Web Application Firewall


Websites have become the primary target of hackers because frequently they house useful data that can be used for financial gain by criminal groups. Numerous studies have found that over 90% of websites have some type of vulnerability that can be used by hackers to get access to confidential information. These vulnerabilities include SQL injection, file inclusion, cross site scripting (XSS), weak session management and many others. Traditional firewalls do not stop attacks against web applications as they operate at layer 3 of the network stack rather than layer 7 where these attacks occur.

webapp-firewall

The primary means of preventing web application attacks is to build secure applications that do not have vulnerabilities in the first place. However, this is much easier said than done. Most web developers do not have the training or knowledge to do this properly. A web application firewall can provide an added layer of defense against web application attacks and give your developers time to remediate vulnerabilities in your website when they are discovered.
Tectonic Security provides a web application firewall service that will block most application layer attacks including remote file inclusion, SQL injection and cross-site scripting (XSS). We will implement and manage the service with care to ensure legitimate requests are not blocked.
Our web application firewall managed service provides the following benefits:
  • Continuous protection against the most common application layer attacks
  • Easy implementation handled by our knowledgable team with no hardware required
  • Helps address PCI compliance mandates regarding website security
  • Weekly reports of security events and proactive configuration updates to provide maximum protection
  • Cost savings because you don’t need to hire full-time IT security resources to manage your webapp firewall
  • Improved website performance by automatically caching both static and dynamic content worldwide
  • Reduced bandwidth usage at your hosting provider by serving assets from our caching servers