Web Application Firewall

Expand all

The Risk

Any business which runs a website or deploys any type of web application is susceptible to a number of attacks and vulnerabilities which can put the organization’s information security and reputation at stake.

These attacks and vulnerabilities may take many forms some of which are listed below:

  • Website defacement: The intruders gain access to your web site resources changing its content.
  • Website Denial of Service attacks: The attackers overload the web server causing it to crash or to become very slow and discourage users from visiting.
  • Brute Force Attacks: The attackers are using automated procedures trying to gain access to password protected Web resources.
  • Stealing user information: Intruders gain access to data stored in the database such as user IDs and passwords and credit card information using SQL injection exploits
  • Flagged as malicious by search engines: Attackers exploit various vulnerabilities in the web site to upload spam or viruses, causing it to be flagged as malicious.
  • Stolen user sessions: Attackers gain access to users’ information using Cross-site scripting.

Protecting your Organization

Web Application Firewall solutions offered by Odyssey are designed to take on and effectively address these threats and mitigate the risk of sensitive information exposure and inflicted corporate image.

Odyssey offers tailor-made and effective solutions which monitor web access attempts in order to protect your web site presence from current and future security threats and or miss-use.  These solutions ensure protection from Web attacks thus minimizing the exposure to malicious activities, while providing a means of meeting compliance requirements such as the Payment Card Industry (PCI) Security Standard.

Odyssey will assess your organizational needs and business challenges and recommend an appropriate WAF solution, while ensuring that it seamlessly integrates with your existing security architecture.

Doing it right: Our WAF Solutions’ Key Features and Benefits

Our Web Application Firewall solutions are largely characterized by the following key features and benefits:

Key Features

Benefits

Dynamic Profiling technology enables profiling of all application elements, a baseline of acceptable user behavior, and automatically incorporates valid application changes into the application profile

Eliminates need to manually configure application URLs, parameters, cookies and methods

Accurately detects sophisticated attacks

Continuously updated with web application intrusion detection signatures and policies available

Reinforces web application layer security against online threats and gets the most up-to-date and comprehensive Web attack protection

Virtual patching enables immediate patching of web application vulnerabilities

Diminishes the window of exposure of vulnerable web applications

Minimizes  the cost of emergency fix and test cycles

HTTP protocol validation

Prevents protocol exploits and evasion techniques

Multiple attribute examination such as HTTP protocol conformance, profile violations, signatures, special characters and user reputation

Reduces false positives by utilizing Web requests correlation over time to understand and distinguish between attacks and unusual, but non-threatening activity

Rich and fully customizable graphical reports available on demand or based on a periodic schedule

Enhances management decision making process

Addresses regulatory requirements with the use of both detailed as well as summary reports

Helicopter view of security status

Providing proof of regulatory compliance

Unique drop-in deployment with multi-Gigabit throughput and tens of thousands of transactions per second while maintaining sub-millisecond latency

Flexible deployment options

 

Remaining Secure – Support tailored to your needs

We very well understand that to remain effective, a security deployment requires constant monitoring, fine-tuning, updating and maintenance.  These requirements may prove a burden your organization may not be poised to undertake.  We have, therefore, structured our post-deployment services so that you may have the level of support you need, in order to achieve maximum return on your investment, with the least of worries.


Our suite of post-deployment services range from simple Maintenance and Support, to full-fledged Managed Security & Outsourcing Services.

This solution comprises part of the “Design & Implement” phase of our Information Security Continuum (D&I).