As web based service develops on the internet, web based attacks are also becoming more common and concentrated.

Even when a firewall is installed, the service port in use must be open to provide service, so it is always exposed to attack. Web attacks are very attractive in that it can be carried out simply with web browsers and can cause enormous damage using comparatively low technological knowledge. There are various forms of attacks that hackers can choose from, so web based attacks are increasing.

According to the market analyst group Gartner, 75 % of all cyber attacks target web applications, and 97% of more than 300 websites audited were found vulnerable to web application attack. The result shows the vulnerabilities of current web application security and the need for the web application protection.

In order to build a safe web environment, security must be taken into account from the design and development phase. However, the development environment or the deadline make secure coding difficult to do, and frequent changes on the application continue to increase the number of vulnerabilities.

WAFs are designed to protect the application layer of OSI model to secure data communication based on HTTP or HTTPS.

Also, WAFs prevent unauthorized access and web attacks aiming at web application vulnerability on customer web server, allowing the server to be operated safely.

Building a secure web application environment is a very urgent issue, now that 75 % of all cyber attacks target web applications. Many systems are attacked by hacking methods such as site defacement and leakage of confidential information including personal and corporate information, which lead to serious hacking damages.

WAPPLES uses the COCEP engine that analyzes web traffic and control the rules. The COCEP engine is the intelligent logic analysis engine of WAPPLES, and it analyzes the web traffic and detects attacks in a similar way of that a human would. Because this engine has logic classifying the traffic, the engine can check the danger of web traffic through the various judging standards and conditions. The administrator can run WAPPLES easily when he configures the security level on the rules.

A WAF is most definitely necessary if your web server contains valuable contents or information of registered members.

WAPPLES can protect against website attacks and defacement, and prevent the leakage of important information.

Also, WAPPLES provides real-time monitoring and analysis of the various statistics, which enables administrators to manage the web server easily and conveniently. The features can reduce TCO by reducing vulnerability fix cost and preventing infringement accidents. Also, it provides an error response feature, so that the server can run 24/7/365.

75 % of all cyber attacks target web application, and WAFs protect web applications.

Firewall, IDS and IPS cannot protect other layers but web application. Network firewalls cannot analyze web traffic. IDS only analyzes the vulnerability of network layer and cannot block traffic. IPS products cannot recognize analyze application layers status, and cannot process encrypted/encoded traffic.

Also, IPS product can only protect against well-known type of attacks, and cannot respond to new attacks.