The WAF backed by artificial intelligence (AI)

The Web Application Firewall (WAF) issue didn’t seem to me as a big deal until I actually started to dig deeper into the ongoing discussion in this field. It generally seems that vendors are trying to convince customers and themselves that everything is going smooth and that there is not a problem. In reality, however, customers don’t buy it anymore and the WAF industry is under a major pressure as constantly failing on the customer quality perspective.

There have also been red flags raised from the use of the runtime application self-protection (RASP) technology. There is now a trend to enter the mitigation/defense side into the application and compile it within the code. It is considered that the runtime application self-protection is a shortcut to securing software that is also compounded by performance problems. It seems to be a desperate solution to replace the WAFs, as no one really likes to mix its “security appliance” inside the application code, which is exactly what the RASP vendors are currently offering to their customers. However, some vendors are adopting the RASP technology.

Generally speaking, there is a major disappointment at the WAF customer end because of the lack of automation, scalability, and coverage of the emerging threats which become essential as modern botnets become more and more efficient and aggressive. These botnets are made now by an Artificial Intelligence (AI) functionality on top of the “old” Internet of things (IoT) botnets which are becoming more and more multi-purpose in its ability to attack with different vectors. The functionality that the classical WAF offers have become a matter of discontent, while next-generation WAF’s, which were born as AI systems that may address such a multi-dimensional threat complexity are quite rare. 

There are not so many artificial intelligence/machine learning (AI/ML) solutions in the cyberdefense segment of the network and application defense. However, more AI and ML solutions are beginning to surface as a major success against the DDoS and more specifically against the application DDoS world, which was shown by L7 Defense, with its unsupervised learning approach. Such technology may also play a crucial role in the WAF solutions, as defending against the same multi-purpose botnets.

Leave a Reply

Your email address will not be published. Required fields are marked *