https://store-images.s-microsoft.com/image/apps.8921.1cee1f36-c5c6-45ee-8f4d-03a17035af38.8e3676ca-d620-4442-8e91-2787e84e4bef.2ce6b31d-3d6f-41ed-a147-78d13b73e6a5
Prophaze Web Application Firewall (WAF) for Website and Portals
Prophaze Technologies Pvt Ltd
Prophaze Web Application Firewall (WAF) for Website and Portals
Prophaze Technologies Pvt Ltd
Prophaze Web Application Firewall (WAF) for Website and Portals
Prophaze Technologies Pvt Ltd
Web Application Firewall for Web Portals , Websites , ERP, CMS
The Web application firewall addresses the Open Web Application Security Project (OWASP) Top Ten including others Web application security vulnerabilities.
Injection
Cross-Site Scripting (XSS)
Broken Authentication and Session Management
Insecure Direct Object References
Cross-Site Request Forgery (CSRF)
Security MisconfigurationSSL certificate management.
Machine learning to produce attack reports and analytical graphs.
Offered as a Software-As-A-Service with 24/7/365 support.
SIEM integrations with different SIEM solutions
Definition of custom rules to block or allow access based on client IP and URL.
Capability to monitor and alert on the unavailability of the origin servers on-prem.
Real-time visibility across all types of website security incidents
Real-time visibility of legitimate visits
Complete incident reports and drills down on a per-incident basis
Ability to detect and block back door code installed on-site (backdoor protection)
Custom security rule creation with custom rate limits
Operates in "block" mode by default.
Instant security rule propagation (30seconds max).
Client classification engine to avoid false positives on legitimate users
Ability to use own and vendor-provided SSL certificates
Client CA certificate Support
*******************************
WAF support reverse proxy modes of deployment.
The Web application firewall support both a positive security model and a negative security model.
A negative security model explicitly defines known attack signatures.
Transactions with content matching known attack signatures are blocked.
The negative security model includes a preconfigured comprehensive and accurate list of attack signatures.
The Web application firewall allows signatures to be modified or added by the administrator.
The Web application firewall supports automatic updates to the signature database, ensuring complete protection against the latest application threats.
The negative security model detects known attacks at multiple levels, including operating system, Web server software, and application-level attacks.
The negative security model detect known malicious users who are often responsible for automated and botnet attacks. Malicious users may include malicious IP addresses, anonymous proxy addresses, and TOR networks.
A positive security model states what input is allowed; everything else is blocked.
Out of the box, The WAF is having a database of signatures that are designed to detect known problems and attacks.
The positive security model includes URLs, directories, cookies, form fields and parameters, and HTTP methods.
To address the difficulty of configuring the positive security model, the Web application firewall automatically learns the Web application structure and elements.
In learning mode, the Web application firewall is used for a period with a trusted set of users, and user input to various fields of the Web application is recorded.
Because Web applications continuously change, the Web application firewall learning mode should be able to recognize application changes while simultaneously protecting Web applications.
Based on the recording of this input, the acceptable values for input fields are learned.
The learned values are used as the configuration for input checking in the positive security model.
The learning mode learns the structure and elements of the application (directories, URLs, parameters, cookies) and expected behavior from the user (expected value length, acceptable characters, whether the parameter value is read-only or editable by the client, and whether the parameter is required or optional). This helps automate the configuration for the positive security model.
The Web application firewall is able to correlate multiple security events together to accurately distinguish between good and bad traffic.
Failure to Restrict URL Access
Unvalidated Redirects and Forwards
Reverse proxy mode should support both URL rewriting and content rewriting for HTTP header and body.
https://store-images.s-microsoft.com/image/apps.31498.1cee1f36-c5c6-45ee-8f4d-03a17035af38.c09a01f1-c1bc-4697-b705-a3ce23cfd4cd.00d833bc-3eef-40e9-a3b6-608d4a2b7263
https://store-images.s-microsoft.com/image/apps.31498.1cee1f36-c5c6-45ee-8f4d-03a17035af38.c09a01f1-c1bc-4697-b705-a3ce23cfd4cd.00d833bc-3eef-40e9-a3b6-608d4a2b7263
https://store-images.s-microsoft.com/image/apps.31498.1cee1f36-c5c6-45ee-8f4d-03a17035af38.c09a01f1-c1bc-4697-b705-a3ce23cfd4cd.00d833bc-3eef-40e9-a3b6-608d4a2b7263
https://store-images.s-microsoft.com/image/apps.31498.1cee1f36-c5c6-45ee-8f4d-03a17035af38.c09a01f1-c1bc-4697-b705-a3ce23cfd4cd.00d833bc-3eef-40e9-a3b6-608d4a2b7263