Browse Prior Art Database

Intelligent Web Application Firewall - A unique Web applicaiton Firewall which needs no Policies or Rules.

IP.com Disclosure Number: IPCOM000236191D
Publication Date: 2014-Apr-11
Document File: 4 page(s) / 95K

Publishing Venue

The IP.com Prior Art Database

Abstract

Web application firewalls detect and prevent attacks based on set of rules/policies. The effectiveness of Web application firewalls is there fore dependent on how well one can tune the rules/policies to the need of the enterprise. The Web application firewall tuning requires lot of expertise and continuos monitoring of the effectiveness of the rules. Rules/Policies can become redundant when an application is patched or upgraded to a newer version.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 24% of the total text.

Page 01 of 4

Intelligent Web Application Firewall - A unique Web applicaiton Firewall which needs no Policies or Rules.

Web Application attacks are on the rise. Vulnerabilities like SQL injections and Cross Site Scripting(XSS) allow  hackers entry into the enterprise and steal data.

Protecting against Web application attacks requires special class of Firewalls called the web application  firewall(WAF) which understand and protect against Web application attacks like SQL injection and Cross Site  Scripting.

Web application firewalls detect and prevent attacks based on set of rules/policies. The effectiveness of Web  application firewalls is there fore dependent on how well one can tune the rules/policies to the need of the  enterprise. The Web application firewall tuning requires lot of expertise and continuos monitoring of the  effectiveness of the rules. Rules/Policies can become redundant when an application is patched or upgraded to a  newer version. 

Without the required expert tuning, WAFs will block legitimate traffic and impact the availability of web  applications, or get tuned to a level that delivers virtually no security against real­world threats. As a result, WAF  buyers often fail to realize the benefits of this technology despite significant investments of money and time.

Main Idea


1. Background: What is the problem solved by your invention ? Describe known solutions to this problem (if any). What are the drawbacks of such known solutions , or why is an additional solution required ? Cite any relevant technical documents or references .

Background

Web Application attacks are on the rise. Vulnerabilities like SQL injections and Cross Site Scripting(XSS) allow  hackers entry into the enterprise and steal data.

Protecting against Web application attacks requires special class of Firewalls called the web application  firewall(WAF) which understand and protect against Web application attacks like SQL injection and Cross Site  Scripting.

Web application firewalls detect and prevent attacks based on set of rules/policies. The effectiveness of Web  application firewalls is there fore dependent on how well one can tune the rules/policies to the need of the  enterprise. The Web application firewall tuning requires lot of expertise and continuos monitoring of the  effectiveness of the rules. Rules/Policies can become redundant when an application is patched or upgraded to a  newer version. 

Without the required expert tuning, WAFs will block legitimate traffic and impact the availability of web  applications, or get tuned to a level that delivers virtually no security against real­world threats. As a result, WAF  b...