#azurewaf โ Public Fediverse posts
Live and recent posts from across the Fediverse tagged #azurewaf, aggregated by home.social.
-
๐๐๐ญ๐ ๐๐ข๐ฆ๐ข๐ญ๐ข๐ง๐ ๐ ๐๐๐ญ๐ฎ๐ซ๐ ๐๐จ๐ซ ๐๐ณ๐ฎ๐ซ๐ ๐๐๐ ๐จ๐ง ๐๐ฉ๐ฉ๐ฅ๐ข๐๐๐ญ๐ข๐จ๐ง ๐๐๐ญ๐๐ฐ๐๐ฒ ๐ง๐จ๐ฐ ๐ข๐ง ๐๐ซ๐๐ฏ๐ข๐๐ฐ
This feature allows you to define custom rules to limit the number of requests from different sources, such as IP addresses, geographies, or user sessions.
#azure #microsoft #azuresecurity #waf #webapplicationgateway #appsecurity #azureapplicationgateway #appsec #webapplicationfirewall #firewall #ddos #azurewaf #cybersecurity #cloud #cloudnative #cloudsecurity #soc
-
๐๐๐๐ฟ๐ฒ ๐ฆ๐ฒ๐ฐ๐๐ฟ๐ถ๐๐ ๐ก๐ฒ๐๐: ๐๐๐๐ฟ๐ฒ ๐๐๐ผ๐ฆ ๐ฆ๐ฒ๐ป๐๐ถ๐ป๐ฒ๐น ๐ฆ๐ผ๐น๐๐๐ถ๐ผ๐ป ๐ฎ๐ป๐ฑ ๐ช๐๐ ๐ฃ๐น๐ฎ๐๐ฏ๐ผ๐ผ๐ธ ๐๐ป๐๐ฒ๐ด๐ฟ๐ฎ๐๐ถ๐ผ๐ป
Learn how to how to integrate the Azure DDoS Sentinel Solution with the Azure WAF Playbook to enable a powerful automated detection and response system.
With this integration, the Azure DDoS Sentinel Solution and the WAF Playbook work together to prevent attacks with the steps described below:
1๏ธโฃDuring the first stage of a multi-vector attack campaign, initiated by a malicious actor, the DDoS attack floods the customerโs application, creating chaos and serving as a diversion for the subsequent attack.
2๏ธโฃUpon identifying the DDoS attack, Azure DDoS protection mitigates the attack and generates logs that are transmitted to Microsoft Sentinel.
3๏ธโฃMicrosoft Sentinel extracts the source IP addresses of the attackers from the logs and triggers the WAF Playbook.
4๏ธโฃThe WAF Playbook adds the attack IP addresses to a custom WAF rule with a block action. Azure WAF becomes ready to mitigate the forthcoming stages of the adversary's attack cycle.
5๏ธโฃHaving employed the DDoS attack as a smokescreen, the adversary now attempts to breach the application to take the sensitive data.
6๏ธโฃAzure WAF acts by blocking access from the source IP addresses of the attacker, thereby preventing them from reaching the data.
#azure #azuresecurity #azurenetworksecurity #ddos #azureddos #waf #azurewaf #sentinel #microsoftsentinel #microsoft #soc #automation #soar #siem #playbook #cybersecurity #microsoft #microsoftsecurity #cloudsecurity
-
๐๐๐๐๐ง๐๐๐ซ ๐๐จ๐ซ ๐๐๐๐ฌ ๐๐๐ญ๐ญ๐๐ซ ๐๐จ๐ ๐๐ญ๐ก๐๐ซ ๐ฐ๐ข๐ญ๐ก ๐๐ณ๐ฎ๐ซ๐ ๐๐๐ ๐๐ฉ๐ฉ๐ฅ๐ข๐๐๐ญ๐ข๐จ๐ง ๐ ๐ข๐ซ๐๐ฐ๐๐ฅ๐ฅ ๐๐ง๐ ๐๐ณ๐ฎ๐ซ๐ ๐๐๐ ๐๐๐ง๐๐ ๐๐ฆ๐๐ง๐ญ
The synergy of Microsoft Defender for APIs, Azure WAF, and Azure API Management forms a strong defense against API threats.
โ๏ธThe WAF on Application Gateway checks the request against WAF rules. If the request is valid, then it will proceed.
โ๏ธApplication Gateway directs the request to APIM.
โ๏ธAPIM accepts and properly maps the requests.
โ๏ธDefender for APIs inspects API endpoints and gives insight on whether the API is properly authenticated, inactive, and externally facing.
โ๏ธDefender for APIs monitors the traffic going to and from APIM to classify sensitive data and alert on exploits and anomalies.
๐๐๐๐๐ง๐๐๐ซ ๐๐จ๐ซ ๐๐๐๐ฌ
Defender for APIs provides visibility into crucial APIs. It facilitates a deep dive into your API security, allowing prioritization of vulnerabilities and quick detection of active threats. Key features include a consolidated view of managed APIs with security insights on external, inactive, or unauthenticated APIs, data classifications of sensitive data in API interactions, and machine learning-driven detection of API threats in alignment with the OWASP API Top 10.
๐๐ณ๐ฎ๐ซ๐ ๐๐๐ ๐๐๐ง๐๐ ๐๐ฆ๐๐ง๐ญ
Azure API Management caters to the entire API lifecycle. APIM includes an API gateway, management platform, and developer portal. The gateway manages requests, ensures authentication, transforms requests and responses, caches responses, enforces usage caps, emits logs, and more.
๐๐ณ๐ฎ๐ซ๐ ๐๐๐ ๐๐ฉ๐ฉ๐ฅ๐ข๐๐๐ญ๐ข๐จ๐ง ๐ ๐ข๐ซ๐๐ฐ๐๐ฅ๐ฅ
Azure WAF provides a centralized defense against web and API vulnerabilities like SQL injections and cross-site scripting attacks. With its rapid virtual patching, Azure WAF offers quick threat mitigation without needing to individually secure every web application.
#microsoft #azure #azurewaf #waf #api #defenderapi #sqlinjection #apim #apimanagement #defenderforapi #defenderforcloud #defender #cloud #cloudsecurity #cloudnative #soc #owasp #apithreats #cybersecurity
-
๐ ๐๐ณ๐ฎ๐ซ๐ ๐๐๐ โ ๐๐๐ฌ๐ค๐ข๐ง๐ ๐๐๐ง๐ฌ๐ข๐ญ๐ข๐ฏ๐ ๐๐๐ญ๐
WAF rules can thwart malicious requests containing personally identifiable info (PII). Azure WAF log scrubbing tool ensures data security. ๐ก๏ธ Safeguard your logs by removing sensitive data using custom rules.
Check out our latest blog where we dive into the log scrubbing feature and explore real examples. Discover how to strengthen your web app security today!
#AzureWAF #WebAppSecurity #Azure #waf #scrubbing #log #sentinel #siem #soar #pii #cloud #cloudsecurity #soc #cybersecurity #loganalytics
-
๐ ๐๐ณ๐ฎ๐ซ๐ ๐๐๐ โ ๐๐๐ฌ๐ค๐ข๐ง๐ ๐๐๐ง๐ฌ๐ข๐ญ๐ข๐ฏ๐ ๐๐๐ญ๐
WAF rules can thwart malicious requests containing personally identifiable info (PII). Azure WAF log scrubbing tool ensures data security. ๐ก๏ธ Safeguard your logs by removing sensitive data using custom rules.
Check out our latest blog where we dive into the log scrubbing feature and explore real examples. Discover how to strengthen your web app security today!
#AzureWAF #WebAppSecurity #Azure #waf #scrubbing #log #sentinel #siem #soar #pii #cloud #cloudsecurity #soc #cybersecurity #loganalytics
-
๐ ๐๐ณ๐ฎ๐ซ๐ ๐๐๐ โ ๐๐๐ฌ๐ค๐ข๐ง๐ ๐๐๐ง๐ฌ๐ข๐ญ๐ข๐ฏ๐ ๐๐๐ญ๐
WAF rules can thwart malicious requests containing personally identifiable info (PII). Azure WAF log scrubbing tool ensures data security. ๐ก๏ธ Safeguard your logs by removing sensitive data using custom rules.
Check out our latest blog where we dive into the log scrubbing feature and explore real examples. Discover how to strengthen your web app security today!
#AzureWAF #WebAppSecurity #Azure #waf #scrubbing #log #sentinel #siem #soar #pii #cloud #cloudsecurity #soc #cybersecurity #loganalytics
-
๐ ๐๐ณ๐ฎ๐ซ๐ ๐๐๐ โ ๐๐๐ฌ๐ค๐ข๐ง๐ ๐๐๐ง๐ฌ๐ข๐ญ๐ข๐ฏ๐ ๐๐๐ญ๐
WAF rules can thwart malicious requests containing personally identifiable info (PII). Azure WAF log scrubbing tool ensures data security. ๐ก๏ธ Safeguard your logs by removing sensitive data using custom rules.
Check out our latest blog where we dive into the log scrubbing feature and explore real examples. Discover how to strengthen your web app security today!
#AzureWAF #WebAppSecurity #Azure #waf #scrubbing #log #sentinel #siem #soar #pii #cloud #cloudsecurity #soc #cybersecurity #loganalytics
-
๐ ๐๐ณ๐ฎ๐ซ๐ ๐๐๐ โ ๐๐๐ฌ๐ค๐ข๐ง๐ ๐๐๐ง๐ฌ๐ข๐ญ๐ข๐ฏ๐ ๐๐๐ญ๐
WAF rules can thwart malicious requests containing personally identifiable info (PII). Azure WAF log scrubbing tool ensures data security. ๐ก๏ธ Safeguard your logs by removing sensitive data using custom rules.
Check out our latest blog where we dive into the log scrubbing feature and explore real examples. Discover how to strengthen your web app security today!
#AzureWAF #WebAppSecurity #Azure #waf #scrubbing #log #sentinel #siem #soar #pii #cloud #cloudsecurity #soc #cybersecurity #loganalytics
-
๐๐ง๐ญ๐ซ๐จ๐๐ฎ๐๐ข๐ง๐ ๐๐ณ๐ฎ๐ซ๐ ๐๐๐ ๐๐ฉ๐ฉ๐ฅ๐ข๐๐๐ญ๐ข๐จ๐ง ๐ ๐ข๐ซ๐๐ฐ๐๐ฅ๐ฅ'๐ฌ ๐๐๐ง๐ฌ๐ข๐ญ๐ข๐ฏ๐ ๐๐๐ญ๐ ๐๐ซ๐จ๐ญ๐๐๐ญ๐ข๐จ๐ง (๐๐ซ๐๐ฏ๐ข๐๐ฐ)!
Data privacy is paramount, and Azure Web Application Firewall (WAF) has taken a step forward with Log Scrubbing.
This preview feature allows you to remove sensitive information from WAF logs, ensuring enhanced privacy and compliance. Safeguard your data with Azure WAF's Log Scrubbing.
Learn more:
https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/waf-sensitive-data-protection
#DataPrivacy #AzureWAF #waf #logging #data #privacy #scrubbing #logscrubbing #azure #compliance #cloudnative #appsecurity #webapp #cybersecurity #microsoftsecurity #microsoft
-
Azure Networking has released an update which includes a feature that blocks domain fronting behavior on newly created customer resources, as well as feature enhancements to Azure Web Application Firewall (WAF). https://techcommunity.microsoft.com/t5/itops-talk-blog/what-s-new-in-azure-networking-january-2023-edition/ba-p/3724304 #AzureNetworking #DomainFronting #AzureWAF