WAF Workshop FAQ
WAF have many considerations throughout its life cycle. Getting your WAF to good enough security requires a solid review of Assents, Implementations and Response (AIR model) Workshops are small chunks of process that should be done when managing security deviceWorkshop is not a training. It is a hands-on workshop that is done with the customer.The…
Read More WAF Vendor List
•According to Gartner, it is predicted that 80% of enterprises will have migrated away from traditional data centers and into the cloud within the next five years. With the ever-increasing adoption rate of web-based applications and API’s comes more security risks.The challenge with traditional Web Application Firewall (WAP) protection is that it cannot scale with…
Read More Application Common Attack Vectors (A-CAV)
Server Side Attacks – RequestHTTP Response SplittingInformation LeakageError messages dispalySession and cookiesCredential/Session PredictionNon-HttpOnly Session CookieUnsecured Session CookieInsufficient Session ExpirationSession FixationPersistent Session CookieServer Side Attacks – ResponseHTTP Response SplittingInformation LeakageError messages dispalySession and cookiesCredential/Session PredictionNon-HttpOnly Session CookieUnsecured Session CookieInsufficient Session ExpirationSession FixationPersistent Session CookieFingerprintingDirectory guessingPredictable Resource LocationDirectory TraversalPath TraversalBuffer OverflowSQL InjectionImproper Input HandlingServer MisconfigurationOS Command InjectionRFI…
Read More