Security News > 2020 > July > 40% of security pros say half of cyberattacks bypass their WAF
Cyberattacks bypass the WAF. 49% of security professionals reported more than a quarter of attempts to sidestep their WAF protocols had been successful in the last 12 months.
29% of respondents admitted they had found it difficult to alter their WAF policies to guard against new web application attacks, while just 15% said they had found the process very easy.
No fully integrated WAF. Despite many having already been on the receiving end of a successful web-application attack, 39% of respondents declared they do not have a WAF that is fully integrated into other security functions; a technique that is critical in developing a holistic defense against a variety of attack types.
Three in ten also claimed that half of network requests have been labelled as false positives by their WAF in the last year.
During March - April 2020, DDoS attacks and system compromise were ranked as the greatest concerns for security professionals, followed by ransomware and intellectual property.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/cN1W5Ol5g0E/
Related news
- MFA bypass becomes a critical security issue as ransomware tactics advance (source)
- EDRSilencer red team tool used in attacks to bypass security (source)
- Hackers Abuse EDRSilencer Tool to Bypass Security and Hide Malicious Activity (source)
- North Korean hackers create Flutter apps to bypass macOS security (source)