Get the latest updates from our cybersecurity resources: White Papers, Data Sheets, Case Studies, Solution Briefs, and more.

Web Application Firewall as a Service Information security had traditionally

Information security had traditionally focused on protecting critical assets by fortifying network ports and monitoring logs of various devices integrated with SIEM systems. With advent of internet, web presence has been increasingly critical leading malicious actors also to focus on assets and information on this medium and explore loopholes to gain entry through these web applications. This mandated security experts to focus on securing web applications and related attack vectors.

A Web Application Firewall (WAF) is a solution that offers security to Web Applications across a variety of attacks. Some of the common types of attacks that a WAF secures applications from are OWASP Top 10 (Broken Access Control, Cryptographic Failures, SQL Injection, Insecure Design, Security Misconfiguration, Vulnerable Obsolete components, Identification & Authentication Failures, Software Data Integrity failures, Security Logging & Monitoring Failures, Server-Side Request Failures (SSRF)), Signature based blacklisting, Geolocation based attacks, Cross-Site Scripting, Bot based attacks, L7 DDoS attacks, and many more.

DigiGlass Web Application Firewall as a Services is designed to address these issues described above and some of the key addressed by DigiGlass Firewall as a Services are:

  • Service designed

    L7 DDoS protection

  • CDN Integration

    Capability to provide
    additional layer of security

  • Team Support

    24x7 Support from
    DigiGlass SOC

High Level Architecture:

Key features of DigiGlass WAF as a Service:

1. Risk Detection

a. On-Demand App Scanning

b. Complete Coverage of OWASP Top 10

c. Guided scans

2. Risk Protection

a. Layer 7 Anti-DDoS protection

b. Protection from unwanted traffic by blocking IP & Geo based requests

c. Whitelisting URLs

d. Rule set of Zero Day threats

e. App/Platform specific rule sets

f. Virtual Patching

3. Monitoring & Management

a. 24x7 SOC team for ensuring minimal False Positives

b. SLA based services

c. Custom rule creation based on traffic observations