In response to the changing

[rakhirhif8963]

In the era of large-scale digitalization of business, web applications are of great importance for most organizations. At the same time, traditional information security technologies such as IPS and firewalls, which are focused on protecting against network and transport layer attacks, leave web applications attractive targets for cyberattacks.

web application threat landscape and the growing sophistication of attackers, firewall vendors have improved application-layer protection by implementing deep packet inspection (DPI).

These technologies do not protect web kenya whatsapp data from SQL injection, cross-site scripting, or zero-day attacks, and do not have the flexibility to provide visibility and control over each web application in use (more than 70% of organizations report this, according to research by the Ponemon Institute).

About 73% of companies were attacked in Q1 2018 by complex exploits using web-oriented technologies. Web attacks are becoming polymorphic and use several vectors simultaneously. Most of the attacked applications are connected to databases that contain confidential information or personal data.

Research from Verizon shows that 48% of all successful data attacks are caused by web application hacks, and according to Acunetix, 42% of web applications have at least one serious vulnerability. Therefore, the more a business relies on web applications, the more it needs a web application firewall (WAF) to protect against external and internal threats.

Many WAF solutions are based on application learning (AL) aimed at eliminating zero-day threats. To do this, the WAF creates a profile of the application structure and how it is used, controls access to applications and tries to understand how it is carried out. Thus, the WAF is able to track how data entry form fields are used, controls the types of values ​​entered, how HTTP is used, cookies created, etc.