课程: Microsoft Security Essentials: Concepts, Solutions, and AI-Powered Protection

Azure Web Application Firewall - Microsoft Security Copilot教程

课程: Microsoft Security Essentials: Concepts, Solutions, and AI-Powered Protection

Azure Web Application Firewall

- [Narrator] Let's look at Azure Web Application Firewall. Web applications are widely used today, however, they have all kinds of vulnerabilities that attackers can exploit. For example, the Open Web Application Security Project, OWASP, is an international non-profit organization that works to improve application security. OWASP list top 10 security risks for web applications, such as broken access control injection and insecure design. Developers may spend significant time and effort trying to identify and mitigate application vulnerabilities. How can we add another layer of protection for web applications and enable developers to focus more on functionality? One possible solution is to use a web application firewall, or WAF. A WAF is placed between visitors and web apps. It works like a firewall to monitor and filter application requests. A WAF blocks web attacks targeting common application vulnerabilities. It only allows a valid request to interact with web apps. Azure Web Application Firewall provides centralized protection for web apps, so organizations can manage and patch vulnerabilities in one place, instead of working on each web application You can deploy Azure WAF with Azure Application Gateway, Azure Front Door, and Azure Content Delivery Network, or CDN. Azure WAF also helps defend against distributed denial of service, DDoS, attacks targeting applications. Moreover, Azure Web Application Firewall is integrated with Microsoft Security Copilot, an AI-powered assistant for security analysts. You can use prompts to access its capabilities in Microsoft Security Copilot, such as getting details of SQL injection or cross-site script attacks blocked by Azure Web Application Firewall.

内容