WEBINAR Summary 2021

"Let's WAF with Prophaze "

The webinar was based on "5 facts CISO's need to know about WAF" followed by a panel discussion by experts on "All about WAF" and a Q&A session.

Webinar-banner-main2-2021

The points discussed in the former were as follows:

API Security incidents are on the rise and Web APIs require advanced security. The five crucial  things that needs to be taken care while choosing a WAF are: 

  • A good WAF must provide automated deployment and configurations.
  • A good WAF must provide security without compromising various data compliances.
  • A good WAF does qualitative blocking rather than quantitative.
  • A good WAF ensures quick, reliable and near to accurate protection by deploying AI and ML.
  • A good WAF ensures application scalability and availability.

The contrast between existing web application security solutions and Prophaze Cloud-native application security:

Existing web application security solutions are cloud non-native, rule-based, not dynamically scaling, costly, prone to false positives and labour intensive.

Prophaze cloud-native application security solution has AI/ML-based threat profiling, increases application performance, has threat intelligence and follows 6 steps to secure approach.

Panel Discussion

  1. Frank Luzsicza, CEO, Lodestone has years of experience in the field and he believes that we are seeing an increase in client demands for better solutions and this is partly because of rapid digitization & due to the pandemic most of the companies have been pushed to work from a home model and cloud security is being adopted at an unprecedented pace. As IT is managing and protecting infrastructure with traditional solutions, the application layer is much less structured. That’s the push for next-gen WAF. The push to the cloud is creating volumes of systems, applications and essentially the threat landscape is increasing and becoming humanly impossible to manage. Therefore the aid of machine learning and AI is essential.

Volume= need to integrate with existing solutions

 

  1. Glenn Bruk, Manager, Guidespark states that false alerts can be overwhelming especially in the initial stages of WAF installation. However, Prophaze provides a smooth and simplified dashboard with a lot of filtering solutions to manage all the incoming traffic. Providers with good customer support and open feedback help streamline this strenuous task.

 

3.According to Dhruv Khanna, Founder of Dataresolve, WAFs have changed a lot. They no longer sit on the perimeter as a layer of defence. The adoption of next-gen WAFs has been highly compliance-driven in well-governed/regulated sectors such as Fintech. Also, it has been adopted faster than anticipated, spanning 100 countries now. To cater to the growing customer base, seamless security integration has become a necessity. E.g., Prophaze goes live in just 6 steps.

 

  1. Our CEO, Vaisakh T R stated that prophaze is better compared to established competitors and traditional WAFs because its product is focused on resolving existing customer pain points. Also, a lot of existing competitors started as CDN vendors, Cloud vendors etc. and are not purely WAF focused, unlike a few companies which are purely WAF technology-focused due to which we see gaps in former’s technologies. Prophaze is also differentiated as it is born in microservices, Kubernetes etc. which is where the technology is moving.

 

  1. Dhruv Khanna showed his decades of experience by highlighting why in today’s WAF landscape, product features are very important. The “must-have” features end up winning as the value for money is great for the customer. SaaS-based models are now being required to provide proof of their product effectiveness and POC durations have now been extended. The right set of steps and warranties are embedded in the contract now when agreements are getting executed. Boards have become more conscious about cyber security.

 

  1. Vaisakh T R also stated that hackers building highly sophisticated attacks using big data, public cloud services is one of the biggest challenges companies are facing. Traditional WAFs are rule/signature-based due to which they won’t work anymore as Bots now have their independent browser stack and can use land IPs etc. All this is why AI/ Behavioural analysis has become a must. Prophaze follows a hybrid approach that integrates AI and human intelligence to train the system and identify anomalies as well.

 

  1. Frank Luzsicza highlighted that the cost of data breach according to the Ponemon Institute report 2021 has increased from $3.8 million to $4.2 million. The cost per record stolen is now at $180/record. SMEs and SMBs are hit the hardest due to the downtime caused by attacks as they are not equipped to handle them. The real cost of the breach is not only financial but is stressful for the stakeholders, CIOs, customers etc. as well.

Q&A Session

It contained a riveting discussion as well where experts interacted with the audience and answered their questions. Topics like differentiators of Prophaze, applications of WAF, volumetric attacks, qualitative attack blocking, Business efficiency in respect to WAF performance, zero-day attack blocking, SIEM integration, CIS Log forwarding and a lot more were discussed in depth.

Conclusion

Due to the above points it is now evident that next-gen firewalls are the need of the hour. The industry is becoming more compliance driven and seamless integration focused. WAF vendors need to step up to the challenge as downtime in critical sectors can be very expensive and dangerous. Overall it was quite an insightful session where we received positive feedback.

Get the demo
Cloud WAF | US (+831) 217-6365

Prophaze Team is happy to answer all your queries about the product.