Author, Alexander Meisel, CTO of Art of Defence, posits that a WAF must escape hardware limitations and be able to dynamically scale across CPU, computer, server rack and datacenter boundaries, and be customized to the demands of individual customers. Resource consumption of this new dWAF must be minimal and remain tied to prevention / detection, such as using black, white and grey listings for application requests and responses.
The white paper outlines the importance that all pre-set policy enforcements be activated or deactivated only with approval from an administrator, and deployment and policy refinement through establishing rulesets must be possible in a shadow monitoring or detection only mode. Once the shadow monitoring ruleset is stable, only then should it be allowed to deploy in an enforcement mode on the dWAF. This will allow complete transparency for the administrator into the real-world effect of this ruleset, while at the same time allowing layered rulesets to be tested without compromising existing policy enforcement. Avoiding false positives and relaxed established defenses are essential for a real-world, usable dWAF in a cloud.
"While organizations such as CSA and Open Web Application Security Project (OWASP) are making great strides, to improve cloud computing security, the use of dWAFs is being overlooked," said Alexander Meisel, CTO, Art of Defence GmbH. "With more businesses adopting cloud computing models, the responsibility of protecting sensitive information is on the organization. We developed this whitepaper to offer companies a view for how to move traditional WAF security to the cloud through a distributed model."
Free to download, the paper is available on the company's website. For more information about Hyperguard, the company or about partnership opportunities, visit the Art of Defence website (www.artofdefence.com).
EDITOR'S NOTE: Graphics are available for this paper on request, as is the author for interviews.
# # #
About Art of Defence GmbH Founded in 2005, Art of Defence GmbH is headquartered in Regensburg, Germany, and serves the U.S., European and Asian markets. Focused exclusively on providing comprehensive web application security technology on any scale, the company is the only European provider in this space that covers the entire software development lifecycle (SDLC). The company partners with leading technology providers like Microsoft, Zeus, GeNUA, and Armorize.
Key offerings include Hyperguard, a distributed web application firewall (dWAF), Hypersource, a static source code analysis tool, and Hyperscan, a web application vulnerability scan server.
Art of Defences web application firewall technology is the most flexible on the market today, available as a SaaS, software plug-ins, virtual appliances, hardware appliances or as standalone software solutions. The company serves the financial services, eCommerce, technology, telecommunication and public sector markets exclusively through OEM/technology and reseller channel partners.
For more information about Art of Defence, visit: www.artofdefence.com/en
Press Contact: Eric Seymour March Communications