technology/2017/jun/27/petya-ransomware-cyber-attack-who-what-why-how
  5. Multi-cloud: Not every WAF provider is cloud, hardware or CDN agnostic, and chances are, your applications live across two or more of these platforms today. Choosing a provider that limits or restricts your current application strategy with their solution can leave you exposed and bring upon numerous manageability issues when it comes to your application security. Decrypt and inspect SSL and control SSH: Should be able to recognize and decrypt SSL and SSH on any port, inbound or outbound; have policy control over decryption; and offer the necessary hardware and software elements to perform SSL decryption simultaneously across tens of thousands of SSL connections with predictable performance. Provide protection against known and unknown threats: Must first identify the application, determine the functions that should be permitted or blocked, and protect the organization from known and unknown threats, exploits, viruses/malware or spyware. This must be done automatically with near-real time updates to protect from newly discovered threats globally.
  6. Multi-cloud: Not every WAF provider is cloud, hardware or CDN agnostic, and chances are, your applications live across two or more of these platforms today. Choosing a provider that limits or restricts your current application strategy with their solution can leave you exposed and bring upon numerous manageability issues when it comes to your application security. Decrypt and inspect SSL and control SSH: Should be able to recognize and decrypt SSL and SSH on any port, inbound or outbound; have policy control over decryption; and offer the necessary hardware and software elements to perform SSL decryption simultaneously across tens of thousands of SSL connections with predictable performance. Provide protection against known and unknown threats: Must first identify the application, determine the functions that should be permitted or blocked, and protect the organization from known and unknown threats, exploits, viruses/malware or spyware. This must be done automatically with near-real time updates to protect from newly discovered threats globally.
  7. Multi-cloud: Not every WAF provider is cloud, hardware or CDN agnostic, and chances are, your applications live across two or more of these platforms today. Choosing a provider that limits or restricts your current application strategy with their solution can leave you exposed and bring upon numerous manageability issues when it comes to your application security. Decrypt and inspect SSL and control SSH: Should be able to recognize and decrypt SSL and SSH on any port, inbound or outbound; have policy control over decryption; and offer the necessary hardware and software elements to perform SSL decryption simultaneously across tens of thousands of SSL connections with predictable performance. Provide protection against known and unknown threats: Must first identify the application, determine the functions that should be permitted or blocked, and protect the organization from known and unknown threats, exploits, viruses/malware or spyware. This must be done automatically with near-real time updates to protect from newly discovered threats globally.
  8. Multi-cloud: Not every WAF provider is cloud, hardware or CDN agnostic, and chances are, your applications live across two or more of these platforms today. Choosing a provider that limits or restricts your current application strategy with their solution can leave you exposed and bring upon numerous manageability issues when it comes to your application security. Decrypt and inspect SSL and control SSH: Should be able to recognize and decrypt SSL and SSH on any port, inbound or outbound; have policy control over decryption; and offer the necessary hardware and software elements to perform SSL decryption simultaneously across tens of thousands of SSL connections with predictable performance. Provide protection against known and unknown threats: Must first identify the application, determine the functions that should be permitted or blocked, and protect the organization from known and unknown threats, exploits, viruses/malware or spyware. This must be done automatically with near-real time updates to protect from newly discovered threats globally.