Testing web application firewalls (waf) accuracy

•Als PPTX, PDF herunterladen•

1 gefällt mir•2,433 views

This presentation discusses how to properly measure the accuracy of Web Application Firewalls. The presentation explain the 4 attributes that must be measured (FP, FN, TP, TN) and how to properly calculate a WAF's accuracy.

Technologie

WAF Accuracy Testing Done Properly
Introducing AWT framework
Ory Segal, Director of Threat Research

©2015 AKAMAI | FASTER FORWARDTM
WAF Accuracy Lingo
• Imagine a WAF that protects against 100% of all possible attack vectors
…by blocking 100% of all HTTP requests
• Accurate WAF testing requires you to measure:
• How many real attacks got blocked (TP)
• How much valid requests were allowed through (TN)
• How much valid traffic was inappropriately blocked (FP)
• How many attacks were allowed through (FN)
• Lets talk about Precision, Recall, Accuracy, MCC…

©2015 AKAMAI | FASTER FORWARDTM
Precision, Recall, Accuracy, MCC
% of blocked requests that were actual attacks
% of attacks that were actually blocked
% of decisions that were good decisions
* MCC: http://en.wikipedia.org/wiki/Matthews_correlation_coefficient
Correlation between WAF decisions
and actual nature of requests
Precision =
tp
tp+ fp
Recall =
tp
tp+ fn
Accuracy =
tp+tn
tp+tn+ fp+ fn
MCC =
tp×tn
(tp+ fp)(tp+ fn)(tn+ fp)(tn+ fn)

©2015 AKAMAI | FASTER FORWARDTM
Lets Look at Some Examples
A WAF’s accuracy needs to be measured both in its ability to block attacks, as
well as it’s ability to allow good traffic through…
WAF Type Requests Valid Attacks Blocked TP TN FP FN P R A MCC
Real 1000 990 10 11 8 987 3 2 0.73 0.8 0.995 0.76
Off 1000 990 10 0 0 990 0 10 N/A 0 0.99 0
Always Block 1000 990 10 1000 10 0 990 0 0.01 1 0.01 0
Noisy 1000 990 10 31 8 967 23 2 0.26 0.8 0.975 0.45
Conservative 1000 990 10 2 2 990 0 8 1.00 0.2 0.992 0.45

©2015 AKAMAI | FASTER FORWARDTM
WAF Testing Framework Requirements
• A tool that will send both valid traffic and real attacks
• Easy addition of test cases (both valid & attacks)
• Accuracy statistics gathering – FP, FN, TP, TN, P, R, A, MCC
• Rich info about each test that was sent – full request, response,
expected behavior, request nature
• Reporting capabilities

©2015 AKAMAI | FASTER FORWARDTM
Introducing:
Akamai WAF Testing Framework

©2015 AKAMAI | FASTER FORWARDTM
Akamai WAF Testing (AWT) Framework
• Written in Python
• Test cases are represented as textual files (.awt)
• Options to create or add new test cases:
• Write text files
• Use a “Burp Extender” to record web interaction (meaningful requests only)
• Transform Wireshark .pcap files (only ports HTTP traffic)
• Multithreaded – can be very fast, or very “considerate”
• Configurable and can work with any WAF
• Intuitive XML & HTML reports
• Easy debugging of FP/FN

©2015 AKAMAI | FASTER FORWARDTM
AWT Built-In Test Cases
In order to accurately assess WAF, we collected test cases from the
following sources:
Retrieved valid traffic from Akamai’s Cloud Security
Intelligence big data platform
Recorded manual interaction with top “problematic”
web sites
Ported known “false positive” test cases from other
tools
Commercial web scanners
Popular SQLi tools
Exploits from the internet
(fuzzers, exploit-db, …
Traffic database is divided to 95% / 5%
Automatic crawling of Alexa Top 100 internet sites
Malicious traffic from
Akamai’s Cloud Security
Intelligence big data
platform

©2015 AKAMAI | FASTER FORWARDTM
AWT Reports - Example

Weitere ähnliche Inhalte

Was ist angesagt?

Room 2 - 3 - Nguyễn Hoài Nam & Nguyễn Việt Hùng - Terraform & Pulumi Comparin...

Vietnam Open Infrastructure User Group

Advanced ClearPass Workshop

Aruba, a Hewlett Packard Enterprise company

Super Easy Memory Forensics

IIJ

Introduction to CICD

Knoldus Inc.

Computer Security - CCNA Security - Lecture 2

Mohamed Loey

Fortigate Training

NCS Computech Ltd.

OAuth 2.0 Integration Patterns with XACML

Prabath Siriwardena

Derbycon - The Unintended Risks of Trusting Active Directory

Will Schroeder

This talk will provide an introduction to injection options of Envoy and then deep dive into ongoing Linux kernel work that enables injecting Envoy while introducing as little latency as possible. The servicemesh and the sidecar proxy model are on a steep trajectory to redefine many networking and security use cases. This talk explains and demos a new socket redirect Linux kernel technology that allows running Envoy with similar performance as if the sidecar was linked to the application using a UNIX domain socket. The talk will also give an outlook on how Envoy can use the recently merged kernel TLS functionality to gain access to the clear text payload transparently for end to end encrypted applications without requiring to decrypt and re-encrypt any data to further reduce the overhead and latency.

Accelerating Envoy and Istio with Cilium and the Linux Kernel

Thomas Graf

ClearPass Policy Model - An Introduction

Aruba, a Hewlett Packard Enterprise company

Practical DevSecOps Course - Part 1

Mohammed A. Imran

aclpwn - Active Directory ACL exploitation with BloodHound

DirkjanMollema

Network Penetration Testing

Mohammed Adam

Service mesh

Arnab Mitra

OWASP Top 10 2021 Presentation (Jul 2022)

TzahiArabov

Podman was created to be an alternative to Docker. It bears many similarities to the popular containerization tool, but it also differs in some important aspects. Podman is daemonless, unlike Docker, which uses a client-server paradigm. While Docker needs a daemon process to maintain the connection between the client and the server, Podman is a single main process with containers as child processes. Due to its architecture, Docker requires root privileges. Podman is rootless by design. Docker is a monolithic platform that strives to be an all-in-one solution for container management. Podman, on the other side, focuses on running containers. It utilizes specialized tools for other functionalities - for example, it uses Buildah for building images, and skopeo for image management and distribution.

Podman Overview and internals.pdf

Saim Safder

Cloud Native Applications Maturity Model

Jim Bugwadia

Istio ambient mesh uses a sidecar-less data plane that focuses on ease of operations, incremental adoption, and separation of security boundaries for applications and mesh infrastructure. In this webinar, we'll explore: - The forces of modernization and compliance pressures, - How Zero Trust Architecture (ZTA) can help, and - How Istio ambient mesh lowers the barrier for establishing the properties necessary to achieve Zero Trust and compliance

Compliance and Zero Trust Ambient Mesh

Christian Posta

Docker + WASM.pdf

Catalin Jora

Service meshes are relatively new, extremely powerful and can be complex. There’s a lot of information out there on what a service mesh is and what it can do, but it’s a lot to sort through. Sometimes, it’s helpful to have a guide. If you’ve been asking questions like “What is a service mesh?” “Why would I use one?” “What benefits can it provide?” or “How did people even come up with the idea for service mesh?” then The Complete Guide to Service Mesh is for you.

The Complete Guide to Service Mesh

Aspen Mesh

Was ist angesagt? (20)

Room 2 - 3 - Nguyễn Hoài Nam & Nguyễn Việt Hùng - Terraform & Pulumi Comparin...

Advanced ClearPass Workshop

Super Easy Memory Forensics

Introduction to CICD

Computer Security - CCNA Security - Lecture 2

Fortigate Training

OAuth 2.0 Integration Patterns with XACML

Derbycon - The Unintended Risks of Trusting Active Directory

Accelerating Envoy and Istio with Cilium and the Linux Kernel

ClearPass Policy Model - An Introduction

Practical DevSecOps Course - Part 1

aclpwn - Active Directory ACL exploitation with BloodHound

Network Penetration Testing

Service mesh

OWASP Top 10 2021 Presentation (Jul 2022)

Podman Overview and internals.pdf

Cloud Native Applications Maturity Model

Compliance and Zero Trust Ambient Mesh

Docker + WASM.pdf

The Complete Guide to Service Mesh

Andere mochten auch

Analyzing the Effectivess of Web Application Firewalls

Larry Suto

Client Side Exploits using PDF

n|u - The Open Security Community

Client-side JavaScript Vulnerabilities

Ory Segal

JavaScript Security

Jason Harwig

Client side exploits

nickyt8

Lien formation complète ici: http://www.alphorm.com/tutoriel/formation-en-ligne-hacking-et-securite-lessentiel Cette formation est une approche offensive des pratiques et des méthodologies utilisées par les hackers dans le cadre d’intrusion sur des réseaux et applications. Nous mettons l’accent sur la compréhension technique et pratique des différentes formes d’attaques existantes, en mettant l’accent sur les vulnérabilités les plus critiques. Vous pourrez, au terme de cette formation réaliser des audits de sécurité (test de pénétration) au sein de votre infrastructure. Il s’agit d’une formation complète sur l’essentiel de ce dont vous avez besoin afin de mettre la casquette du Hacker dans vos tests de vulnérabilité , mais aussi si vous souhaitez avoir une approche offensive de la sécurité informatique , ainsi que toute personne souhaitant acquérir les connaissances techniques d’attaques , il faut savoir attaquer pour mieux se défendre. La présentation des techniques d’attaques et vulnérabilités sont axées pratique s au sein d’un lab de test de pénétration.

Alphorm.com Formation Hacking et Sécurité, l'essentiel

Alphorm

Wenn der größte Teil der Logik in JavaScript stattfindet, dann findet auch der größere Teil der Sicherheitsrisiken dort seine Heimat. Und Angreifer finden mit JavaScript eine interessante neue Umwelt, denn die Sprache selbst und auch ihre Heimat in Browser und Node.js bringen viele neue Probleme. Und genau da setzt der Vortrag an: die verblüffenden Unterschiede von JavaScript zu anderen Sprachen, wenn es um Security geht. Die Risiken und auch die Besonderheiten von Browsern und anderen JavaScript-Engines wie Node.js. Die Securityimplikationen von JavaScript-Frameworks bishin zu speziellen Problemen wie mXSS, ReDOS und HTML5-Security.

JavaScript Security

Johann-Peter Hartmann

Andere mochten auch (7)

Analyzing the Effectivess of Web Application Firewalls

Client Side Exploits using PDF

Client-side JavaScript Vulnerabilities

JavaScript Security

Client side exploits

Alphorm.com Formation Hacking et Sécurité, l'essentiel

JavaScript Security

Ähnlich wie Testing web application firewalls (waf) accuracy

PLNOG15 :Assuring Performance, Scalability and Reliability in NFV Deployments...

PROIDEA

PLNOG15 :Assuring Performance, Scalability and Reliability in NFV Deployments...

Marta Pacyga

Creating a highly available, scalable, and high-performing system requires a substantial amount of what we call nonfunctional testing. Developing nonfunctional testing skills is a must for many of today’s quality engineers (QEs). For the past several years, Balaji Arunachalam’s quality team for Intuit Core Services has experienced several highly available and disaster recovery buildup and testing challenges. Their journey includes the evolution of functional QEs into hybrid QEs who are capable of doing both functional and nonfunctional testing. Nonfunctional testing includes capacity, stability, benchmarking, FMEA/RAS, datacenter failover, and scalability testing. Balaji shares nonfunctional testing best practices, learnings, and mistakes they encountered on this journey. If you or your team is ready flip the coin and take a serious look at nonfunctional testing methods, opportunities, challenges, and solutions, this session is for you.

Nonfunctional Testing: Examine the Other Side of the Coin

TechWell

Stratus Fault-Tolerant Cloud Infrastructure Software for NFV using OpenStack

Ali Kafel

Evolution of Service Quality Management - Through closed loop automation

EXFO

AWS WAF introduction and live demo - Pop-up Loft Tel Aviv

Amazon Web Services

Webinar how to ensure sdn-nfv doesn't break your network

Qualitest

System reliability is one of most important features for the Network service. With the development of visualized network functions, system reliability and stability becomes more complex than before. Tes ting and verifying OPNFV infrastructure for tolerating the faults and failures is a great challenge. To address this challenge, the presentation presents a test framework which covers the means and types of faults injection as well as the implement of fault injection tools. Some test cases are shown to validate the framework.

Reliability Testing in OPNFV

OPNFV

Apache Kafka is an open-source event streaming platform used to complement or replace existing middleware, integrate applications, and build microservice architectures. Used at almost every large company today, it's understood, battled-tested, highly scalable, and reliable. Blockchain is a different story. Being related to cryptocurrencies like Bitcoin, it's often in the news. But what is the value of software architecture? And how is it related to an integration architecture and event streaming platform? This session explores blockchain use cases and different alternatives such as Hyperledger, Ethereum, and Kafka-native blockchain implementation. We discuss the value blockchain brings for different architectures, and how it can be integrated with the Kafka ecosystem to build a highly scalable and reliable event streaming infrastructure. This talk discusses the concepts, use cases, and architectures behind Event Streaming, Apache Kafka, Distributed Ledger (DLT), and Blockchain. A comparison of different technologies such as Confluent, AIBlockchain, Hyperledger, Ethereum, Ripple, IOTA, and Libra explores when to use Kafka, a Kafka-native blockchain, a dedicated blockchain, or Kafka in conjunction with another blockchain.

Apache Kafka and Blockchain - Comparison and a Kafka-native Implementation

Kai Wähner

Part 2 / 4: How to Intelligently Process and Deliver Real-Time Data with FME ...

Safe Software

QualysGuard InfoDay 2013 - Web Application Firewall

Risk Analysis Consultants, s.r.o.

Introduction to NBL

Fei Ji Siao

Jeroen Wijdogen (Akamai) | TU - Hacks & Attacks

Media Perspectives

TeraVM_overview_021115

Krzysztof Kubik

TeraVM_overview

Rohan Fernandes

A/B testing platform on Elixir

Dmitry Tymchuk

There is currently no accepted standard for the measurement or monitoring of VoLTE Services, even though we believe that this is vital to assure the quality and reliability of such services - and to establish a framework for reliable comparison across implementations. To this end Ascom has defined a formal definition and implementation strategy to help the Operations team solve a range of challenges, including issues related to EPC, IMS and the Application Server. We will describe this solution in a number of short articles. This article describes the architecture of our solution and the VoLTE Voice Call test case.

VoLTE Service Monitoring - VoLTE Voice Call

Jose Gonzalez

James Kretchmar – CTO EMEA, Akamai Technologies Inc. James Kretchmar is CTO for Akamai’s Europe, Middle East & Africa region and is responsible for technical strategy across the region. Previously he served as Chair of Akamai’s Architecture Board, responsible for review and oversight of technical designs for Akamai’s globally distributed intelligent platform, as well as providing company-wide technical guidance. Mr. Kretchmar came to Akamai from MIT in 2004 and during his tenure has also served as Architect for Akamai’s Mapping and Network Management systems. He is a published author on Network Administration and speaks several European Languages. Topic of Presentation: How Akamai scales to serve the largest events on the Internet Language: English Abstract: Scaling to meet the ever increasing demands of users in a world of more and heavier on-line content is always a challenge but at Akamai, serving at scale means delivering enormous events like the Olympic Games and the FIFA World Cup to a massive worldwide audience. Akamai’s highly distributed platform of 150,000 servers located in 92 countries around the world is critical to effectively delivering events of this magnitude but the physical deployment is only half of the story. The true key to serving with good performance at massive scale is in the intelligent algorithms that drive the platform. In this talk hear James Kretchmar, CTO EMEA, discuss how the design of the Akamai Intelligent Platform enables a fast, reliable and secure online experience for the largest events on the Internet.

PLNOG 13: James Kretchmar: How Akamai scales to serve the largest events on t...

PROIDEA

Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...

Cisco Security

Best Practices For Sharing Data Across The Enteprrise

Splunk

Ähnlich wie Testing web application firewalls (waf) accuracy (20)

PLNOG15 :Assuring Performance, Scalability and Reliability in NFV Deployments...

Nonfunctional Testing: Examine the Other Side of the Coin

Stratus Fault-Tolerant Cloud Infrastructure Software for NFV using OpenStack

Evolution of Service Quality Management - Through closed loop automation

AWS WAF introduction and live demo - Pop-up Loft Tel Aviv

Webinar how to ensure sdn-nfv doesn't break your network

Reliability Testing in OPNFV

Apache Kafka and Blockchain - Comparison and a Kafka-native Implementation

Part 2 / 4: How to Intelligently Process and Deliver Real-Time Data with FME ...

QualysGuard InfoDay 2013 - Web Application Firewall

Introduction to NBL

Jeroen Wijdogen (Akamai) | TU - Hacks & Attacks

TeraVM_overview_021115

TeraVM_overview

A/B testing platform on Elixir

VoLTE Service Monitoring - VoLTE Voice Call

PLNOG 13: James Kretchmar: How Akamai scales to serve the largest events on t...

Identify Zero-Day Breaches with Cognitive Threat Analytics on Cisco Web Secur...

Best Practices For Sharing Data Across The Enteprrise

Kürzlich hochgeladen

Abhishek Deb(1), Mr Abdul Kalam(2) M. Des (UX) , School of Design, DIT University , Dehradun. This paper explores the future potential of AI-enabled smartphone processors, aiming to investigate the advancements, capabilities, and implications of integrating artificial intelligence (AI) into smartphone technology. The research study goals consist of evaluating the development of AI in mobile phone processors, analyzing the existing state as well as abilities of AI-enabled cpus determining future patterns as well as chances together with reviewing obstacles as well as factors to consider for more growth.

Exploring the Future Potential of AI-Enabled Smartphone Processors

debabhi2

DBX First Quarter 2024 Investor Presentation

Dropbox

GenAI Risks & Security Meetup 01052024.pdf

lior mazor

Data Cloud, More than a CDP by Matt Robison

Anna Loughnan Colquhoun

Accelerating FinTech Innovation: Unleashing API Economy and GenAI Vasa Krishnan, Chief Technology Officer - FinResults Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

apidays

Webinar Recording: https://www.panagenda.com/webinars/why-teams-call-analytics-is-critical-to-your-entire-business Nothing is as frustrating and noticeable as being in an important call and being unable to see or hear the other person. Not surprising then, that issues with Teams calls are among the most common problems users call their helpdesk for. Having in depth insight into everything relevant going on at the user’s device, local network, ISP and Microsoft itself during the call is crucial for good Microsoft Teams Call quality support. To ensure a quick and adequate solution and to ensure your users get the most out of their Microsoft 365. But did you know that ‘bad calls’ are also an excellent indicator of other problems arising? Precisely because it is so noticeable!? Like the canary in the mine, bad calls can be early indicators of problems. Problems that might otherwise not have been noticed for a while but can have a big impact on productivity and satisfaction. Join this session by Christoph Adler to learn how true Microsoft Teams call quality analytics helped other organizations troubleshoot bad calls and identify and fix problems that impacted Teams calls or the use of Microsoft365 in general. See what it can do to keep your users happy and productive! In this session we will cover - Why CQD data alone is not enough to troubleshoot call problems - The importance of attributing call problems to the right call participant - What call quality analytics can do to help you quickly find, fix-, and prevent problems - Why having retrospective detailed insights matters - Real life examples of how others have used Microsoft Teams call quality monitoring to problem shoot problems with their ISP, network, device health and more.

Why Teams call analytics are critical to your entire business

panagenda

Join our latest Connector Corner webinar to discover how UiPath Integration Service revolutionizes API-centric automation in a 'Quote to Cash' process—and how that automation empowers businesses to accelerate revenue generation. A comprehensive demo will explore connecting systems, GenAI, and people, through powerful pre-built connectors designed to speed process cycle times. Speakers: James Dickson, Senior Software Engineer Charlie Greenberg, Host, Product Marketing Manager

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

DianaGray10

How to Troubleshoot Apps for the Modern Connected Worker

ThousandEyes

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...

Zilliz

💉💊+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHABI}}+971581248768 +971581248768 Mtp-Kit (500MG) Prices » Dubai [(+971581248768**)] Abortion Pills For Sale In Dubai, UAE, Mifepristone and Misoprostol Tablets Available In Dubai, UAE CONTACT DR.Maya Whatsapp +971581248768 We Have Abortion Pills / Cytotec Tablets /Mifegest Kit Available in Dubai, Sharjah, Abudhabi, Ajman, Alain, Fujairah, Ras Al Khaimah, Umm Al Quwain, UAE, Buy cytotec in Dubai +971581248768''''Abortion Pills near me DUBAI | ABU DHABI|UAE. Price of Misoprostol, Cytotec” +971581248768' Dr.DEEM ''BUY ABORTION PILLS MIFEGEST KIT, MISOPROTONE, CYTOTEC PILLS IN DUBAI, ABU DHABI,UAE'' Contact me now via What's App…… abortion Pills Cytotec also available Oman Qatar Doha Saudi Arabia Bahrain Above all, Cytotec Abortion Pills are Available In Dubai / UAE, you will be very happy to do abortion in Dubai we are providing cytotec 200mg abortion pill in Dubai, UAE. Medication abortion offers an alternative to Surgical Abortion for women in the early weeks of pregnancy. We only offer abortion pills from 1 week-6 Months. We then advise you to use surgery if its beyond 6 months. Our Abu Dhabi, Ajman, Al Ain, Dubai, Fujairah, Ras Al Khaimah (RAK), Sharjah, Umm Al Quwain (UAQ) United Arab Emirates Abortion Clinic provides the safest and most advanced techniques for providing non-surgical, medical and surgical abortion methods for early through late second trimester, including the Abortion By Pill Procedure (RU 486, Mifeprex, Mifepristone, early options French Abortion Pill), Tamoxifen, Methotrexate and Cytotec (Misoprostol). The Abu Dhabi, United Arab Emirates Abortion Clinic performs Same Day Abortion Procedure using medications that are taken on the first day of the office visit and will cause the abortion to occur generally within 4 to 6 hours (as early as 30 minutes) for patients who are 3 to 12 weeks pregnant. When Mifepristone and Misoprostol are used, 50% of patients complete in 4 to 6 hours; 75% to 80% in 12 hours; and 90% in 24 hours. We use a regimen that allows for completion without the need for surgery 99% of the time. All advanced second trimester and late term pregnancies at our Tampa clinic (17 to 24 weeks or greater) can be completed within 24 hours or less 99% of the time without the need surgery. The procedure is completed with minimal to no complications. Our Women's Health Center located in Abu Dhabi, United Arab Emirates, uses the latest medications for medical abortions (RU-486, Mifeprex, Mifegyne, Mifepristone, early options French abortion pill), Methotrexate and Cytotec (Misoprostol). The safety standards of our Abu Dhabi, United Arab Emirates Abortion Doctors remain unparalleled. They consistently maintain the lowest complication rates throughout the nation. Our Physicians and staff are always available to answer questions and care for women in one of the most difficult times in their lives. The decision to have an abortion at the Abortion Cl

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@

In this session, we will delve into strategic approaches for optimizing knowledge management within Microsoft 365, amidst the evolving landscape of Copilot. From leveraging automatic metadata classification and permission governance with SharePoint Premium, to unlocking Viva Engage for the cultivation of knowledge and communities, you will gain actionable insights to bolster your organization's knowledge-sharing initiatives. In this session, we will also explore how to facilitate solutions to enable your employees to find answers and expertise within Microsoft 365. You will leave equipped with practical techniques and a deeper understanding of how there is more to effective knowledge management than just enabling Copilot, but building actual solutions to prepare the knowledge that Copilot and your employees can use.

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Drew Madelung

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the deployment of external web forms using Jotform for Bonterra Impact Management. This solution can be customized to your organization’s needs and deployed to support the common use cases below: - Intake and consent - Assessments - Surveys - Applications - Program registration Interested in deploying web form automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Jeffrey Haguewood

The Good, the Bad and the Governed - Why is governance a dirty word? David O'Neill, Chief Operating Officer - APIContext Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

apidays

Whatsapp Number Escorts Call girls 8617370543 Available 24x7 Navi Mumbai Call Girls Service Offer Genuine VIP Model Escorts Call Girls in Your Budget. Navi Mumbai Call Girls Service Provide Real Call Girls Number. Make Your Sexual Pleasure Memorable with Our Navi Mumbai Call Girls at Affordable Price. Top VIP Escorts Call Girls, High Profile Independent Escorts Call Girls, Housewife Women Escorts Call Girl, College Girls Escorts Call Girls, Russian Escorts Call girls Service in Your Budget.

Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model

Deepika Singh

AXA XL - Insurer Innovation Award Americas 2024

The Digital Insurer

Artificial Intelligence Chap.5 : Uncertainty

Khushali Kathiriya

presentation ICT roal in 21st century education

jfdjdjcjdnsjd

Automating Google Workspace (GWS) & more with Apps Script

wesley chun

ICT role in 21st century education and its challenges

rafiqahmad00786416

Modernizing Securities Finance: The cloud-native prime brokerage platform transforming capital markets. Madhu Subbu, Managing Director, Head of Securities Finance Engineering Apidays Singapore 2024: Connecting Customers, Business and Technology (April 17 & 18, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu

apidays

Kürzlich hochgeladen (20)

Exploring the Future Potential of AI-Enabled Smartphone Processors

DBX First Quarter 2024 Investor Presentation

GenAI Risks & Security Meetup 01052024.pdf

Data Cloud, More than a CDP by Matt Robison

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

Why Teams call analytics are critical to your entire business

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...

How to Troubleshoot Apps for the Modern Connected Worker

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...

Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...

Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model

AXA XL - Insurer Innovation Award Americas 2024

Artificial Intelligence Chap.5 : Uncertainty

presentation ICT roal in 21st century education

Automating Google Workspace (GWS) & more with Apps Script

ICT role in 21st century education and its challenges

Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu

Testing web application firewalls (waf) accuracy

1. WAF Accuracy Testing Done Properly Introducing AWT framework Ory Segal, Director of Threat Research

2. ©2015 AKAMAI | FASTER FORWARDTM WAF Accuracy Lingo • Imagine a WAF that protects against 100% of all possible attack vectors …by blocking 100% of all HTTP requests • Accurate WAF testing requires you to measure: • How many real attacks got blocked (TP) • How much valid requests were allowed through (TN) • How much valid traffic was inappropriately blocked (FP) • How many attacks were allowed through (FN) • Lets talk about Precision, Recall, Accuracy, MCC…

3. ©2015 AKAMAI | FASTER FORWARDTM Precision, Recall, Accuracy, MCC % of blocked requests that were actual attacks % of attacks that were actually blocked % of decisions that were good decisions * MCC: http://en.wikipedia.org/wiki/Matthews_correlation_coefficient Correlation between WAF decisions and actual nature of requests Precision = tp tp+ fp Recall = tp tp+ fn Accuracy = tp+tn tp+tn+ fp+ fn MCC = tp×tn (tp+ fp)(tp+ fn)(tn+ fp)(tn+ fn)

4. ©2015 AKAMAI | FASTER FORWARDTM Lets Look at Some Examples A WAF’s accuracy needs to be measured both in its ability to block attacks, as well as it’s ability to allow good traffic through… WAF Type Requests Valid Attacks Blocked TP TN FP FN P R A MCC Real 1000 990 10 11 8 987 3 2 0.73 0.8 0.995 0.76 Off 1000 990 10 0 0 990 0 10 N/A 0 0.99 0 Always Block 1000 990 10 1000 10 0 990 0 0.01 1 0.01 0 Noisy 1000 990 10 31 8 967 23 2 0.26 0.8 0.975 0.45 Conservative 1000 990 10 2 2 990 0 8 1.00 0.2 0.992 0.45

5. ©2015 AKAMAI | FASTER FORWARDTM WAF Testing Framework Requirements • A tool that will send both valid traffic and real attacks • Easy addition of test cases (both valid & attacks) • Accuracy statistics gathering – FP, FN, TP, TN, P, R, A, MCC • Rich info about each test that was sent – full request, response, expected behavior, request nature • Reporting capabilities

7. ©2015 AKAMAI | FASTER FORWARDTM Akamai WAF Testing (AWT) Framework • Written in Python • Test cases are represented as textual files (.awt) • Options to create or add new test cases: • Write text files • Use a “Burp Extender” to record web interaction (meaningful requests only) • Transform Wireshark .pcap files (only ports HTTP traffic) • Multithreaded – can be very fast, or very “considerate” • Configurable and can work with any WAF • Intuitive XML & HTML reports • Easy debugging of FP/FN

8. ©2015 AKAMAI | FASTER FORWARDTM AWT Built-In Test Cases In order to accurately assess WAF, we collected test cases from the following sources: Retrieved valid traffic from Akamai’s Cloud Security Intelligence big data platform Recorded manual interaction with top “problematic” web sites Ported known “false positive” test cases from other tools Commercial web scanners Popular SQLi tools Exploits from the internet (fuzzers, exploit-db, … Traffic database is divided to 95% / 5% Automatic crawling of Alexa Top 100 internet sites Malicious traffic from Akamai’s Cloud Security Intelligence big data platform

Hinweis der Redaktion

High recall is important if you are looking for a secure product High Precision is important for those looking for a system that doesn’t block valid users by mistake

Testing web application firewalls (waf) accuracy

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Andere mochten auch

Andere mochten auch (7)

Ähnlich wie Testing web application firewalls (waf) accuracy

Ähnlich wie Testing web application firewalls (waf) accuracy (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

Testing web application firewalls (waf) accuracy

Hinweis der Redaktion