Hackers of India

Application Defense Tactics & Strategies - WAF at the Gateway

By  Shreeraj Shah  on 22 Apr 2009 @ Hitb Sec Conf

Abstract

New attack vectors are emerging on the horizon after introduction of Web 2.0 technologies and components. Web Application Firewall can help in protecting applications by filtering traffic going over HTTP(S). There are different approaches for it and in this talk we are going to discuss several key aspects of WAF as mentioned below.

WAF is a tactical defense for corporate environment to provide faster response to discovered vulnerabilities. We are going to discuss topic in detail along with live attacks, defense, tools and cases. We are going to release prototype for WAF as part of the talk so you can try it in your environment.