Microsoft Azure Web Application Firewall (WAF) Launched

The New Acunetix V12 Engine


Not too long after Amazon launched their cloud protection WAF the Microsoft Azure Web Application Firewall (WAF) has been made generally available in all public Azure DCs.

Microsoft Azure Web Application Firewall (WAF) Launched

It’s a good move with the majority of websites and services moving into one of the big 3 cloud providers (AWS, Google or Azure) and the vast majority of attacks coming from the same few patterns (SQL Injection, XSS etc). A WAF can mitigate against a lot of that without too much worry of false positives.

Microsoft is making it harder for cyber-attackers to target web applications hosted on its Azure cloud computing platform.

Azure Web Application Firewall (WAF), a component of the company’s Azure Application Gateway offering, is now generally available in all public Azure data center regions. Azure Application Gateway is a cloud-based HTTP (Hypertext Transfer Protocol) load-balancing and SSL (Secure Sockets Layer) offloading system that enables businesses to build and deliver scalable and secure web applications.

With the addition of the Web Application Firewall, customers can now fortify their applications, making them less susceptible to cross-site scripting attacks, SQL injection and other methods of exploiting or disrupting web applications. The firewall provides protection for up to 20 websites per gateway.

In its analysis of web security landscape for the fourth quarter of 2016, Akamai found that SQL injection was responsible for 51 percent of all web application attacks. As the term suggests, SQL injection involves inserting or “injecting” code into database-driven applications for the purposes of tampering with data, extracting information and other activities that pose a risk to sensitive or critical business data.


The Azure WAF is part of their Application Gateway and is now available across all public data center regions.

As with most things Microsoft it seems to be a bit more automated and a bit less manual than the AWS option which is basically just a glorified regex engine you have to configure yourself.

In addition to blocking SQL injection and cross-site scripting attempts, Azure Web Application Firewall can stop other common attack methods like remote file inclusion, command injection and HTTP request smuggling and response splitting, explained Yousef Khalidi, corporate vice president of Azure Networking at Microsoft, in a March 30 blog post.

It can also thwart attacks that depend on HTTP protocol anomalies and violations, along with misconfigured Apache and Internet Information Services (IIS) deployments, among other servers and applications involved in delivering a web application.

Automated tools like bots and crawlers are similarly blocked. Finally, the firewall helps customers stand up to debilitating HTTP denial-of-service attacks, added Khalidi.

Packing a big punch, courtesy of vast armies of compromised PCs and Internet of Things (IoT) devices, denial-of-service attacks have emerged into one of the leading threats affecting today’s web-facing businesses.

Last September, a website belonging to renowned security blogger Brian Krebs was hit with a massive distributed denial-of-service (DDoS) attack that overwhelmed his site with 665 Gbps of disruptive traffic.

The scale of the attack forced Akamai, the content delivery network who provided DDoS protection to the blog, to drop its support Krebs. Around the same time, French cloud computing company OVH reported a DDoS attack approaching 1 Tbps.

It also by default mitigates against more types of attacks, and some common misconfigurations – which you see a lot of in the cloud space (hello MongoDB).

Now we’ll have to wait and see if Google Cloud Platform comes out with a similar offering, then they will all be on par again.

Source: eWeek

Posted in: Countermeasures, Web Hacking

, ,


Latest Posts:


Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.
Eraser - Windows Secure Erase Hard Drive Wiper Eraser – Windows Secure Erase Hard Drive Wiper
Eraser is a hard drive wiper for Windows which allows you to run a secure erase and completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns.
Insecure software versions are a problem Web Security Stats Show XSS & Outdated Software Are Major Problems
Netsparker just published some anonymized Web Security Stats about the security vulnerabilities their online solution identified on their users’ web applications and web services during the last 3 years.
CTFR - Abuse Certificate Transparency Logs For HTTPS Subdomains CTFR – Abuse Certificate Transparency Logs For HTTPS Subdomains
CTFR is a Python-based tool to Abuse Certificate Transparency Logs to get subdomains from a HTTPS website in a few seconds.
testssl.sh - Test SSL Security Including Ciphers, Protocols & Detect Flaws testssl.sh – Test SSL Security Including Ciphers, Protocols & Detect Flaws
testssl.sh is a free command line tool to test SSL security, it checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws and more.


2 Responses to Microsoft Azure Web Application Firewall (WAF) Launched

  1. Nathan April 7, 2017 at 7:21 pm #

    Google announced at Next ’17 that they’re making the same WAF that they use to protect Gmail and other services available to customers on GCP to protect their own workloads. https://youtu.be/O-JXFQezWOc

    • Darknet April 8, 2017 at 12:46 am #

      Ah nice, thanks Nathan.