101  0 Kommentare Web Application Attacks Intensify in Fourth Quarter of 2023, According to New Edgio Quarterly Attack Trends Report - Seite 2

• United States – 26.3%
• France – 17.4%
• Germany – 9.4%
• Russia – 8.8%

Edgio found that WAF customers used access control features to allow or deny specific request methods, using their knowledge of their own applications to inform their security controls and lower risk. The report indicates that attackers frequently leverage request methods like HEAD that return app and infrastructure information that can be used by the attacker for reconnaissance purposes and to craft a malicious payload.

Based on deep parsing of attack payloads, Edgio found that 98% of all malicious payloads fell into JavaScript Object Notation (JSON) and URL encoded form categories (used for storing and transporting data) but cautioned security teams to remain vigilant as attackers evolve in their selection of payload content types.

Best practices for digital asset protection: proactively stop threats against websites and applications

Based on its findings, Edgio recommends the following methods to best protect digital assets, including websites and applications:

• Ensure your WAF provides a layered defense to protect organizations against the known bad, application-specific, and emerging threats. A complete solution will show a distribution of enforcement across access control rules, managed rulesets, and custom signatures.
• Blocklists are still an effective and low-cost part of a layered security approach to safeguard Internet-facing assets. Organizations should also take advantage of threat intelligence feeds to further harden their security posture against known bad actors.
• While managed rules are often maintained and updated by your WAF provider, it is not advisable to use a ‘set it and forget’ approach. As an application evolves and new functionalities are developed, policy reviews and analysis of managed ruleset enforcement is recommended. It is best to ensure rules are closely aligned with business application needs.
• Organizations should take the time to understand where they are doing business and where they aren’t allowed to do business. Block the countries or sub-regions that bring no value to a brand to reduce their attack surface. Blocking embargoed countries is a great starting point, but don’t rely on this approach as a catch all for bad actors.
• Know the application and use this knowledge to inform security solutions, like a WAF, to limit the application request methods or content types based on application needs.

To obtain a full copy of the report, click here.