Ορολογία της Ημέρας (T.O.D) – 2/2/2017 [Web Application Firewall (WAF)]

A Web application firewall (WAF) is a firewall that monitors, filters or blocks the HTTP traffic to and from a Web application.

A WAF can be either network-based or host-based and is typically deployed through a proxy and placed in front of one or more Web applications. In real time or near-real time, it monitors traffic before it reaches the Web application, analyzing all requests, using a rule base to filter out potentially harmful traffic or traffic patterns. Web application firewalls are a common security control used by enterprises to protect Web applications against zero-day exploits and known vulnerabilities and attacks.

WAFs started to gain attention when PCI DSS compliance was mandated for merchants that process payment card transactions. PCI DSS requires that Web applications be fortified through either a code security review or a WAF.

by techtarget.com

IV

Ορολογία της Ημέρας (T.O.D) – 20/12/2016 [Compliance Audit]

A compliance audit is a comprehensive review of an organization’s adherence to regulatory guidelines. Independent accounting, security or IT consultants evaluate the strength and thoroughness of compliance preparations. Auditors review security polices, user access controls and risk management procedures over the course of a compliance audit.

What, precisely, is examined in a compliance audit will vary depending upon whether an organization is a public or private company, what kind of data it handles and if it transmits or stores sensitive financial data. Continue reading