Microsoft Azure Web Application Firewall (WAF) Launched

Outsmart Malicious Hackers


Not too long after Amazon launched their cloud protection WAF the Microsoft Azure Web Application Firewall (WAF) has been made generally available in all public Azure DCs.

Microsoft Azure Web Application Firewall (WAF) Launched

It’s a good move with the majority of websites and services moving into one of the big 3 cloud providers (AWS, Google or Azure) and the vast majority of attacks coming from the same few patterns (SQL Injection, XSS etc). A WAF can mitigate against a lot of that without too much worry of false positives.

Microsoft is making it harder for cyber-attackers to target web applications hosted on its Azure cloud computing platform.

Azure Web Application Firewall (WAF), a component of the company’s Azure Application Gateway offering, is now generally available in all public Azure data center regions. Azure Application Gateway is a cloud-based HTTP (Hypertext Transfer Protocol) load-balancing and SSL (Secure Sockets Layer) offloading system that enables businesses to build and deliver scalable and secure web applications.

With the addition of the Web Application Firewall, customers can now fortify their applications, making them less susceptible to cross-site scripting attacks, SQL injection and other methods of exploiting or disrupting web applications. The firewall provides protection for up to 20 websites per gateway.

In its analysis of web security landscape for the fourth quarter of 2016, Akamai found that SQL injection was responsible for 51 percent of all web application attacks. As the term suggests, SQL injection involves inserting or “injecting” code into database-driven applications for the purposes of tampering with data, extracting information and other activities that pose a risk to sensitive or critical business data.


The Azure WAF is part of their Application Gateway and is now available across all public data center regions.

As with most things Microsoft it seems to be a bit more automated and a bit less manual than the AWS option which is basically just a glorified regex engine you have to configure yourself.

In addition to blocking SQL injection and cross-site scripting attempts, Azure Web Application Firewall can stop other common attack methods like remote file inclusion, command injection and HTTP request smuggling and response splitting, explained Yousef Khalidi, corporate vice president of Azure Networking at Microsoft, in a March 30 blog post.

It can also thwart attacks that depend on HTTP protocol anomalies and violations, along with misconfigured Apache and Internet Information Services (IIS) deployments, among other servers and applications involved in delivering a web application.

Automated tools like bots and crawlers are similarly blocked. Finally, the firewall helps customers stand up to debilitating HTTP denial-of-service attacks, added Khalidi.

Packing a big punch, courtesy of vast armies of compromised PCs and Internet of Things (IoT) devices, denial-of-service attacks have emerged into one of the leading threats affecting today’s web-facing businesses.

Last September, a website belonging to renowned security blogger Brian Krebs was hit with a massive distributed denial-of-service (DDoS) attack that overwhelmed his site with 665 Gbps of disruptive traffic.

The scale of the attack forced Akamai, the content delivery network who provided DDoS protection to the blog, to drop its support Krebs. Around the same time, French cloud computing company OVH reported a DDoS attack approaching 1 Tbps.

It also by default mitigates against more types of attacks, and some common misconfigurations – which you see a lot of in the cloud space (hello MongoDB).

Now we’ll have to wait and see if Google Cloud Platform comes out with a similar offering, then they will all be on par again.

Source: eWeek

Posted in: Countermeasures, Web Hacking

, ,


Latest Posts:


Terabytes Of US Military Social Media Spying S3 Data Exposed Terabytes Of US Military Social Media Spying S3 Data Exposed
Once again the old, default Amazon AWS S3 settings are catching people out, the US Military has left terabytes of social media spying S3 data exposed.
SNIFFlab - Create Your Own MITM Test Environment SNIFFlab – Create Your Own MITM Test Environment
SNIFFlab is a set of scripts in Python that enable you to create your own MITM test environment for packet sniffing through a WiFi access point.
Skype Log Viewer Download - View Logs on Windows Skype Log Viewer Download – View Logs on Windows
Skype Log Viewer allows you to download and view the Skype history and log files, on Windows, without actually downloading the Skype client itself.
Ethereum Parity Bug Destroys Over $250 Million In Tokens Ethereum Parity Bug Destroys Over $250 Million In Tokens
If you are into cryptocurrency or blockchain at all, you will have heard about the Ethereum Parity Bug that has basically binned $280 Million + ETH.
WPSeku - Black-Box Remote WordPress Security Scanner WPSeku – Black-Box Remote WordPress Security Scanner
WPSeku is a black box WordPress Security scanner that can be used to scan remote WordPress installations to find security issues and vulnerabilities.
Malaysia Telco Hack - Corporations Spill 46 Million Records Malaysia Telco Hack – Corporations Spill 46 Million Records
The Malaysia Telco Hack has been blowing up in the news with over 42 Million Records being leaked including IMEI numbers, SIM details and home addresses.


2 Responses to Microsoft Azure Web Application Firewall (WAF) Launched

  1. Nathan April 7, 2017 at 7:21 pm #

    Google announced at Next ’17 that they’re making the same WAF that they use to protect Gmail and other services available to customers on GCP to protect their own workloads. https://youtu.be/O-JXFQezWOc

    • Darknet April 8, 2017 at 12:46 am #

      Ah nice, thanks Nathan.