𝐑𝐚𝐭𝐞 𝐋𝐢𝐦𝐢𝐭𝐢𝐧𝐠 𝐅𝐞𝐚𝐭𝐮𝐫𝐞 𝐟𝐨𝐫 𝐀𝐳𝐮𝐫𝐞 𝐖𝐀𝐅 𝐨𝐧 𝐀𝐩𝐩𝐥𝐢𝐜𝐚𝐭𝐢𝐨𝐧 𝐆𝐚𝐭𝐞𝐰𝐚𝐲 𝐧𝐨𝐰 𝐢𝐧 𝐏𝐫𝐞𝐯𝐢𝐞𝐰

This feature allows you to define custom rules to limit the number of requests from different sources, such as IP addresses, geographies, or user sessions.

https://techcommunity.microsoft.com/t5/azure-network-security-blog/rate-limiting-feature-for-azure-waf-on-application-gateway-now/ba-p/3934957

#azure #microsoft #azuresecurity #waf #webapplicationgateway #appsecurity #azureapplicationgateway #appsec #webapplicationfirewall #firewall #ddos #azurewaf #cybersecurity #cloud #cloudnative #cloudsecurity #soc

𝗔𝘇𝘂𝗿𝗲 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗡𝗲𝘄𝘀: 𝗔𝘇𝘂𝗿𝗲 𝗗𝗗𝗼𝗦 𝗦𝗲𝗻𝘁𝗶𝗻𝗲𝗹 𝗦𝗼𝗹𝘂𝘁𝗶𝗼𝗻 𝗮𝗻𝗱 𝗪𝗔𝗙 𝗣𝗹𝗮𝘆𝗯𝗼𝗼𝗸 𝗜𝗻𝘁𝗲𝗴𝗿𝗮𝘁𝗶𝗼𝗻

Learn how to how to integrate the Azure DDoS Sentinel Solution with the Azure WAF Playbook to enable a powerful automated detection and response system.

With this integration, the Azure DDoS Sentinel Solution and the WAF Playbook work together to prevent attacks with the steps described below:

1️⃣During the first stage of a multi-vector attack campaign, initiated by a malicious actor, the DDoS attack floods the customer’s application, creating chaos and serving as a diversion for the subsequent attack.

2️⃣Upon identifying the DDoS attack, Azure DDoS protection mitigates the attack and generates logs that are transmitted to Microsoft Sentinel.

3️⃣Microsoft Sentinel extracts the source IP addresses of the attackers from the logs and triggers the WAF Playbook.

4️⃣The WAF Playbook adds the attack IP addresses to a custom WAF rule with a block action. Azure WAF becomes ready to mitigate the forthcoming stages of the adversary's attack cycle.

5️⃣Having employed the DDoS attack as a smokescreen, the adversary now attempts to breach the application to take the sensitive data.

6️⃣Azure WAF acts by blocking access from the source IP addresses of the attacker, thereby preventing them from reaching the data.

https://techcommunity.microsoft.com/t5/azure-network-security-blog/enhancing-your-azure-security-azure-ddos-sentinel-solution-and/ba-p/3913420

#azure #azuresecurity #azurenetworksecurity #ddos #azureddos #waf #azurewaf #sentinel #microsoftsentinel #microsoft #soc #automation #soar #siem #playbook #cybersecurity #microsoft #microsoftsecurity #cloudsecurity

𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐟𝐨𝐫 𝐀𝐏𝐈𝐬 𝐁𝐞𝐭𝐭𝐞𝐫 𝐓𝐨𝐠𝐞𝐭𝐡𝐞𝐫 𝐰𝐢𝐭𝐡 𝐀𝐳𝐮𝐫𝐞 𝐖𝐞𝐛 𝐀𝐩𝐩𝐥𝐢𝐜𝐚𝐭𝐢𝐨𝐧 𝐅𝐢𝐫𝐞𝐰𝐚𝐥𝐥 𝐚𝐧𝐝 𝐀𝐳𝐮𝐫𝐞 𝐀𝐏𝐈 𝐌𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭

The synergy of Microsoft Defender for APIs, Azure WAF, and Azure API Management forms a strong defense against API threats.

https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/defender-for-apis-better-together-with-azure-web-application/ba-p/3907308

✔️The WAF on Application Gateway checks the request against WAF rules. If the request is valid, then it will proceed.

✔️Application Gateway directs the request to APIM.

✔️APIM accepts and properly maps the requests.

✔️Defender for APIs inspects API endpoints and gives insight on whether the API is properly authenticated, inactive, and externally facing.

✔️Defender for APIs monitors the traffic going to and from APIM to classify sensitive data and alert on exploits and anomalies.

𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐟𝐨𝐫 𝐀𝐏𝐈𝐬

Defender for APIs provides visibility into crucial APIs. It facilitates a deep dive into your API security, allowing prioritization of vulnerabilities and quick detection of active threats. Key features include a consolidated view of managed APIs with security insights on external, inactive, or unauthenticated APIs, data classifications of sensitive data in API interactions, and machine learning-driven detection of API threats in alignment with the OWASP API Top 10.

𝐀𝐳𝐮𝐫𝐞 𝐀𝐏𝐈 𝐌𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭

Azure API Management caters to the entire API lifecycle. APIM includes an API gateway, management platform, and developer portal. The gateway manages requests, ensures authentication, transforms requests and responses, caches responses, enforces usage caps, emits logs, and more.

𝐀𝐳𝐮𝐫𝐞 𝐖𝐞𝐛 𝐀𝐩𝐩𝐥𝐢𝐜𝐚𝐭𝐢𝐨𝐧 𝐅𝐢𝐫𝐞𝐰𝐚𝐥𝐥

Azure WAF provides a centralized defense against web and API vulnerabilities like SQL injections and cross-site scripting attacks. With its rapid virtual patching, Azure WAF offers quick threat mitigation without needing to individually secure every web application.

#microsoft #azure #azurewaf #waf #api #defenderapi #sqlinjection #apim #apimanagement #defenderforapi #defenderforcloud #defender #cloud #cloudsecurity #cloudnative #soc #owasp #apithreats #cybersecurity

🔐 𝐀𝐳𝐮𝐫𝐞 𝐖𝐀𝐅 – 𝐌𝐚𝐬𝐤𝐢𝐧𝐠 𝐒𝐞𝐧𝐬𝐢𝐭𝐢𝐯𝐞 𝐃𝐚𝐭𝐚

WAF rules can thwart malicious requests containing personally identifiable info (PII). Azure WAF log scrubbing tool ensures data security. 🛡️ Safeguard your logs by removing sensitive data using custom rules.

Check out our latest blog where we dive into the log scrubbing feature and explore real examples. Discover how to strengthen your web app security today!

https://techcommunity.microsoft.com/t5/azure-network-security-blog/azure-waf-masking-sensitive-data/ba-p/3905356

#AzureWAF #WebAppSecurity #Azure #waf #scrubbing #log #sentinel #siem #soar #pii #cloud #cloudsecurity #soc #cybersecurity #loganalytics

𝐈𝐧𝐭𝐫𝐨𝐝𝐮𝐜𝐢𝐧𝐠 𝐀𝐳𝐮𝐫𝐞 𝐖𝐞𝐛 𝐀𝐩𝐩𝐥𝐢𝐜𝐚𝐭𝐢𝐨𝐧 𝐅𝐢𝐫𝐞𝐰𝐚𝐥𝐥'𝐬 𝐒𝐞𝐧𝐬𝐢𝐭𝐢𝐯𝐞 𝐃𝐚𝐭𝐚 𝐏𝐫𝐨𝐭𝐞𝐜𝐭𝐢𝐨𝐧 (𝐏𝐫𝐞𝐯𝐢𝐞𝐰)!

Data privacy is paramount, and Azure Web Application Firewall (WAF) has taken a step forward with Log Scrubbing.

This preview feature allows you to remove sensitive information from WAF logs, ensuring enhanced privacy and compliance. Safeguard your data with Azure WAF's Log Scrubbing.

Learn more:

https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/waf-sensitive-data-protection

https://learn.microsoft.com/en-us/azure/web-application-firewall/ag/waf-sensitive-data-protection-configure?tabs=browser

#DataPrivacy #AzureWAF #waf #logging #data #privacy #scrubbing #logscrubbing #azure #compliance #cloudnative #appsecurity #webapp #cybersecurity #microsoftsecurity #microsoft

Azure WAF guided investigation Notebook using Microsoft Sentinel for automated false positive tuning

Azure Web Application Firewall (Azure WAF) provides core protection for your web applications against exploits and vulnerabilities. It protects against OWASP Top 10 attacks, bot attacks, application-level distributed denial of service (DDoS) attacks, and other web attacks.

https://azure.microsoft.com/de-de/blog/azure-waf-guided-investigation-notebook-using-microsoft-sentinel-for-automated-false-positive-tuning/

#Microsoft #Azure #AzureFirewall #AzureWAF