In: Computer Science
You are working for an organisation that is using a very old
web-based application that was developed in-house and is only used
by members of the organisation. The leader of the web development
team has indicated that the application needs to be urgently
redeveloped as it is dependent upon outdated frameworks that have
recently been found to be vulnerable to SQL injection attacks,
however the organisation is currently short on funding. One of the
security team has suggested using a web application firewall to
prevent common attacks instead.
(a) Explain the additional security that would be provided by the
web application firewall.
(b) Discuss any alternative or complimentary technologies that
would assist in securing the application.
(a) Additional security by firewall:
Web application firewall also known as WAF also helps in filtering out the data packets and monitoring the traffic in the system. It will block the data packets from malicious sources.
Apart from this it also helps the developers from making any coding mistakes and fix them quickly.
It is used to scan the applications for security reasons.
(b) Ways to securing the application:
Apart from these tools and technologies following measures should also be applied: