A web application firewall (WAF) offers the best possible protection for web applications, apps, and web interfaces. It analyzes HTTP traffic between clients and web servers and can respond directly to unusual behavior by blocking communication and fending off attacks. With a WAF, companies can protect their web applications against targeted attacks on weak points (operating systems, unpatched apps, applications with outdated libraries) before patches are delivered.
Whether an online shop, a mobile app, or the supplier and manufacturer interfaces: services and applications accessible from the web constitute the public face of every company and make a very significant, often even decisive contribution to turnover. While classic security components protect the company network and the users, a WAF serves to protect these web applications and stands between the clients and the applications to be protected. It monitors all communication (Layer 7 – 99.9 percent of HTTPS sessions) and prevents dangerous, insecure, or unusual requests.
One of the main tasks of a WAF is to protect against the OWASP Top 10 – i.e., the list of the most common vulnerabilities, which is regularly updated by the highly regarded Web Application Security Project. These include injection attacks, fake authentication, interception of sensitive user data, cross-site scripting, and much more. In addition, the Advanced WAF from T-Systems offers effective protection against attacks from bot networks, against organized threat campaigns, and against encrypted and unencrypted layer 7 DDoS attacks. A WAF can be operated both on-premises in a company's data center and virtually (i.e., in the cloud). Both variants offer direct and indirect protection measures for the development as well as for the integration and operation of web applications.