Blogs & Stories

Trustwave Blog

The Trustwave Blog empowers information security professionals to achieve new heights through expert insight that addresses hot topics, trends and challenges and defines best practices.

How to Proactively Protect Web Applications

Web applications are critical to business operations these days - serving as an important revenue channel and as a significant customer touch point. But what we don't know is that they bring a level of unexpected exposure - becoming the preferred attack vector for hackers.  In fact, the 2013 Trustwave Global Security Report indicates that ecommerce sites are now the #1 targeted attack vector, accounting for 48% of all targets.

Proactively protecting Web applications should be a top priority to help prevent financial loss and brand degradation. A Web Application Firewall (WAF) offers automatic, continuous Web application protection against hacking attempts and helps to increase an online application's security posture by:


  • Helping to safeguard them from attack and data loss. A WAF provides Web applications with real-time, continuous security by helping ensure they operate as intended and expected, without sacrificing application response times. A superior WAF solution always monitors and profiles applications to provide the rich data needed to help ensure that the website is available and that the transaction is complete.
  • Alerting IT, security and development teams about unusual activity. Having visibility into applications seems like the norm, but because there are so many applications and because they are all unique, it is not easy. A best-in-class WAF offers an insider's view, helping internal teams pinpoint problems at the website, URL and session levels, as well as giving them the metrics needed help maintain application integrity.
  • Delivering on PCI compliance requirements. Industry-leading WAFs are built to address PCI DSS requirement 6.6 in a simple way so that compliance is managed across all Web applications. By helping organizations mitigate risk and assisting with the PCI requirements, their websites can be proactively protected and their business operations uninterrupted.


Read about how one company, Intergraph, has taken a proactive control of Web application security by using Trustwave Web Application Firewall to secure more than 20 external websites. Read the case study here.

Learn more about Trustwave Web Application Firewall here.