To many people cybersecurity is not a sexy topic. Just like insurance, many think it’s only a preventive measure that protects you against the “what-if” J.P. Morgan-level hacking scenarios. However, to us, cyber security is an active battlefield where only the strongest survive. It’s a war between good and evil and light versus dark.
Blackhatter hackers attack web apps in order to compromise its data or assets. It is the responsibility of a web app firewall to defend the web app from malicious hack attempts. In reality, a good web app firewall (WAF) is like a super hero protecting his town from villains’ destructive attacks.
The concept of superheroes fits perfectly with web app firewalls. Just like how a web app firewall prevents hackers from accessing your website, so does a superhero stop evil doers from wreaking havoc. All of WAF’s individual characteristics can be represented by individual super heroes, with the first one being that WAF services aptly respond to web attacks.
The story of Thor is the most unexplainable in the Avengers. While the rest of the Avengers are normal humans, he and his world are gods. Because his world, Asgard, is out of our normal realm of understanding, he seems the most fantastical hero in the Avengers. However, Thor isn’t the character being used today to describe a WAF’s ability to respond to web attacks promptly — it is Asgard’s powerful gatekeeper, Heimdall.
Heimdall is the guardian of Bifrost, the bridge connecting Asgard to Earth. If you recall in the Thor movies, Heimdall stood at the gate between Earth and Asgard, with amazing sight and hearing. His skills of recognition were crucial to determining if a visitor was worthy to enter or leave Asgard and gained him the title as one of the strongest beings in Asgard.
In the same way, a WAF should be the gatekeeper to your website. If we use Asgard as an example of how WAFs protect your website, these are the roles:
Asgard: Your website/web app
Heimdall: Your WAF service
Bifrost Bridge: Pathways connecting users to your website/web app
Visitors trying to enter and leave Asgard: Website visitors
Enemies of Asgard: Hackers
Let’s say that an army of enemies tried to invade Asgard. Heimdall, with his ability to see and hear from worlds away, would be able to see these attacks approaching Asgard and not open Bifrost. This way, even if the army is large and skilled, they would not be able to enter the city. In the same way, an advanced WAF can protect your website from hack attacks, including volume-based ones like DDoS.
So how does a WAF work? Heimdall examined the characteristics of visitors to decide whether or not they were worthy to visit the other worlds. In the same way, a good WAF is able to determine if a visitor has bad intentions in entering a web app. An advanced WAF’s logic analysis engine is intelligent and able to detect activity details of botnets that are different from normal users (i.e. botnets tend to request HTML pages and almost never embedded objects). Heimdall was the same and monitored people’s actions and characteristics to note whether or not they were good or not (remember when he called out Loki on his sneaky actions in Thor?).
In addition to having excellent recognition skills, Heimdall also was also quick to response in combat. He was able to detect invasions before they gained enough traction to destroy Asgard and even fight against them (just like in the movie, Thor: The Dark World). A good WAF needs to be quick to recognize hacking attempts and strong enough to withstand them. Just like if you were to be invaded by enemies, you would want strong allies to be quick to protect you, your website needs an advanced WAF service that is quick to recognize hack attempts and block them before they come to fruition — stealing either your valuable data or defacing your website.
*These characteristics of a strong WAF service are based on Penta Security System’s WAPPLES WAF service, a market leader in WAF services in the Asia-Pacific Region. WAPPLES technology is one of the most accurate in the market and is used to power Cloudbric, a cloud-based WAF service that promises strong web protection for all web apps.