Microsoft Azure Web Application Firewall (WAF) Launched

The New Acunetix V12 Engine


Not too long after Amazon launched their cloud protection WAF the Microsoft Azure Web Application Firewall (WAF) has been made generally available in all public Azure DCs.

Microsoft Azure Web Application Firewall (WAF) Launched

It’s a good move with the majority of websites and services moving into one of the big 3 cloud providers (AWS, Google or Azure) and the vast majority of attacks coming from the same few patterns (SQL Injection, XSS etc). A WAF can mitigate against a lot of that without too much worry of false positives.

Microsoft is making it harder for cyber-attackers to target web applications hosted on its Azure cloud computing platform.

Azure Web Application Firewall (WAF), a component of the company’s Azure Application Gateway offering, is now generally available in all public Azure data center regions. Azure Application Gateway is a cloud-based HTTP (Hypertext Transfer Protocol) load-balancing and SSL (Secure Sockets Layer) offloading system that enables businesses to build and deliver scalable and secure web applications.

With the addition of the Web Application Firewall, customers can now fortify their applications, making them less susceptible to cross-site scripting attacks, SQL injection and other methods of exploiting or disrupting web applications. The firewall provides protection for up to 20 websites per gateway.

In its analysis of web security landscape for the fourth quarter of 2016, Akamai found that SQL injection was responsible for 51 percent of all web application attacks. As the term suggests, SQL injection involves inserting or “injecting” code into database-driven applications for the purposes of tampering with data, extracting information and other activities that pose a risk to sensitive or critical business data.


The Azure WAF is part of their Application Gateway and is now available across all public data center regions.

As with most things Microsoft it seems to be a bit more automated and a bit less manual than the AWS option which is basically just a glorified regex engine you have to configure yourself.

In addition to blocking SQL injection and cross-site scripting attempts, Azure Web Application Firewall can stop other common attack methods like remote file inclusion, command injection and HTTP request smuggling and response splitting, explained Yousef Khalidi, corporate vice president of Azure Networking at Microsoft, in a March 30 blog post.

It can also thwart attacks that depend on HTTP protocol anomalies and violations, along with misconfigured Apache and Internet Information Services (IIS) deployments, among other servers and applications involved in delivering a web application.

Automated tools like bots and crawlers are similarly blocked. Finally, the firewall helps customers stand up to debilitating HTTP denial-of-service attacks, added Khalidi.

Packing a big punch, courtesy of vast armies of compromised PCs and Internet of Things (IoT) devices, denial-of-service attacks have emerged into one of the leading threats affecting today’s web-facing businesses.

Last September, a website belonging to renowned security blogger Brian Krebs was hit with a massive distributed denial-of-service (DDoS) attack that overwhelmed his site with 665 Gbps of disruptive traffic.

The scale of the attack forced Akamai, the content delivery network who provided DDoS protection to the blog, to drop its support Krebs. Around the same time, French cloud computing company OVH reported a DDoS attack approaching 1 Tbps.

It also by default mitigates against more types of attacks, and some common misconfigurations – which you see a lot of in the cloud space (hello MongoDB).

Now we’ll have to wait and see if Google Cloud Platform comes out with a similar offering, then they will all be on par again.

Source: eWeek

Posted in: Countermeasures, Web Hacking

, ,


Latest Posts:


RidRelay - SMB Relay Attack For Username Enumeration RidRelay – SMB Relay Attack For Username Enumeration
RidRelay is a Python-based tool to enumerate usernames on a domain where you have no credentials by using a SMB Relay Attack with low privileges.
NetBScanner - NetBIOS Network Scanner NetBScanner – NetBIOS Network Scanner
NetBScanner is a NetBIOS network scanner tool that scans all computers in the IP addresses range you choose, using the NetBIOS protocol.
Metta - Information Security Adversarial Simulation Tool Metta – Information Security Adversarial Simulation Tool
Metta is an information security preparedness tool in Python to help with adversarial simulation and assess security defense preparation and alerts.
Powershell-RAT - Gmail Exfiltration RAT Powershell-RAT – Gmail Exfiltration RAT
Powershell-RAT is a Python-based Gmail exfiltration RAT that can be used a Windows backdoor to send screenshots or other data as an e-mail attachment.
SCADA Hacking - Industrial Systems Woefully Insecure SCADA Hacking – Industrial Systems Woefully Insecure
It seems like SCADA hacking is still a topic in hacker conferences, and it should be with SCADA systems still driving power stations, manufacturing plants etc.
airgeddon - Wireless Security Auditing Script airgeddon – Wireless Security Auditing Script
Airgeddon is a Bash powered multi-use Wireless Security Auditing Script for Linux systems with an extremely extensive feature list.


2 Responses to Microsoft Azure Web Application Firewall (WAF) Launched

  1. Nathan April 7, 2017 at 7:21 pm #

    Google announced at Next ’17 that they’re making the same WAF that they use to protect Gmail and other services available to customers on GCP to protect their own workloads. https://youtu.be/O-JXFQezWOc

    • Darknet April 8, 2017 at 12:46 am #

      Ah nice, thanks Nathan.