Www.cyberoam.com © Copyright 2012 Elitecore Technologies Ltd. All Rights Reserved. Securing You Web Application Firewall Protection CYBEROAM UTM’s Unified

www.cyberoam.com © Copyright 2012 Elitecore Technologies Ltd. All Rights Reserved.

Securing You

Web Application Firewall Protection

CYBEROAM UTM’s

Unified Threat Management

Our Products


Securing You

Top 5 outcomes of Web Application Attacks

Leakage of Information 20.38%

Defacement 18.47%

Planting of Malware 14.01%

Monetary Loss 12.74%

Downtime 12.74%


Securing You

Types of Web App Attacks/Vulnerabilities:Types of Web App Attacks/Vulnerabilities:

VulnerabilitiesInvalidated Input

Broken access control

Broken Authentication/Session mgmt

denial of service

Cross site scripting flaws

Buffer overflows Attack Methods – the weapons SQL Injection

Cross-site scripting (XSS)

Cookie poisoning

Session hijacking, …


Securing You

What is stopping majority of us from investing in a Web Application Firewall?


Securing You

80% of web applications have a vulnerability waiting to be exploited.

90 percent of all attacks today are aimed at the website and its supporting applications.

Aren’t we leaving too much to luck?

Human NatureHuman Nature


Securing You

Most of us believe web application attacks cannot happen in our organization…

The “It can’t happen to me” syndrome!The “It can’t happen to me” syndrome!


Securing You

Slide 7

Attacks that made the news…Attacks that made the news…

XSS Vulnerability in Facebook Translations Posted on: 8 March 2011

September 16, 2010

Polish hacker gets inside US Military's

Defense Logistic Agency website


Securing You

Attacks that didn’t make the newsAttacks that didn’t make the news


Securing You

The Powerful Hacker Community…The Powerful Hacker Community…


Securing You

Ignorance about attacks on Internal web applicationsIgnorance about attacks on Internal web applications

kb.abccorp.com

intranet.abccorp.com

anyintranet.com

anycamera.com

anypos.com

anypayroll.com

anysmall_erp.com

anyinternal_app.com

finally anything_over_http(s).com


Securing You

Traditional security solutions aren’t effective against web application attacks

Living under a false sense of security!Living under a false sense of security!


Securing You

What your Firewall, IPS, UTM cannot do…What your Firewall, IPS, UTM cannot do…

Firewalls/IPS cannot protect a web application from unknown threats


Securing You

But the biggest barriers to WAF purchase are… But the biggest barriers to WAF purchase are…

Cost of damage Vs Cost to Protect

Vs

Time To implement

To maintain

Fear of Complexity


Securing You

Cyberoam Web Application Firewall is the answer…Cyberoam Web Application Firewall is the answer…

Best of breed WAF:

Expensive

Time-consuming

Complex

Cyberoam WAF Subscription :

Affordable

Easy to deploy

Doesn’t require changes in existing set up

Vs

IT Manager


Securing You

How does Cyberoam WAF work?How does Cyberoam WAF work?


Securing You

Positive protection model and No Signature Tables

Intuitive website flow detector Automatically adapts to website

changes

Protects against OWASP top 10 vulnerabilities

SSL Offloading

Monitoring & Reporting

Slide 16

Cyberoam UTM’s WAF – Feature SetCyberoam UTM’s WAF – Feature Set


Securing You

Thank you!

The WAF subscription is available on 50ia, 100ia, 200i, 300i, 500ia, 750ia, 1000ia, 1500ia series of UTM appliances.

Documents

Www.cyberoam.com © Copyright 2012 Elitecore Technologies Ltd. All Rights Reserved. Securing You Web Application Firewall Protection CYBEROAM UTM’s Unified