Tuesday, July 2, 2019

AppTrana — Website Security Solution That Actually Works


Data loss and theft continues to rise, and hardly a day goes by without significant data breaches hit the headlines.

In January 2019 alone, 1.76 billion records were leaked, and according to IBM's Data Breach study, the average cost of each lost or stolen record has reached about $148.

Most of these data leaks are because of malicious attacks, where exploitation of web application vulnerabilities is one of the most common cyber attack vectors.

An application security breach is a problem facing one and all, and no matter what's the size of your company, your web applications are prone to cyber attacks.

Hackers breach sites for a variety of reasons—some do it for fame, some to get competitive information, whereas some do it just for financial gains. No matter what the reason is, the cost of a security breach is always higher than the cost of protection, leading to loss of data, substantial financial losses, and most importantly, loss of customers' trust.

If you are a small or mid-size company beginning to make your mark, such data breaches can be fatal.

What is more worrisome is that the cost of a data breach and extent of breaches are growing exponentially year on year, and all these points that the existing solutions are ineffective.

When it comes to application security—WAF (Web Application Firewall) is one of the best-known defences.

While most of the existing solutions fail to protect your organization from such attacks, as they take "one size fits all cookie-cutter" approach, WAF generally comes with standard out of the box rules without understanding specific application needs.

Perils of such an approach are:

  • There is very little understanding of the application context and vulnerabilities specific to the application that hackers can exploit are left unprotected. As the saying goes, security is as good as the weakest link.
  • Most scanners are ineffective when it comes to single page JavaScript-based heavy sites. Moreover, gaps in business logic vulnerabilities can only be found through pen-testing. Results imported from such scanners are at first inadequate, and most often, protection posture is not accurately identified by WAF.
  • Out of box rules are good in an ideal scenario. But as in life, applications in the real world are far from ideal, leading to a lot of false positives and false negatives, making the solution ineffective.
  • Proper implementation of WAF requires tuning of standard rules to meet application-specific needs, but unfortunately, this needs a lot of expertise and time, which are not easy to find.

All this leads to bad implementation of website security, and right vulnerabilities remain undetectable, where WAF is more often deployed in monitor mode in fear of FP's.

AppTrana is Indusface's revolutionary solution that has been built specifically to address such shortcomings in existing cloud security solutions.

AppTrana

provides a completely managed, highly reliable, extremely affordable SaaS solution for securing web applications.

With AppTrana, organizations can get:

  • Protection within minutes with zero downtime during the entire transition,
  • Access to highly scalable PCI compliant, infrastructure for their web application security that is scalable to terabytes of data seamlessly with no configuration required from the customer side,
  • Ability to detect vulnerabilities, protect them instantly through virtual patches created by experts and get round the clock visibility to risk posture through integrated AppTrana portal,
  • Get round-the-clock, experts monitored protection for the site against sophisticated DDOS attacks, and
  • Integrated CDN ensures that customers are not forced to choose between speed and security.

Using AppTrana, organizations can concentrate on business without worrying about security, speed, and availability of their website.

The Approach

Indusface approaches the problem of application security differently from traditional vendors.

With AppTrana, organizations can identify the vulnerabilities in the application through its automated and premium (manual penetration testing done by experts) scans. This guarantees that an organization understands the risk posture of their application upfront.

AppTrana's advance scanner works seamlessly with new-age JS-based heavy sites and is built bottom-up with the integration of WAF in mind, providing it with the ability to learn from WAF traffic insights as well as feeding back the vulnerability status to WAF for protection.

AppTrana enables organizations to provide immediate website protection through virtual patching with its WAF module.

For this, AppTrana provides:

  • Advance Rules – Rules which are written by security experts and that comes with zero false-positive guarantees.
  • Premium Rules – Complex rules for enhanced protection, which may possibly generate some FPs based on particular application design and behavior. These are applied in log mode, monitored and tuned to ensure 0 FP for an application before being put in block mode.
  • Custom Rules – Application-specific rules written by security experts with zero false-positive guarantees based on customer request.

With this approach, AppTrana ensures that security is tuned to meet specific application needs guaranteeing zero false positives.

Also, AppTrana provides around the clock monitoring and expert support to mitigate sophisticated application DDOS attacks, ensuring the availability of your site.

Typical customer journey looks like follows:

With the tightly integrated WAF and Scanner modules, AppTrana ensures that there is constant learning, which is shared across both, improving the efficacy of detection and protection.

For example, deep learning in WAF allows AppTrana to provide a context of application to the scanner that ensures better crawling and detection.

Such integration provides AppTrana unfair advantage that allows Indusface to provide superior protection to its customers.

Plans

You can choose any of the below-listed plans to start the AppTrana Journey.

  • Basic Plan – Free for life. Get started by Identifying Risk Posture of your site through AppTrana's automated scanner.
  • Advance Plan – At $99/month with 14 days free trial. Get started with immediate protection to the vulnerabilities detected.
  • Premium Plan – At $399/month get complete AppTrana Protection. It comes with one premium scan for every 12 months and unlimited custom rules.

Getting Started

If your organization is interested, you can sign up for AppTrana protection at any point at apptrana.com, and entire onboarding can be done with zero downtime.

You will be requested to provide the domain you would like to protect and then would be asked to verify the configuration; you can choose to enable CDN now or can do the same from settings page later.

Next, you would be requested to provide your SSL certificate, which is required to decrypt and monitor https traffic for attacks. Indusface assures the certificate is encrypted, stored securely, and no one in the company has direct access to customer certificates.

Alternately, your organization can choose to use LetsEncrypt free certificate in which case AppTrana will automatically generate the certificate for the domain, and the organization need not provide any certificate.

Your organization can also choose to buy an Entrust certificate from Indusface.

That's it, now you will be asked to make CNAME change to have traffic diverted to AppTrana infrastructure and onboarding will be completed, and protection will start immediately.

The Journey

Customers journey starts from the point they make their DNS change. Once the protection starts, a few things happen:

  • The sites get immediate protection with Advance Rules that are fine-tuned to ensure any FP's. DDOS Protection also gets enabled.
  • A request is sent to Indusface's Managed service team to monitor traffic.
  • Automated Scan of the site starts that helps AppTrana identify the risk posture of the website. Scan generally takes a few hours to complete depending on the complexity of the site. If the customer wants to do an authenticated scan, then they could provide it from the settings page.
  • Once the scan is complete, customers would get a risk profile mail, which will tell them how many vulnerabilities were found that matters. Customers can view further details by logging to the portal.
  • This page provides all the vulnerabilities that have been detected and their protection status, based on which customers can take further action like requesting custom rule, where the request goes to Indusface managed service team and would create specific rules for the site.
  • Customers can also get their manual Pen-Testing audit done. They can request for the same from the detect page. If it is asked for, Indusface's security experts would reach out to the customers and understand their needs and do a manual audit to find vulnerabilities that automated scanners cannot. It generally takes 3-4 weeks for the experts to complete the audit and publish the report. Once the report is published, the vulnerabilities found will show up in the detect page, and the customers can request for a custom rule as needed.
  • Meanwhile, the company's managed service team will monitor the traffic for 14 days and move the site to Premium rules after making necessary adjustments.

Once the site is moved to the Premium rules, Manual penetration testing is done, and all vulnerabilities are protected, the onboarding journey is complete, and the site is completely secured.

As you can see, the entire journey is managed by Indusface team as promised, and there is very little activity that is expected from the customers' except requesting certain action based on their needs.


Continuous Monitoring

Now, the site moves to a continuous monitoring state. Rules are fine-tuned by Indusface's Managed Service team continuously based on need. Additional rules are added continuously by Indusface team without any action required from the customers.

Customers are encouraged to start automated scans at least once a month to be up to date on their Risk profile.

Even if changes are not made to site as new signatures are added continuously to the scanner, there is a high probability that new vulnerabilities may be found. Customer can monitor the effectiveness of rules from Protect page.

Being a completely managed solution, Indusface team is always on standby 24*7 to help its customers thwart any sophisticated Layer 7 DDOS attacks as the need arises.

Conclusion

If you are an SME or MSE and are looking for an application security solution that works, then you need not look further.

With a tightly integrated scanner, WAF, and CDN modules, AppTrana is one of the effective solutions in the industry that can guarantee comprehensive protections.

The features explained here are just the tip of the iceberg. We would strongly urge you to sign up for a free trial and explore AppTrana's capabilities firsthand.

Start with

AppTrana free trial

now, and for additional information, check out the

whitepaper section

.



from The Hacker News https://ift.tt/2KSco5a

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.