Web Application Firewall (WAF)
Be proactive: locate vulnerabilities and stop cyber attacks before they reach your web server.
Organizations currently face complex and aggressive cyber threats every day, assaults that can damage your company and customers. But consider, 90% of all breaches occur via known vulnerabilities that could have been identified by proactive security assessments and continuous blocking of malicious attacks. Basefarm’s Vulnerability Assessment and Managed Web Application Firewall services protect against these threats.
Define, identify and classify vulnerabilities
The objective of a vulnerability assessment is to maximize the overall security of your environment and to discover and remediate vulnerabilities before attackers exploit them. The vulnerability assessment evaluates if and where your systems are open to attack through known vulnerabilities; this is the Achilles heel where the vast majority of successful breaches to your systems occur.
The tools we use are conceptually the same type of tools that attackers use. This enables us to find the vulnerabilities that an attacker is likely to find.
Detect vulnerabilities, both from the outside and from the inside
Our Vulnerability Assessments are performed both from outside our networks and from inside our networks, with full access to the environment it is testing. This ensures that we find not only the vulnerabilities exposed to the outside world, but also vulnerabilities that could be leveraged in the event that someone gains access to the internal network.
How does it work?
A member of our security team and your Service Manager at Basefarm work with you to specify which applications are in scope for the tests and the timing for conducting the test.
Typically, the tests are done off-peak hours:
for instance, 00:00 – 05:00 on weekdays.
Once the tests have been concluded, the security engineer provides you with a report describing the vulnerabilities that were found together with suggested remediation actions.
Ultimate external security for your website
Our managed Web Application Firewall (WAF) provides you with the ultimate external security for your website, offering both robustness and efficiency. The service uses a cyclic approach for continuous adaption to an ever-changing landscape of threats. Our solution is fully managed. We recommend changes and then implement them once you give us the approval.
How does it work?
The Web Application Firewall enables identification and blocking of OWASP Top 10 attacks such as SQL injections, command injections, XSS attacks and CSRF attacks.
It also identifies and blocks brute force attacks on your website. For example, hackers systematically trying all possible keys and passwords to gain unauthorized access.
PayEx needed to design, build and run their state of the art Nordic payment solution catering robustness, flexibility and cost efficiency. The platform needed to be PCI DSS compliant as it exchanges, processes and stores huge amounts of card data and financial information. The solution is mission critical and margins and reputation are built over time, by delivering payment services with high quality, competence and value. They needed a secure and stable environment and a partner with solid systems for operations and interaction, as well as an “advisor” regarding technology.
Basefarm designed the platform in close collaboration with PayEx. Since the PCI solution went live in the summer of 2011, it has now passed 300 million transactions with excellent performance, peaking at around 1.3 million transactions per day. PayEx use Basefarm actively and proactively in decision-making regarding the environment and other challenges related to technology.