IT leaders say that Web Application Firewalls (WAFs) are an established staple of the application security strategies used in enterprises, but the WAFs have failed to protect the organizations from cyberattacks in recent times
As per recent records, quite a number of cyber attackers managed to bypass WAFs. Organizations struggle to efficiently tune these firewalls to match the requirements and integrate the same into broader security measures. CIOs warn that further tweaking of the firewall is necessary and it can’t be depended upon as the only defender in an AppSec program.
IT leaders state that majority of the application-layer cyberattacks during the pandemic have easily cruised past the inefficient WAFs. In a study conducted by Neustar International Security Council, IT personnel state that over half of the network requests in the previous year were detected to be false positives.
Issues with WAFs
IT leaders have come with a set of issues associated with WAFs which suggest a complete shake-down of the infrastructure. They require more from their WAF vendors. WAF vendors need to rectify the scenario, negative feedback before a complete disruption of the market takes place.
IT leaders say that the current deployment of WAF infrastructure is unable to handle a wider range of client-side attacks, application attacks, bot-driven attacks, and API-based breaches.
Business integrity is greatly affected by the increased amount of Server Side Request Forgery (SSRF) attempts. Such breaches occur due to the method in which webhooks and APIs are handled by cloud architecture. IT Security heads feel that the implemented WAF architecture is not capable of monitoring outbound HTTP requests created by web applications.
SaaS companies often use a webhook tool which creates a subsidiary HTTP request which is identical to an SSRF attack. Such factors underline the shortcomings of using a WAF when faced with an SSRF breach.
AppSec breaches with WAF
IT leaders are of the opinion that systemic issues in AppSec execution and strategy are due to WAF. CIOs feel that organizations should first consider making more fundamental changes during the development and implementation of software rather than simply deploying another software to take care of the issue.
WAF has been used as a replacement for a working AppSec platform which would work steadily to improve the security architecture of software built on risk prioritization.
Security leaders say that instead of completely depending on WAFs, organizations should simply consider them as a backstop and work towards fixing the code.