Security News > 2022 > February > WAFs can’t give organizations the security they need

Cymulate reveals that web application firewalls are the least effective security solutions, making them prime target for adversaries and high risk points for organizations.

While the majority of companies are at medium risk of attacks, the technology sector is the most vulnerable followed by critical infrastructure and manufacturing.

Risks to the technology industry increased dramatically in 2021 from 2020 with a rise in spear phishing attacks attempting to gain a foothold.

While the critical infrastructure sector's most problematic area is data exfiltration, i.e. the unauthorized movement of data or data theft.

"Attackers however have become very adept at taking advantage of existing gaps left by the rush towards productivity and adapting progressing information architectures. And when organizations fail to put metrics in place for their security programs, these gaps remain open and can lead to devastating consequences from immediate threats and data theft."

Attackers took full advantage of overly permissive accounts without multi-factor authentication, malicious Microsoft Macros and Adobe PDF extensions as well as benign decoy files and Windows API functions resolved at run-time, to launch successful attacks.

News URL

https://www.helpnetsecurity.com/2022/02/16/web-application-firewalls-effective/