Web Security Challenge - Increasing Web Application Security

Web Application Security: Situation Overview

Application layer attacks are an increasingly common threat to Web security. They use a variety of means to cripple and penetrate Web sites, with results ranging from diminished site performance to data breaches and exposed infrastructure.

Multiple Targets

Web application layer and injection attacks can target multiple types of sites. They either attempt to attack the Web application itself or forward logic to a database where they can compromise the information stored inside the database. Whether you store sensitive information on your site, or you have a Web site that functions purely as a promotional site, Web application attacks can have a negative impact on both business performance and your overall brand.

Three Primary Attack Types:

  1. SQL Injection, where bogus database queries are used to overwhelm or infiltrate critical applications and databases
  2. Cross Site Scripting, where vulnerabilities in XSS allow attackers to enter a script that is then executed in the user's browser
  3. Malicious File Execution, where attackers are able to enter hostile data and code by exploiting an application's vulnerability to remote file inclusion

What is a Web Application Firewall?

A Web Application Firewall is a security measure deployed between a Web client and a Web server that performs a 'deep inspection' of every request and response in every common form of Web traffic. It protects the web server from attack by identifying abnormal or malicious traffic, then isolating and blocking that traffic to prevent it from reaching the server.

Kona Site Defender Protects Against Web Application Attacks

Kona Site Defender is a broad-spectrum defense layer that incorporates a full- featured Web Application Firewall (WAF) based upon proprietary technology that provides customers with highly-scalable protection against Web application attacks. Implemented inline across Akamai's globally-distributed platform of hundreds of thousands of servers, Akamai's Kona Site Defender Web Application Firewall helps detect and deflect threats in HTTP and HTTPS traffic, issuing alerts or blocking attack traffic near its source, before it reaches the customer origin.

Protection at the edge: key advantages

Cloud-based solutions like Kona Site Defender and Web Application Firewall are effective for several reasons. First, because they are deployed at the edge, rather than in the host data center, they are able to identify and mitigate suspicious traffic without compromising performance or availability of the origin or web server. Second, because they run on a robust, global platform, they are able to scale instantly to handle spikes in malicious traffic that are increasingly commonplace. Finally, cloud-based solutions can deliver significantly enhanced protection without requiring investment in new IT security infrastructure, helping to contain capital expenditure costs.

Learn more about how Akamai's Web Application Firewall can increase Web application security, or visit the Akamai Kona Site Defender page for protection against a range of attack types.