Azure Application Gateway
8 TopicsNew Blog | Enhancing Cybersecurity: Geomatch Custom Rules in Azure WAF
This blog post will introduce you to the geomatch custom rules feature of Azure Web Application Firewall and show you how to create and manage them using the Azure portal, Bicep and PowerShell. Read the full blog post here:Enhancing Cybersecurity: Geomatch Custom Rules in Azure WAF - Microsoft Community Hub510Views1like1CommentNew Blog Post | Threat Detection Queries for Azure WAF
Web applications face frequent malicious attacks that exploit well-known vulnerabilities, such as Code Injection and Path Traversal Attacks. These attacks are hard to prevent in the application code, as they require constant maintenance, patching, and monitoring at multiple levels of the application architecture. A WAF solution can provide faster and centralized security by patching a known vulnerability for all web applications, rather than securing each one individually. Azure Web Application Firewall (WAF) is a cloud-native service that protects web apps from common web-hacking techniques. It can be deployed quickly to gain full visibility into the web application traffic and block malicious web attacks. Read the full blog: Threat Detection Queries for Azure WAF - Microsoft Community Hub889Views0likes0CommentsNew Blog | Public Preview: Support for DRS and Mask sensitive data on Application Gateway WAF
Azure WAF on Application Gateway with Default Rule Setnow in Public Preview The long-anticipated option to use the Microsoft Default Rule Set(DRS)for Application Gateway in Web Application Firewall isnowavailable inPublic Preview. Customers can use the DRS with the latest Bot Managerrulesetwiththeir Regional WAF v2 to bringthe same securityexperienceas withAzure FrontDoor. Read the blog here:Public Preview: Support for DRS and Mask sensitive data on Application Gateway WAF - Microsoft Community Hub616Views0likes0CommentsNew blog post | Azure Web Application Firewall- Bot Manager Scenarios
The continuous integration of bots to simulate human engagement, especially for unethical activities in web applications lead to both security incidents and diversion of engagement with web resources. The advent of new AI projects and LLMs (Large Language Models) have also opened more avenues for vulnerabilities including prompt injections, data leakage, training data poisoning, unauthorized code execution etc. Azure Web Application Firewall- Bot Manager Scenarios - Microsoft Community Hub733Views0likes0CommentsNew Blog Post | Enhancements to Azure WAF for Application Gateway now in General Availability
Enhancements to Azure WAF for Application Gateway now in General Availability - Microsoft Community Hub Azure Web Application Firewall (WAF) on Azure Application Gateway provides centralized protection for your web applications against common vulnerabilities and exploits. Web applications are increasingly targeted by malicious attacks thatvulnerabilities. SQL Injection (SQLi) and Cross-Site Scripting (XSS) are examples of some well-known attacks. Preventing such attacks in application code can be challenging and may require rigorous maintenance, patching, and monitoring at many layers of the application topology. A centralized web application firewall helps make security management much simpler and gives better assurance to application developers and security teams against threats or intrusions. The Azure Web Application Firewall (WAF) engine is the component that inspects traffic and determines whether a web-request represents a potential attack, then takes appropriate action depending on the configuration. Previously, when you used the Azure WAF with Application Gateway, there were certain limitations in the way you could configure and monitor your WAF deployments. We are happy to announce several enhancements to the configurations and monitoring capabilities of Azure WAF when used with Azure Application Gateway going forward.48KViews0likes0Commentsnot able to see Diagnostic Setting option under monitoring for Load balancer to collect log data
hi all , i am not seeing that option to collect and ingest data in to log analytic workspace. please help Diagnostic settings option is not there , how to ingest data in that case like i was bale to see that option in Application gateway , but not in load balancerSolved1.1KViews0likes2CommentsNew Blog Post | Azure Web Application Firewall: WAF config versus WAF policy
Azure Web Application Firewall: WAF config versus WAF policy - Microsoft Tech Community What is Web Application Firewall (WAF) config? WAF config is the built-in method to configure WAF on Azure Application Gateway, and it is local to each individual Azure Application Gateway resource. When you create an Azure Application Gateway with either the WAF or the WAF_v2 SKU, you will see a new item on the menu blade called "Web application firewall" that displays WAF configuration options. The biggest drawback of using WAF config is that not all WAF settings are displayed in the portal UI. For example, you cannot configure or manage custom rules in the portal: you must use PowerShell or Azure CLI for that. Additionally, WAF config is a setting within an Azure Application Gateway resource. For this reason, each WAF config must be managed individually, and its configuration applies globally for everything within that specific Azure Application Gateway resource. WAF config does not exist on Azure Front Door.715Views0likes0Comments