WAF is specialized firewall designed to protect web applications (HTTP applications) from attacks such as cross-site scripting (XSS), SQL injection and other vulnerabilities that may exist. A WAF is able to detect and prevent unknown attacks by inspecting every HTML, HTTP/HTTPS, SOAP and XML-RPC data packet. Using WAF you can monitor the Input/Output traffic to your web applications. A WAF can also monitor access to web applications and can send access log data to other security tools such as SIEM for its analysis.Lets have a look at the Key Use Cases of Web Application Firewall (WAF) market:
Key Use Cases :
1.Secure vulnerable Web applications :
Web application whose source codes are not reviewed properly or are un-patched can reasonable protection by deploying WAF as reverse proxy.
2.Basic protection for all web Application:
Using Web Application firewall you can provide basic protection to all of your web applications against attacks such as SQL injection, XSS, CSRF etc.
3.Apply quick hot-fixes for newly discovered vulnerabilities in web applications:
Using WAF whitelisting feature the vulnerability can be fixed quickly, so that it cannot be exploited before next scheduled maintenance (Particularly useful in security productive applications, which cannot be quickly taken down for maintenance)
4. Detect any malicious. abusive use of your web applications:
All the access logs, usage logs & error messages can be collected from WAF and be fed to analytics tools for analyzing any malicious behavior.
Do let me know if you want us to add or modify any of the listed use cases.
Check out the Web Application Firewall (WAF) market within FireCompass to get more information on these markets