A web application firewall (WAF) is an online security monitoring system that examines suspicious and illegitimate activity. It identifies and filters out bad web traffic based on the rules specified by the customers.
The primary target of the cyber criminals is the websites,
web hosting services and web applications. While the traditional security systems like the Intrusion Prevention Systems (IPS), Intrusion Detection systems (IDS), and network firewalls are important to stop illegal intrusions, they do not have the ability to detect or stop XSS attacks, SQL injections, web session hijacking or any similar attacks.
WAF scrutinizes, both GET and POST requests, that are sent through HTTP and HTTPs as per the configured rules you set to filter malicious traffic. WAF is built to catch every suspicious movement which the normal security tools could have missed before the traffic reaches the server. They also can be configured to comply with the HIPAA and PCI-DSS regulations.
The
web application firewall can be in three models- A whitelist model that allows traffic that meets specific criteria. There is a blacklist model that uses predefined signatures to block malicious web traffic that can abuse vulnerabilities. The third model is hybrid in nature blending both whitelist and blacklist models.