The main function is detecting and blocking any request that, according to the WAF’s analysis, has any anomalies or an attack vector.

In order to implement such functionality, WAF developers use:

  • regular expressions
  • tokenizers
  • behavior analysis
  • reputational analysis
  • and machine learning.

WAF may also implements other functions:

  • DDoS protection
  • ban of attacker’s IPs
  • monitoring of suspicious IPs
  • adding security headers (X-XSS-Protection, X-Frame-Options, etc.)
  • adding http-only flags to cookie
  • implementation of the HSTS mechanism and CSRF tokens.

Also, some WAFs have JavaScript client side modules for websites.

lots of more intros here https://habr.com/en/company/dsec/blog/454592/

Cloud WAF's

web_security_and_waf_s.txt · Last modified: 2019/06/06 07:00 by root
RSS - 200 © CrosswireDigitialMedia Ltd