Hackers easily bypass Web Application Firewall solutions

Get a free Techzine subscription!

Hackers are often able to bypass Web Application Firewall (WAF) solutions, according to new research. As a result, companies run a high risk of downtime, data theft and reputational damage.

According to the research by Neustar, 40 percent of the security professionals report that nearly half of the attempts to bypass a Web Application Firewall is successful. According to 50 percent of the security professionals, it’s successful in 1 out of 4 attempts.

In addition, 29 percent of companies are struggling to change WAF policies to better defend themselves against cyberattacks against their web applications. Only 15 percent believe this process is “very easy”.

WAF integration

The full integration of WAF with other security solutions is crucial for complete security of all facets of an enterprise. Currently, four out of ten companies still need to fully integrate WAF with the rest of their security solutions.

According to Rodney Joffe, Senior Vice President of Neustar, the increase in cyberattacks on applications is an “alarming” trend.

“Due to their ‘under-the-radar’ nature, application-layer attacks are difficult to detect and therefore require a security posture that is always-on in order to be identified and mitigated. Only by providing protection across the entire network can organisations respond to the type of threats we are seeing today,” Joffe says.

DDoS attacks

According to Neustar, DDoS attacks were the biggest threat to cybersecurity in April and March this year. Ransomware is also a significant threat to companies, as is the possible theft of intellectual property.

Just two weeks ago it was announced that Amazon Web Services mitigated the biggest DDoS attack ever in February of this year. The attack had a capacity of 2.3 Tbps. The old record was set by NetScout, which suffered an attack of 1.7 Tbps in 2018.