Most security pros think a WAF is high maintenance

2021-02-19 05:30

An organization's web application firewall is a critical line of defense in protecting proprietary and customer data, but the concern is that some organizations are spending an outsized allotment of resources on modifying these mission-critical elements, a Neustar report reveals.

Orgs often communicating with their WAF vendors' SOC. According to survey findings, half of organizations are communicating with their WAF vendors' security operations centers on at least a monthly basis to manage security threats, while another third are communicating bi-monthly.

DDoS attacks continue to be the top concern among organizations, with 22% citing such attacks as the highest potential threat.

"Organizations may have a highly tuned, up-to-date WAF on premises, but the sheer amount of traffic and potential threats can ensnare resources and impact the ability to introduce greater precision to those key systems," said Rodney Joffe, Chairman of NISC, SVP and Fellow, Neustar.

"Steps can be taken to maintain the integrity of security systems, and potentially enhance performance, by augmenting efforts with third-party, always-on security resources."

Further, Joffe notes, "Some of the most robust cloud-based solutions can provide consistent coverage wherever an application is hosted, whether it's a data center or the cloud. The right SOC support provides assurance that emerging threats are being neutralized, enabling organizations to focus their efforts on honing their WAF for optimal performance."

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/Nj_eQmDR-y8/

#security #WAF