230 likes | 407 Views
CYBEROAM UTM’s. Web Application Firewall Protection. Our Products. Unified Threat Management. Top 5 outcomes of Web Application Attacks. Leakage of Information. 20.38%. Defacement. 18.47%. 14.01%. Planting of Malware. Monetary Loss. 12.74%. 12.74%. Downtime.
E N D
CYBEROAM UTM’s Web Application Firewall Protection Our Products Unified Threat Management
Top 5 outcomes of Web Application Attacks Leakage of Information 20.38% Defacement 18.47% 14.01% Planting of Malware Monetary Loss 12.74% 12.74% Downtime
Types of Web App Attacks/Vulnerabilities: • Vulnerabilities • Invalidated Input • Broken access control • Broken Authentication/Session mgmt • denial of service • Cross site scripting flaws • Buffer overflows • Attack Methods – the weapons • SQL Injection • Cross-site scripting (XSS) • Cookie poisoning • Session hijacking, …
What is stopping majority of us from investing in a Web Application Firewall?
Human Nature • 80% of web applications have a vulnerability waiting to be exploited. • 90 percent of all attacks today are aimed at the website and its supporting applications. Aren’t we leaving too much to luck?
The “It can’t happen to me” syndrome! • Most of us believe web application attacks cannot happen in our organization…
Attacks that made the news… September 16, 2010 Polish hacker gets inside US Military's Defense Logistic Agency website XSS Vulnerability in Facebook Translations Posted on: 8 March 2011 Slide 7
Ignorance about attacks on Internal web applications • kb.abccorp.com • intranet.abccorp.com • anyintranet.com • anycamera.com • anypos.com • anypayroll.com • anysmall_erp.com • anyinternal_app.com • finally anything_over_http(s).com
Living under a false sense of security! • Traditional security solutions aren’t effective against web application attacks
What your Firewall, IPS, UTM cannot do… • Firewalls/IPS cannot protect a web application from unknown threats
But the biggest barriers to WAF purchase are… Vs • Time • To implement • To maintain • Cost of damage Vs • Cost to Protect • Fear of Complexity
Cyberoam Web Application Firewall is the answer… • Best of breed WAF: • Expensive • Time-consuming • Complex • Cyberoam WAF Subscription : • Affordable • Easy to deploy • Doesn’t require changes in existing set up Vs IT Manager
Cyberoam UTM’s WAF – Feature Set • Positive protection model and No Signature Tables • Intuitive website flow detector Automatically adapts to website changes • Protects against OWASP top 10 vulnerabilities • SSL Offloading • Monitoring & Reporting Slide 16
Thank you! The WAF subscription is available on 50ia, 100ia, 200i, 300i, 500ia, 750ia, 1000ia, 1500ia series of UTM appliances.