« IPcalypse: IP collapse or IPcaFUD? | Main | NoScript: Whitelist your way to a safer web experience »

Friday, 04 February 2011

Is it time to consider a Web Application Firewall?

Recent WhiteHat Website Security and Verizon Data Breach Investigation reports offer convincing evidence that Web applications remain the primary targets for attackers. Ensuring that your Website is configured securely is hard, especially for sites with dynamic content. Perhaps it's time for your organization to consider a Web application firewall.

In the first of a series of articles at EnterpriseEfficiency.com, I explain what a Web application firewall is, how it is different from a classic Internet firewall, and how to begin the process of incorporating a Web application firewall into your organization's security arsenal.

 

 Huns

Web app firewalls aren't a solution for all app security problems but they are one more means to keep then huns at bay.

Posted at 01:18 PM in Web/Tech |

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Verify your Comment

Previewing your Comment

Posted by:  | 

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been saved. Comments are moderated and will not appear until approved by the author. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment

Comments are moderated, and will not appear until the author has approved them.

Your Information

(Name is required. Email address will not be displayed with the comment.)

Find me on Mastodon and Facebook

Spotlight Posts

  • February 1–April 30, 2025 phishing activity available at the Cybercrime Information Center
    Phishing activity reports for the period February 1–April 30, 2025, are now available at the Cybercrime Information Center. Top 20 rankings of Top-level Domain, Domain Registrar and Hosting operator (by ASN) as well as aggregate records of all operators with phishing activity are available. - Modest declines - Small hosting networks leap into top 20 - Meta and cryptocurrency brands most targeted - .TOP, .XIN and Dominet (HK) remain persistent threats https://interisle.substack.com/p/phishing-trends-february-april-2025
  • Cybercrime Reported in April 2025
    In today's Interisle Insights, Colin Strutt looks at cybercrime activity collected at the Cybercrime Information Center for the month of April 2025.We point out anything that strikes us as particularly interesting in overall numbers as well as significant changes in ranking for Top Level Domains (TLDs), Registrars, and Hosting Networks. Read Cybercrime Reported in April 2025. Interisle Insights is a reader-supported publication. To receive new posts and support our work, consider becoming a free or paid subscriber. Join now!
  • Malware Trends: January - March 2025
    Malware activity reports for the quarter are now posted at the Cybercrime Information Center. Our key statistics show small quarter-over-quarter increases in malicious IP address malware records (Traffic Injectors and Attackware) and unique IPv4 addresses reported as serving or distributing malware, and but meaningful decreases in both endpoint and IoT malware reported. Read Malware Trends: January - March 2025
  • The World's Phishiest Neighborhoods
    In this Interisle Insights article, we take a closer look at our data to better understand what’s hosted at three autonomous systems which have appeared at or near the top in recent quarters. We’ll also review who’s being targeted by these attacks and what corresponding name and address resources are most frequently exploited. Autonomous systems are blocks of Internet addresses, which you can compare to "neighborhoods" in a city. And like any city, some neighborhoods are safe and some are not. The full article, The World's Phishiest Neighborhoods, is hosted here.
  • Interisle Study Reveals Alarming Rise in Online Abuse and Identifies Exploitable Links in Cybercriminal Supply Chains
    My Interisle colleagues and I today published our 2024 Cybercrime Suppy Chain study. We analyzed 16 million cybercrime events to expose a dramatic rise in criminal exploitation of name, address, hosting, and financial supply chains. Our year-over-year findings show that cybercriminals exploit lax policies to easily and cheaply obtain resources for phishing, malware, and spam campaigns. In our report, we provide actionable insights for those aiming to curb cybercrime. Among the major findings in the study, Interisle reports that: The total number of malware, phishing, and spam attacks grew year-over-year by nearly 54%, to nearly 16.3 million attacks. Spam doubled,...

Search

My Photo

Categories