“Web application firewalls are powerful tools for protecting custom web applications, however, often there isn't free staff or rack space to bring the WAF on premise,” said Gartner Analyst Greg Young. “A managed as-a-service WAF offering can jump these hurdles.”
Although WAFs are designed to address web attacks, the technology is highly resource intensive. The varying demands of different web applications require continuous management to properly block attacks while allowing legitimate traffic.
Failure to implement the expert tuning can cause WAFs to disrupt legitimate traffic and impact the availability of web applications, or get tuned to a level that delivers virtually no security against real-world threats. As a result, WAF users often fail to realize the benefits of the technology despite significant investments of money and time.
Web Security Manager with ActiveWatch offers:
- Firewall protection and blocking capabilities delivered using a combination of positive and negative security techniques deployed without web application downtime
- Baseline protection including coverage for OWASP Top Ten, an acknowledged testing standard for compliance mandates, including PCI DSS 6.6
- Deployment options with reference architectures for on-premise, in hosted environments, or in the cloud deployments through a range of physical, virtual and high-availability options.
- Managed security service from Alert Logic’s Security Operations Center (SOC) to ensure that the WAF is always on and performing optimally.