Home Archives Profile Subscribe
IPcalypse: IP collapse or IPcaFUD?
NoScript: Whitelist your way to a safer web experience

Is it time to consider a Web Application Firewall?

Friday, 04 February 2011

Recent WhiteHat Website Security and Verizon Data Breach Investigation reports offer convincing evidence that Web applications remain the primary targets for attackers. Ensuring that your Website is configured securely is hard, especially for sites with dynamic content. Perhaps it's time for your organization to consider a Web application firewall.

In the first of a series of articles at EnterpriseEfficiency.com, I explain what a Web application firewall is, how it is different from a classic Internet firewall, and how to begin the process of incorporating a Web application firewall into your organization's security arsenal.

 

 Huns

Web app firewalls aren't a solution for all app security problems but they are one more means to keep then huns at bay.

Posted at 01:18 PM in Web/Tech | | Comments (0)

Spotlight Posts

  • In new study Interisle Reveals Excessive Withholding of Internet WHOIS Data
    My Interisle colleagues, together with Greg Aaron, have completed an in-depth analysis of the effects of ICANN policy for WHOIS, a public lookup service that has until recently made it possible to identify who registered and controls a domain name. The European Union’s General Data Protection Regulation (GDPR), adopted in May 2018, restricted the publication of personally identifiable data in WHOIS. In response, the Internet Corporation for Assigned Names and Numbers (ICANN) established a new policy, allowing registrars and registry operators to redact (withhold) personally identifiable data from publication in WHOIS. The implementation of this policy has been widely criticized,...
  • New study: Phishing Landscape 2020
    My colleagues Greg Aaron, Dr. Colin Strutt, Lyman Chapin and I have published a new research report, Phishing Landscape 2020: A Study of the Scope and Distribution of Phishing. The report can be found at http://www.interisle.net/PhishingLandscape2020.html Our goal in this study was to capture and analyze a large set of information about phishing attacks, to better understand how much phishing is taking place and where it is taking place, and to see if the data suggests better ways to fight phishing. We studied where phishers are getting the resources they need to perpetrate their crimes — where they obtain domain...
  • Widespread Issues with Domain Registration Accountability Have a COVID Nexus
    My Interisle partners and colleague Greg Aaron have published a detailed study that measures the effectiveness and impact of ICANN's registration data access policies and procedures. This study reveals widespread problems with access to and the reliability of domain name registration data systems (WHOIS). These failures have real-life security implications, which are being seen in the current wave of cybercrime accompanying the COVID-19 pandemic. In our Press Release I make the comment that, “The COVID-19 pandemic has led to a recent explosion of cybercrime, with thousands of new domain names using terms like ‘covid’ or ‘corona’ being used to perpetrate...
  • Report: Criminal Abuse of Domain Names, Bulk Registration and Contact Information Access
    My Interisle Consulting Group colleague, Dr. Colin Strutt and I have published a report, Criminal Abuse of Domain Names: Bulk Registration and Contact Information Access http://interisle.net/criminaldomainabuse.html In this report, we study "bulk registration misuse" by criminal actors. Bulk registrations refers to the practice of rapidly acquiring domain names, using these in an attack, and abandoning them as if they were throw-away ("burner") phones. These domains are a critical resource for cyber criminals. We use reputation block list (RBL) data to reveal how the use of bulk registrations, coupled with the crippling of registration data access by the ICANN Temp Spec...
  • Facts & Figures: Whois Policy Changes Impair Blocklisting Defenses
    Two independently conducted studies demonstrate that the onset of masking Whois contact data has had the direct, corresponding, and ongoing effect of reducing the number of blocklisted domains, dramatically undermining the efficiency of this and other security countermeasures.

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

The comments to this entry are closed.