In my last articles I introduced the idea of how simple is the concept of a WAF (although implementing a reliable WAF system is not that simple), what are false positives and false negatives and the best approach to trade-off between them, what is the impact of wide visibility when it comes to build a WAF, the importance of having a solid team of experts backing up a WAF solution, and how does scale affect to WAF performance (and ultimately to WAF deployment).
One particular topic that is frequently forgotten when talking about WAF is that the task of managing a WAF solution is a permanent job. New attacks are written, new vulnerabilities emerge, and business owners are forever moving applications to the web layer. At Akamai we know that because we are constantly analyzing new trends, proposing solutions and updating defense strategies. Depending on the balance of outsourcing vs. self-service strategy defined by each company. the task of adopting and setting up the new rules may fall in customer's or in provider's responsibility. Choosing the right partner in this matter is always a good option to evaluate. But what is usually under estimated is that not only general vulnerabilities have to be researched. Each company has its own applications, which are always evolving. This evolution is driven by a better usability or functionality of the application but at the same time, new apps or new version of existing apps, by nature, are exposed or may be prone to security breaches. Here is when Akamai's expertise makes the difference, since we have staff dedicated monitoring both attack evolution and application proliferation. Our staff has a group of professionals that are experts in web application technology, and that have successfully dealt with the most complex and innovative projects ever created in the Internet. This expertise, when it comes to security projects, is key. A CDN provider without reputed security solutions has a limited perspective since the security is not core, but something to consider tangentially. Likewise, a security provider that only covers this area will lack the great perspective provided by working hand in hand with applications and developments. In the case of Akamai, not only all of this is true but experience and a long history of success backs it up. Our privileged situation, as CDN pioneers is based on:
- Unique experience with delivery and acceleration web technology, which has an intimate relationship with application development.
- Unique experience with web application and DDoS protection.
- Unique broad perspective in both environments thanks to the broadest platform and scope of customers.
Finally, and like I already did in previous articles, I recommend the reading of the white paper "Improving Web Application Security: The Akamai approach to WAF".