sponsored

Enhancing DDoS Defenses with a Web Application Firewall

Talk to any cybersecurity professional, and it won’t be long before you hear the word “layered approach.” The variety of cyber threats today – as well as the vulnerabilities they target – are so diverse that organizations can only hope to fend them off by deploying multiple layers of defenses.

enhancing ddos defenses with a web application firewall
scyther5

Talk to any cybersecurity professional, and it won’t be long before you hear the word “layered approach.” The variety of cyber threats today – as well as the vulnerabilities they target – are so diverse that organizations can only hope to fend them off by deploying multiple layers of defenses.

Even within the bounded realm of distributed denial of services (DDoS) attacks, a layered defense is critical. Why? Because DDoS attacks, which seek to overwhelm websites with huge volumes of traffic, are increasingly being used as ploys to attract security resources and attention, allowing other forms of attack to simultaneously be executed in backdoor attacks.

Different layers exist even within the subset of controls focused on countering volumetric DDoS assaults. In an earlier post, for example, we discussed the advantages of a hybrid DDoS approach that combines on-premises appliances with cloud-based detection and mitigation services, including on-premises appliances.

Now, however, growing numbers of organizations are complementing their volumetric attack defenses with web application firewalls (WAFs). WAFs defend against application layer attacks that can include, but aren’t limited to:

  • Session hijacking, which captures or guesses a session authentication token to gain access to a web server.
  • SQL attacks, which interfere with or intercept the transmissions between databases and applications.
  • Cross-site scripting (XSS), which allows attackers to insert client-side script into web pages viewed by others.
  • Cross-site request forgery (CSRF), in which a malicious website or some other program forces a user’s web browser to issue unauthorized commands, with the use of their credentials.
  • Buffer overflows, in which an application is forced to write so much data to a buffer that it overflows the buffer and corrupts adjacent memory.

A just-released Neustar-commissioned survey of more than 1,000 security, IT, and business managers and executives uncovered a recent spike in WAF adoption. When asked what forms of protection their organizations used to counter DDoS attacks, more than half (53%) said they are using web application firewalls. A year earlier, just 13% of those surveyed listed WAFs among their DDoS defenses.

Recognizing the growing need to protect the application layer, and in an effort to provide a more holistic solution for DDoS defenses, Neustar recently introduced a cloud-based service that adds a WAF to the company’s volumetric DDoS identification and mitigation services. It is paired with Neustar’s always-on DDoS mitigation service.

The Neustar WAF is cloud provider, content delivery network, and hardware platform agnostic, so can protect applications wherever they’re hosted. Meanwhile, the Integrated Security Solutions Platform collates and presents information from all its elements in a single pane to help analysts understand and manage the full range of threats detected.

No single solution can address the full range of cyber threats active today, and there are many other layers of defenses needed beyond those provided by Neustar’s DDoS/WAF combination. But these two forms of control are among the most critical. By integrating them into a common service, Neustar is providing a comprehensive defense line on one of the most challenging fronts in the cybersecurity war.

Copyright © 2017 IDG Communications, Inc.