← Back to Glossary

What is a Web Application Firewall (WAF)?

by Bethany Hendricks on Security • November 26, 2020

What Are The Benefits Of A WAF?

A WAF can prevent data leakage by scanning every request to your servers, and when something seems unusual the WAF prevents it from leaving your network, thus stopping the data from reaching the person who may be trying to access it.

There are many vulnerabilities in applications, some of these are commonly found in legacy applications or applications with poor coding. Using custom policies, a WAF is able to handle the deficiencies in the code. With a WAF you can create custom rules and policies which can target certain types of threats, thus allowing for even more personalization as your web application may be more prone to a specific attack than others.

Types of attacks that WAFs can prevent

A WAF can usually protect against the OWASP Top 10 vulnerabilities and prevent the following attacks.

  • Layer 7 DoS – An HTTP flood attack that uses valid requests in URL data retrievals.
  • SQL Injections – Attackers compromise the application and underlying systems by injecting malicious code into a web entry field.
  • Cross-site Scripting (XSS) – The injection of client-side scripts into the web pages viewed by other users.
  • Cookie Poisoning – Changing cookies to gain unauthorized information about a user.
  • Cross-Site Request Forgery (CSRF) – These attacks occur when a user is tricked into clicking a link or downloading a file that executes unwanted actions on a user session.

Do I Need A WAF?

These days hackers are highly active, trying to take down web applications or steal personal data. Without a WAF, your web application and your users are at risk of attack. By using a WAF you can protect against these threats and safeguard your users, data, revenue, and reputation.

Does Snapt Provide A WAF?

Yes. Snapt Nova provides load balancing and WAF security on-demand to every node in your network. Centralized control enables you to monitor traffic and keep your security configuration in sync across large distributed networks including multi-cloud and hybrid architectures.