7 Habits of Highly Effective WAFs (Web Application Firewalls)
Top 7 habits of effective WAF By Mehul Shah, Chief Strategy Officer, Indusface
” Sow a thought and you reap an action;
sow an act and you reap a habit;
sow a habit and you reap a character;
sow a character and you reap a destiny. ”
– Ralph Waldo Emerson
Stephen R Covey’s best seller, “The 7 Habits of Highly Effective People” is largely considered to be the best business and self-help book. This book was the very first to introduce the concept of a paradigm shift and emphasized on self-change and interdependence rather than the often confusing power of independence. Mr. Covey said, “We believe that organizational behavior is individual behavior collectivized”. With great finesse, Mr. Covey conveyed a fact to us which many of us choose not to give importance to.
Just like, we know that our online presence is an extremely important and crucial part of our and our organization’s existence, and getting access to it is a very lucrative deal for the cybercriminals. An online presence that exists primarily in the form of web and mobile applications. But we do not make securing them a priority unless we suffer a loss. Unfortunately, this loss at times is too great to be measured only in dollars, as trust and loyalty loss of customers is priceless.
Web application firewalls (WAF) have been a critical part of securing external facing websites for years now. According to Gartner, 70% of attacks happen at the application layer. According to most industry analysts, organizations need to ensure that they deploy WAFs to ensure agile application layer protections. Network elements are unable to provide broad coverage for application layer issues. WAFs security should be considered for more than just Compliance, they should be designed with the end security posture in mind.
This illustration is aimed at highlighting an ideal Top WAF vendor’s Application Security Paradigms.
Key Paradigms According to COVEY
- Be Proactive – I am responsible for my behavior and the choices I make in life.
- Begin with the End in Mind – I will create results mentally before beginning any activity.
- Put First Things First – Focus on ‘Truly’ important and say no to unimportant.
- Think Win-Win – Effective, long-term relationships require mutual benefit.
- Seek First to Understand Then to Be Understood – Diagnosis must precede prescription.
- Synergize – The whole is greater than the sum of parts
- Sharpen the Saw – Results require constant improvement/development of resources.
Key Application Security Paradigms According to Indusface
- Be Proactive – Vendor must provide WAF-as-a-Service, accept the responsibility of making WAF work for the customer, refine it as needed, and develop proactive defense mechanisms.
- Begin with the End in Mind – WAF vendors must configure the WAF rule-set to ensure minimal false positives. The goal must be to improve the security posture without degradation of user experience
- Put First Things First – Protecting against Critical known issues – Effective virtual patching – should be the first priority of WAF deployments.
- Think Win-Win – WAFs security need to be able to demonstrate ROI while improving the security posture of the application.
- Seek First to Understand Then to Be Understood – Ability to provide detail forensics, logging any suspicious activities, and providing enhancements based on application nuances is the key feature of Web Application Firewalls core rule set improvement.
- Synergize – WAFs must be leveraged to develop a total application security posture, combine deployments of WAFs along with application scanning and secure coding practices to get a holistic application security program.
- Sharpen the Saw – Constant update and monitoring of WAF Core Rules sets, getting intimate with application and user behavior via forensics on legal/suspicious/illegal user actions.