Application security is undergoing a broad transformation - from the way applications are architected, developed, and deployed to the ever-evolving diversity and scale of the threats they face. Driving this transformation is the growing complexity of application portfolios, which are providing more engaging experiences for customers but are also housing increasingly more data. Often, this is accomplished through Application Programming Interfaces (APIs), which can be both external-facing, as well as connected on back-end systems. In addition, applications are becoming more modular or are broken into microservices.
As a result, legacy, rules-based web application firewalls (WAFs) like F5 and Imperva Incapsula are not equipped to keep pace with today's dynamic application and threat environments. These tools are increasingly unable to keep up with sophisticated, high-impact threats. Security teams need the right tools and strategies built for these new realities. Enter, the next-gen WAF.
But what's so different about a next-gen WAF? The term is circulated more frequently, but is it merely a buzzword?
ThreatX partnered with SANS Institute on an informative webcast to answer these questions. In 45-minutes, we take a practical look at the next-gen WAF and show how it differs from legacy WAFs, by tackling some of the trickiest problems in AppSec today, including:
- How to deliver highly accurate, real-time app protection without burdensome signatures or tuning
- Incorporating attacker-centric techniques that match today's threat landscape, including active interrogation and deception
- Stopping bots and malicious automation
- How to quickly and effectively extend security to APIs and microservice architectures
- Building security that automatically mirrors the speed and scale of DevOps without losing control
- Defending against website defacement attacks
By the end of the session, you'll be able to see how next-gen WAFs can tackle modern AppSec problems. Register to watch the on-demand recording.