eBooks

OreillyMultiCloudFinalEBOOK

Learn all you need to know about email best practices, deliverability, and tools with email whitepapers and ebooks.

Issue link: https://hub.dyn.com/i/1119883

Contents of this Issue

Navigation

Page 38 of 57

Just as compromising other aspects of the edge infrastructure can give an attacker access to sensitive information, accessing the API gateway can give an attacker the ability to pull sensitive information directly through your APIs. Web Application Firewalls Another way to secure multicloud environments at the edge is through the use of Web Application Firewalls (WAFs). WAFs have been around in one form or another since the late 1990s but didn't see widespread adoption until the early 2000s. A WAF is a detective and preventive security control that sits between the edge of the network and a web application, protecting the app from malicious attacks. Although most security devices are focused on protecting the people behind them, WAFs are specifi‐ cally designed to protect software. Most WAFs use a combination of signature-based detection and heuristics to monitor for malicious traffic trying to reach one or more web applications. The WAF stops the malicious traffic, preventing the attacker from gaining access to sensitive information or to the target system itself. The WAF is another tool in a multilayered security strategy, sometimes referred to as defense in depth. Traditional WAFs are physical devices that you need to deploy to each cloud provider in a multicloud environment. However, there are also cloud-based WAF providers that offer the same level of pro‐ tection without the physical, on-premises deployment. These cloud- based WAFs give your organization more flexibility and allow for faster implementation. WAFs have risen in prominence as a security tool over the past few years because attacks against web applications continue to rise. Web application vulnerabilities increased by 23% in 2018 over 2017, according to a report from Imperva. More than half of web applica‐ tion vulnerabilities reported in 2018 have a publicly available exploit, and 38% of reported web application vulnerabilities do not have a solution, such as a vendor-issued patch, to prevent exploita‐ tion. Those numbers are scary and demonstrate the importance of a mul‐ tilayered security strategy. A WAF can help organizations compen‐ sate for vulnerable web applications by intercepting the most Web Application Firewalls | 33

Articles in this issue

Links on this page

view archives of eBooks - OreillyMultiCloudFinalEBOOK