Is a managed WAF service a good fit for your organisation?

Fortra may be a new name in the cybersecurity space, but it is a company with a long heritage, starting out in 1982 as Help/38, then HelpSystems, providing scheduling, automation and security solutions for IBM.

It began its pivot to cybersecurity in 2019, when it embarked on a spending spree. Since then, it has acquired some 16 companies, almost all of which are in the security space. Today, it offers solutions for data security, infrastructure protection, managed services, and threat research and intelligence.

One of its most recent acquisitions, in March 2022, was of Alert Logic, well known and respected in the managed detection and response (MDR) space. As part of its MDR offering, Alert Logic provided a web application firewall (WAF) as an optional add-on. It was one of the only MDR vendors to offer this capability.

This has now been spun out as a separate offering, available with or without the other managed services that Fortra provides for customers. It has now become Fortra Managed WAF.

Web applications are a magnet for attackers

WAFs are incredibly important for any organisation that has a large web presence, which can cover everything from a small business to a global enterprise. They are seen as preventive technology, providing a practical approach towards protecting web application and data assets. Web applications are considered to be the biggest threat vector, being the entry point for many attackers who are looking to compromise users and the network. Any compromise can have serious consequences, including a loss of trust in the organisation, compliance problems and financial ramifications such as extortion.

WAFs are, however, complex and can be costly to manage. They can suffer from performance problems since they must monitor huge amounts of traffic flowing into and out of an organisation via the web interface.

Managed WAF services take away much of the pain

This is where managed WAF services come into play. They are extremely useful for overstretched security teams whose efforts could be better directed elsewhere. By handing WAF management off to a managed services provider, an organisation will benefit from support, around the clock monitoring, maintenance and tuning of application aware policies by experts who will proactively shield it from web exploits, as well as unknown web and API threats, providing it with the protection that it needs in a highly efficient manner.

A managed WAF service will employ predefined rules covering multiple thousands of exploits for protecting commercial or bespoke applications and that take the requirements of multiple regulations and industry standards into account. The service will offer protection for known and unknown threats through traditional techniques such as the use of signatures as well as behavioural threat detection to look for abnormalities from what is expected. Threat intelligence is also a vital component, enabling insights gained from across the customer base to be leveraged and for emerging techniques used by attackers to be tracked. These can form the basis of policy upgrades that are distributed to customers in the light of changing situations. Traditional WAFs do not offer most of these capabilities.

Attackers are exceptionally agile, determined and well-resourced. Keeping up with them, let alone stopping them in their tracks, is a tough challenge to overcome. With business-critical applications and websites at stake, subscribing to a managed WAF service should appeal to any organisation.