Web Application Exploit Protection

Defenses against 15 classes of application vulnerabilities

The Web Application Firewall employs a positive security model to protect against attacks exploiting any one of the 15 classes of application vulnerabilities. Without complete, 15-out-of-15-protection, applications are exposed to unnecessary risks.

  1. Buffer overflow exploits – A common type of input validation attack that overflows a buffer with excessive data. Successfully executed, the hacker can run a remote shell on the machine and gain the same system privileges granted to the application being attacked.
  2. CGI-BIN parameter manipulation – An input validation attack that illegally modifies data that is passed to a server-side script. Without proper validation of query parameters passed to CGI scripts, a hacker can gain unauthorized system privileges allowing him to modify files, run commands and execute other operations.
  3. Form/hidden field manipulation – Modifying the contents of a hidden field in an attempt to trick the application into accepting invalid data.
  4. Forceful browsing – Access of unauthorized and unadvertised URLs to gain access to the root directory of a Web server, or other areas that should be off limits.
  5. Cookie/session poisoning – Reverse engineering weak cookies to steal a user’s session or impersonate a legitimate user of an application.
  6. Broken ACLs/weak passwords – Circumventing an application’s access control system by requesting resources for which the user should not have access.
  7. Cross-site scripting (XSS) – Attacking the trust relationship between a user and a Web application. Tricking the user or the user’s browser into sending an attacker confidential information that can be used to steal that user’s identity.
  8. Command injection – Inserting system commands in program variables such as form fields, that get inadvertently executed on the server.
  9. SQL injection – An input validation attack that sends SQL commands to Web applications, which are then passed to a back-end database. Successfully executed, the hacker can gain access to a sensitive information store.
  10. Error triggering sensitive information leaks – Feeding malformed, illegitimate data to an application with the goal of generating errors and gaining sensitive information about the application environment.
  11. Insecure use of crypto – Exploiting an application’s use of a weak cryptographic algorithm in digitally signing cookies.
  12. Server misconfiguration – Exploiting server misconfigurations, including the failure to fully lock down or harden the Web server, disable default accounts and services, or remove unnecessary functionality.
  13. Back doors and debug options – Exploiting application back doors or debug code on production systems.
    Web site defacement – Malicious modification of Web pages.
  14. Well-known platform vulnerabilities – Exploiting unpatched vulnerabilities of Web servers or operating systems to gain unauthorized access to an application.
  15. Zero-day exploits – A vulnerability that is exploited before it is announced publicly and before vendor-developed patches, signatures or other fixes are available.

Web Application Exploit Protection is a component of our Web Application Firewall Service.
Learn more about this service, our cloud platform, intuitive web-based management interface, pricing, 24x7 support and more by visiting our Web Application Firewall overview page.