The Internet is a scary and dangerous place, or so the press keep telling us. There are stories almost every day of an online attack taking place and the consequent loss or exposure of customer data.
When the very nature of what we do is to put our assets in the direct firing line of such attacks, by enabling literally everyone to connect to our web server, what else can you expect?
But let’s examine that last statement a bit further, “let everyone connect to our webserver”; is that really what we want to do? On the one hand the marketers encourage traffic to our web shop, it’s their job, surely we do want any and everyone to be able to connect?
Well no, anyone and everyone is not what we want or need, we want legitimate traffic only, real users who are shoppers or browsers there to take proper advantage of the services you are offering, or real Google* bots there to help you get your site ranked and visible.
(*there are other search engines available)
What we don’t want is to allow the bad bots, the scrapers, the false search bots, the automatic bots that are scanning your site for vulnerabilities or the users who are testing your defences manually with hacking tools, picking at your locks.
Of all the web traffic hitting your website, the proportion of welcome traffic compared with unwelcome is probably less than 50%!*
Use a Web Application Firewall (WAF)
A WAF, such as the cloud service offering from Imperva called Incapsula combines a number of features to provide a complete outer layer of security for your web presence.
Using a Web Application Firewall like Incapsula ensures that your website or application is always protected against any type of application layer hacking attempt.
Choosing a Web Application Firewall
There are many different web application firewall solutions to consider – all with different capabilities. We have looked at the solutions available and have tried out some of the alternatives, but our WAF of choice is definitely Incapsula by Imperva.
Incapsula is the only WAF which has been positioned as a leader for the last three consecutive years in the Gartner Magic Quadrant for Web Application Firewalls. It has been independently validated as the market leader – and for good reason.
Here are a few links to the independent reviews so you can make up your own mind:
The Gartner Magic Quadrant for WAF has rated Imperva as the only Leader for three years running, 2014, 2015, and 2016 – Click Here
Forrester’s 2015 Wave Report for DDoS Service Providers rates Imperva as having the industry’s strongest current offering – Click Here
The 2016 ‘Top10Review’ of DDoS protection rates Imperva as #1, with a Gold Award – Click here