Introduction Who needs WAF anyway? The Death of WAF? Advanced WAF Why F5?

Similar documents
86% of websites has at least 1 vulnerability and an average of 56 per website WhiteHat Security Statistics Report 2013

F5 comprehensive protection against application attacks. Jakub Sumpich Territory Manager Eastern Europe

Beyond Blind Defense: Gaining Insights from Proactive App Sec

Imperva Incapsula Website Security

Herding Cats. Carl Brothers, F5 Field Systems Engineer

Cyber Attacks and Application - Motivation, Methods and Mitigation. Alfredo Vistola Solution Architect Security, EMEA

Web Applications Security. Radovan Gibala F5 Networks

Intelligent and Secure Network

The Bots Are Coming The Bots Are Coming Scott Taylor Director, Solutions Engineering

F5 Application Security. Radovan Gibala Field Systems Engineer

BIG-IP Application Security Manager : Getting Started. Version 12.1

Configuring BIG-IP ASM v12.1 Application Security Manager

haltdos - Web Application Firewall

Kishin Fatnani. Founder & Director K-Secure. Workshop : Application Security: Latest Trends by Cert-In, 30 th Jan, 2009

Web Application Firewall

The Top 6 WAF Essentials to Achieve Application Security Efficacy

SOLUTION BRIEF. Enabling and Securing Digital Business in API Economy. Protect APIs Serving Business Critical Applications

Application Security. Rafal Chrusciel Senior Security Operations Analyst, F5 Networks

Key Considerations in Choosing a Web Application Firewall

EU GENERAL DATA PROTECTION: TIME TO ACT. Laurent Vanderschrick Channel Manager Belgium & Luxembourg Stefaan Van Hoornick Technical Manager BeNeLux

BIG-IP Application Security Manager : Implementations. Version 13.0

BIG-IP Application Security Manager : Attack and Bot Signatures. Version 13.0

Identiteettien hallinta ja sovellusturvallisuus. Timo Lohenoja, CISPP Systems Engineer, F5 Networks

Zero Trust in Healthcare Centrify Corporations. All Rights Reserved.

Web Application Firewall Subscription on Cyberoam UTM appliances

Application Security through a Hacker s Eyes James Walden Northern Kentucky University

Application and Data Security with F5 BIG-IP ASM and Oracle Database Firewall

We b Ap p A t ac ks. U ser / Iden tity. P hysi ca l 11% Other (VPN, PoS,infra.)

Securing the Modern Data Center with Trend Micro Deep Security

Leading in the compute era

Securing Cloud Applications with a Distributed Web Application Firewall Riverbed Technology

Comprehensive datacenter protection

Provide you with a quick introduction to web application security Increase you awareness and knowledge of security in general Show you that any

Attacks Against Websites 3 The OWASP Top 10. Tom Chothia Computer Security, Lecture 14

Protect your apps and your customers against application layer attacks

Imperva Incapsula Product Overview

Integrated Web Application Firewall (WAF) & Distributed Denial Of Service (DDoS) Mitigation For Today s Enterprises

Q Web Attack Analysis Report

CIS 700/002 : Special Topics : OWASP ZED (ZAP)

OWASP Thailand. Proxy Caches and Web Application Security. OWASP AppSec Asia October 21, Using the Recent Google Docs 0-Day as an Example

THUNDER WEB APPLICATION FIREWALL

Sophos XG Firewall. IP Partners ICT Systems & Services.

Engage with ESRI in the AWS Cloud. Teresa Carlson, VP of Global Public Sector

ADC im Cloud - Zeitalter

Solutions Business Manager Web Application Security Assessment

What can we lose not implementing proper security in our IT environment? Aleksandar Pavlovic Security Account Manager Cisco

Enabling Public Cloud Interconnect Services F5 Application Connector

Future of Database. - Journey to the Cloud. Juan Loaiza Senior Vice President Oracle Database Systems

Release Notes Version 7.8

Positive Security Model for Web Applications, Challenges. Ofer Shezaf OWASP IL Chapter leader CTO, Breach Security

Commercial Product Matrix

Mobile Malfeasance. Exploring Dangerous Mobile Code. Jason Haddix, Director of Penetration Testing

How were the Credit Card Numbers Published on the Web? February 19, 2004

Unified Secure Access Beyond VPN

68% 63% 50% 25% 24% 20% 17% Credit Theft. DDoS. Web Fraud. Cross-site Scripting. SQL Injection. Clickjack. Cross-site Request Forgery.

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Web Application Penetration Testing

How to configure the UTM Web Application Firewall for Microsoft Lync Web Services connectivity

Security

OWASP Top 10. Copyright 2017 Ergon Informatik AG 2/13

Application security : going quicker

Amazon Web Services 101 April 17 th, 2014 Joel Williams Solutions Architect. Amazon.com, Inc. and its affiliates. All rights reserved.

Cyber Security & Ethical Hacking Training. Introduction to Cyber Security Introduction to Cyber Security. Linux Operating System and Networking: LINUX

SOLUTION BRIEF CA API MANAGEMENT. Enable and Protect Your Web Applications From OWASP Top Ten With CA API Management

Panda Security. Corporate Presentation. Gianluca Busco Arré Country Manager

F5 Azure Cloud Try User Guide. F5 Networks, Inc. Rev. September 2016

Penetration Testing. James Walden Northern Kentucky University

PCI DSS Compliance with Riverbed Stingray Traffic Manager and Stingray Application Firewall WHITE PAPER

RETHINKING DATA CENTER SECURITY. Reed Shipley Field Systems Engineer, CISSP State / Local Government & Education

(CNS-301) Citrix NetScaler 11 Advance Implementation

Content Security Policy

Web Security, Summer Term 2012

dotdefender User Guide Applicure Web Application Firewall

PT Unified Application Security Enforcement. ptsecurity.com

Cyber War Chronicles Stories from the Virtual Trenches

Ethical Hacking and Countermeasures: Web Applications, Second Edition. Chapter 3 Web Application Vulnerabilities

HOW CLOUD, MOBILITY AND SHIFTING APP ARCHITECTURES WILL TRANSFORM SECURITY: GAINING THE HOME-COURT ADVANTAGE

GOING WHERE NO WAFS HAVE GONE BEFORE

Maximum Security, Zero Compromise in Availability and Performance

Certified Secure Web Application Engineer

Vulnerability Assessment with Application Security

Dell SonicWALL Secure Mobile Access 8.5. Web Application Firewall Feature Guide

SOLUTION BRIEF FPO. Imperva Simplifies and Automates PCI DSS Compliance

OWASP TOP Release. Andy Willingham June 12, 2018 OWASP Cincinnati

Presenting the VMware NSX ECO System May Geert Bussé Westcon Group Solutions Sales Specialist, Northern Europe

Securing the Cloud. White Paper by Peter Silva

MOBILE SECURITY OVERVIEW. Tim LeMaster

O365 Solutions. Three Phase Approach. Page 1 34

Changing The Conversation: Infrastructure as a Service

WHAT S NEW IN SQL SERVER 2016 REPORTING SERVICES?

SecureSphere Web Application Firewall Test Drive

303 BIG-IP ASM SPECIALIST

RSA Web Threat Detection

Who am I? Sandro Gauci and EnableSecurity Over 8 years in the security industry Published security research papers Tools - SIPVicious and SurfJack

Ransomware & Modern DR: Risky Business

Cloud Computing Private Cloud

AppSpider Enterprise. Getting Started Guide

Integrated Web Application Firewall & Distributed Denial of Service (DDoS) Mitigation Solution

Security Made Simple by Sophos

Micro Focus Fortify Application Security

Transcription:

Introduction Who needs WAF anyway? The Death of WAF? Advanced WAF Why F5?

https://laurent22.github.io/so-injections/

https://laurent22.github.io/so-injections/

13 major airlines flight information credit card personal data 1,5 year

http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/

https://www.paloaltonetworks.com/content/dam/paloaltonetworkscom/en_us/assets/pdf/tech-briefs/paloaltonetworks-vs-waf.pdf

BIG-IP ASM extends protection to more than application vulnerabilities Attack Visibility & Logging Data Leak Protection Automatic Policy Builiding (Dynamic configuration) Stop bad Users (Device ID) Protect Web/API from L7 Attack Prevent Bot Attack (DDOS, VA tools, web scraping, brute force, etc.)

1 Automatic Policy Building.exe /admin/wp-admin /login.php?name=jerrick; ls /etc/ Server Technologies URLs & File Types Parameters Cookies /images/banner.jpg /login.php /css/design.css /app/app.php /js/jquery.js name={alphanumeric, len=16} address={any char, len=100} file={multipart/form-data, maxsize=10mb} price={numeric, tampering protection=on, len=10 } Cookie: name=value Cookie:JSESSIONID=1A5306372... Cookie: price=399;total=1399 (+) sec model : enforcing legitimate traffic only

2 Protect Web/API from Known Attack /etc/passwd OR 1=1 --; %2527%2BOR%2B1%253D1%2B%2523; OR 1=1 --; OWASP top 10 Parser Attacks Buffer overflows Zero-day attacks CSRF Cross-site scripting Parameter tampering Evasion technique Forceful browsing Information Leakage Malformed headers Session Hijacking SQL injections Command injection RFI Many more (-) sec model : protecting against known attacks

3 Prevent Bot Attack 29% 48% Traffic generated by Humans 48% 23% Traffic generated by Good Bots like Bing, Google Bot 29% Traffic generated by Bad Bots like scanners, password guessing 23% Humans Good Bots Bad Bots Incapsula Bot Traffic Report 2016

3 Prevent Bot Attack Validate bot or human on initial site access Bad Bot Differentiate good bots and bad bots Good Bot Scraping and brute force protection Human Real time challenge (js and captcha)

4 Stop Bad Users Stop unique device/browser access (Browser fingerprinting) Stop users/sessions that trigger violation (session tracking) Persistent Attacker Anonymous Proxy Vulnerability Scanner Stop users with bad IP reputation Stop users from specific country/region (Geolocation)

4 Stop Bad Users

5 Mask Sensitive Data Cc=#### #### #### #### Cc=4012 8888 9999 1881

6 See Hostile Traffic

6 See Hostile Traffic

Allow TCP/80, TCP/443 Regular user Web server App server DB server Network Firewall Regular user

Cross-Site Scripting Information Leakage Responsible for 78% of all vulnerabilities 80% Injection 80/20 RULE

WHY F5?

F5 is the only vendor who uses the same product for cloud- based as on-premises, which enables simple policy sharing and improved security effectiveness Virtual Edition Secures applications deployed in Virtualized and IaaS environments Datacenter Appliance Protects business critical applications in the datacenter WAF as a Service Immediately turn on new services or scale existing protections without capital investment and resource requirements

Gartner Magic Quadrant for WAF F5 Networks Positioned as a Leader in 2017 Gartner Magic Quadrant for Web Application Firewalls* F5 is highest in execution within the Leaders Quadrant. * Gartner, Magic Quadrant for Web Application Firewalls, Jeremy D Hoinne, Adam Hils, Claudio Neiva, 7 August 2017 This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from F5 Networks. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Gartner Magic Quadrant for ADC+WAF? Figure 1. Magic Quadrant for Application Delivery Controllers Source: Gartner (August 2016)

Tzoori Tamam F5 WAF Product Manager

DevCentral AskF5/Support ihealth University https://devcentral.f5.com/ https://ask.f5.com/ https://ihealth.f5.com/ https://university.f5.com/

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback