Prevent web application threats in container environments with the eCyLabs Web Application Security Management Platform

The eCyWAF is an open source web application firewall that is recognized industry standard WAF Solution delivered in a container form factor available from docker hub and natively integrated into eCyLabs platform. eCyWAF prevents cyber-attacks in web applications and web services hosted in your organization.

How does this work?

eCyBots (aka threat hunting bots) will perform ramdom checks to gain insights on the security threats that are associated with your applications. Threat Manager instantly helps to mitigate the threats at eCyLabs Web Application Firewall (eCyWAF) or any other Web Application Firewalls*.

eCyWAF delivers:

• Negative and Positive security model looks for known bad, malicious requests that are effective at blocking a large number of automated attacks. Also validate and accept only known requests and reject everything else. 
• Virtual patching applications can be patched from the outside, without touching the application source code (and even without any access to it), making your systems secure until a proper patch is produced.
• Extrusion Detection Model monitor outbound data and identify and block information disclosure issues such as leaking detailed error messages or Social Security Numbers or Credit Card Numbers.
• Cross platform web application firewall (WAF) provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis
• OWASP ModSecurity Core Rules (CRS) unlike intrusion detection and prevention systems which rely on signatures specific to known vulnerabilities, the Core Rule Set provides generic protection from unknown vulnerabilities often found in web applications that are in most cases custom coded.

How to Install:

Customers can install the eCyWAF image from docker hub and configure it as a reverse proxy to use it as a docker container firewall. The deployment of this WAF will be in dataplane mode and runs as a daemon set on each node. 

Customers can deploy WAF on all cluster nodes with a single command, placing security controls as close to workloads as possible. The detailed steps are provided below

• https://hub.docker.com/r/ecylabs/ecywaf

Customers can choose to deploy eCyWAF in container environments hosted on-premises or in public clouds. eCyWAF is managed through the eCyLabs web application management console. This plugin with eCyLabs provides contextual information as per NIST framework with additional modules for web security management.