Talks:
1 WAF: Wrong Approach Firewall (Slink)
Web Application Firewalls (WAFs) for filtering based on HTTP and payload are omnipresent. In this talk an argument will be made that, in many cases, the wrong approach for implementing WAFs is chosen: They are implemented as "deny firewalls" which specifically forbid "bad" traffic based on pattern rules, while for network security (layers 3/4) professionals would only ever follow an "allow firewall" approach, which explicitly lets "good" traffic pass and denies everything else.
"deny WAFs" are oftentimes marketed as simple, easy to use, out-of-the-box solutions, but, by design, they can only prevent known exploits. Also, practical aspects limit their potential, when rulesets breaking functionality have to be disabled.
While the "allow WAF" approach presented here implies more effort, its main advantage is protection against new attack vectors ("zero days") and it comes with a lot of side benefits, such as improved performance and resilience through caching.
--------
Diese Veranstaltung wird sowohl vor Ort als auch remote angeboten
Wir freuen uns auf euch :)
Der Besuch ist für jeden offen der Lust hat vorbei zuschauen. Jeder ist gerne willkommen. :)
Wenn Du Fragen hast, einfach in die Kommentare schreiben: Es findet sich sicherlich jemand der sie beantwortet.
==
This event will be offered both on-site and remotely.
We look forward to seeing you :)
The visit is open to anyone who wants to drop by. Everyone is welcome. :)
If you have any questions, just write them in the comments: There will surely be someone to answer them.
==
Weitere Ressourcen IT-Security-Meetup Kassel / Further resources IT-Security-Meetup Kassel:
- Alte Vorträge / Talks from the past:
-- https://github.com/it-security-kassel-nordhessen/meetup
-- https://www.youtube.com/watch?v=nTpTSOVXSTU&list=PLGrnDfwTFZ7nluvGOIIR1GXHCEAnuLR1o
• ---------------------------------------------------------------------------
-- Sponsor --
Micromata GmbH
Conference Room, Github Quota, Pizza :)