Many years ago, bring your own device (BYOD) and its twin, work from home (WFH) began whittling away at the network perimeter. More recently the adoption of cloud services has added an expanded perimeter that requires specialized security technologies to address the new attack vectors that are being exploited by state-sponsored attackers as well as opportunistic cybercriminals. A critical piece of these cloud-centric defenses are Advanced Cloud Firewalls (ACFWs). As is the case with all security products, the efficacy of these solutions is paramount. However, operational efficiency is also critical. Operational efficiency encompasses a wide array of aspects ranging from deployment to policy management to business continuity management, and much more. The higher the operational efficiency the less total cost of ownership (TOC) and the less the odds mistakes causing security lapses induced by complexity.
Twelve leading ACFW solutions were tested against multiple distinct enterprise-centric categories, involving attack vectors of more than 1000 real-world operational scenarios. Twelve classes of operational metrics were evaluated for each product. The comparative report provides a high-level comparison the security efficacy and operational efficiency of the tested ACFWs
Default configurations and rule sets were used for the majority of the products in this test. “Detect Only” mode settings that were part of default configurations were modified to “Block” mode, with default rulesets and publicly available vendor recommendations used as applicable.
Cloud Web Application Firewall (WAF) CyberRisk Validation Reports 2022
Bring Your Own Device (BYOD) and the remote workforce have dissolved the network perimeter and expanded the enterprise attack surface. While we combat the rise in threats to our cloud and hybrid environments, cost savings and operational simplicity drive organizations to adopt cloud-native and cloud-driven application architectures. These include API-driven, multi-tenant and multiuser applications. The ubiquitous adoption of the cloud is not without challenges. Web application-based vulnerabilities are among the top breach vectors. Cloud-based web application firewalls (WAFs) are designed to protect web applications without interrupting business continuity in the cloud-first world.
More than 9,000 attacks were tested against each of the 14 products validated. Individual reports simplify and summarize our findings and include group averages for context. Individual reports for the 14 tested solutions are published below. The comparative report provides a high-level comparison for security efficacy, operational efficiency, and return on security investment (ROSI).
Default configurations and rule sets were used for the majority of the products in this test. “Detect Only” mode settings that were part of default configurations were modified to “Block” mode, with default rulesets and publicly available vendor recommendations used as applicable.
Cloud Web Application Firewall (WAF) CyberRisk Validation Reports 2021
The remote workforce has transformed the network perimeter and driven organizations to the cloud. Attackers have also adapted to the new IT landscape. Web application-based vulnerabilities are among the top breach vectors. The Web Application Firewall (WAF) remains the most frequently used security control to protect web applications against attacks. To help organizations, SecureIQLab has validated the security efficacy and operational efficiency of nine popular web application firewalls. This effort will help organizations understand the return on security investment for WAF solutions and evolve their network defenses to prevent web servers and their applications from being exploited.
More than 22,000 attacks were tested against each of the products validated. Individual reports simplify and summarize our findings and include group averages for context. Individual reports for the nine tested solutions are projected to publish over the next few weeks and culminate with a comparative report. The comparative report will provide a high-level comparison for security efficacy, operational efficiency, and return on security investment.
Default configurations and rule sets were used for the majority of the products in this test. However, any “Detect Only” mode settings that were part of default configurations were modified to “Block” mode, with default rulesets used as applicable.
Cloud WAF CyberRisk Validation Methodology
Attackers have moved up the stack. They are no longer simply attacking the web server and its underlying operating systems; they are attacking the web applications running on the web server that are front-ending critical corporate data. Such applications are often incredibly complex and difficult to secure effectively, and simple coding errors can render them wide open to remote exploits.
To help organizations regain the upper hand against current attacks, SecureIQLab has undertaken the validation of popular web application firewalls in an effort to help enterprises understand the return on security investment for WAF solutions and evolve their network defenses to prevent web servers and their applications from being exploited.
The evaluation of Cloud WAF will be based on blocking attacks against application and API based security threats, seamless integration, and deployment and scalability handling. We will also validate against compliance.
The evaluation of XDR will be based on blocking blended attacks across multiple security layers – email, endpoint, server, cloud workload, and network. Alerts will be evaluated from an operational perspective.
A combination of four solutions will be evaluated: Firewall, SWG, CASB and ZTNA
Privacy Notice: Your privacy is SecureIQLab's priority. We do not sell or otherwise share personal information for profit.
We use cookies on our website to ensure you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SecureIQLab Announces Partnership with Omdia to Form an Unprecedented Alliance Between Cybersecurity Testing Lab and Renowned Research Group to Validate XDR Solutions