The City of Baltimore was under cyber-attack last year, with hackers demanding $76,000 in ransom. Though the city chose not to pay the ransom, the attack still cost them nearly $18 million in damages, and then the city signed up for a $20 million cyber insurance policy.
It’s very evident that cyber-attacks are not only costly in terms of time and money but also bring extensive legal liability with them. According to Juniper Research’s prediction, the cost of a data breach could cross $150 million by 2020.
With the rising cost of data breaches and cyber-attacks, cybersecurity has become a board room conversation on an unprecedented scale. In this ever-connected online world, web application security is the cornerstone of the overall cybersecurity of any company.
When it comes to application security, web application firewall (WAF) based protection has been the first line of defense against web attacks for a while now.
A web application firewall is deployed in front of web applications that aim to intercept the traffic to and from the web servers with the intent of identifying malicious requests and blocking them.
WAF is not a new technology and has been around for a while now, where many organizations have some form of WAF deployed. But unfortunately, the efficacy of WAF remains to be a question. The ever-increasing cost of a data breach, as well as the number of successful web attacks, suggest that WAF, in its traditional form, has not been doing an effective job.
A recent independent study by Ponemon institute further strengthens this claim.
In contrast:
It’s clear the traditional form of WAF is not working, and that’s because:
Hence, there is a need for a better form of defense:
AppTrana is a revolutionary managed solution from Indusface that takes a more comprehensive approach when it comes to application security.
Unlike traditional vendors, AppTrana does not give default rules and ask customer to manage them, instead, it starts with understanding the risk profile of application through its detection module which scans the application for vulnerabilities, based on the detection, rules are written and tweaked to meet the application need ensuring there are no FPs with very little FNs.
Being a wholly managed WAF, the rules are tweaked by AppTrana’s security experts who have years of experience handling WAF security for thousands of sites, so they know what they are doing.
And it does not stop there, the team of experts continuously monitors the security space and keep the rules updated, ensuring all zero-day vulnerabilities are immediately protected. Not only that, in case of FPs due to any new changes in the application, the team would immediately tweak the rules to ensure the issue is immediately resolved without the need for opening up WAF and moving the rules to log mode.
95% of sites start in block mode behind AppTrana from day zero, and all applications move to block mode within 14 days.
Built bottom-up taking advantage of the infinitely scalable cloud infrastructure, AppTrana is built to scale seamlessly to business needs without needing to pre-provision extra infrastructure.
This also means AppTrana can scale effectively to thwart massive DDOS attacks. Not only that being a managed WAF solution, Indusface’s security regularly ensures the rules are up-to-date, providing WAF is effective against the everchanging the threat landscape.
To conclude, Managed Cloud WAF, like AppTrana, is the perfect solution to the problem that traditional WAF deployments face.
With AppTrana customers:
Try out AppTrana Free Trial.