At WAF Logic, an education company, our mission is to provide world-leading security expertise and solutions, ensuring your safety, security, and protection from breaches that can result in financial loss, legal matters, reputation damage, and/or media fallout.
We believe in empowering others by teaching them how to perform our job. By sharing our knowledge and enabling them to eventually take over, we inspire confidence in their own work. We work closely with each client, going as deep down the rabbit hole as they desire.
"Never Give Up! Never Surrender!" - Commander Taggert
Our video series focus will be Web Application Firewalls (WAFs), (D)DoS (Distributed Denial of Service), and Web Security in General. We hope you enjoy the series :) We will continue with more advanced WAF concepts and techniques delving further down the rabbit hole of the awesome sauce of WAF Life.
The future videos will include real demonstrations, real world concepts, and overall be a more hands on type approach that you can follow along at home and/or at the office!
We hope to provide educational, meaningful, useful content and please feel free to engage with us in the comments or you can reach out to info@waflogic.com if you have something on your mind you'd like to discuss.
######################################################################################
Finally the long awaited Part 2 of Chapter 2, "Logging & All Your DataBase Are Belong To Us!" The Dragons are here!
This is the conclusion to Chapter 2 where we delve deeper down the rabbit hole into the SQL Injection events that ultimately led to the Database being exfiltrated. We also include the SQLMap command and configuration used to perform the Database dump with a live demonstration of how the attack was performed and the live dump of the database.
We also finish up showing how to save money leveraging your Security logs which goes into further details about the differences between Key/Value pair based logs vs. Comma Separated Value (CSV) style logs with real world examples and comparisons. We come full circle with the Database exfiltration event and how resulting logs further demonstrate the value of customizing logs to your organizations needs and goals which also translates to cost savings in a variety of ways.
As promised, here is a link to the resources and logs used in Part 1 & 2 of Chapter 2, "Logging & All Your DataBase Are Belong To Us!"
We hope you enjoy the conclusion of Chapter 2 and look forward to Chapter 3 which will delve into Security Policy structure design and Tuning concepts. We'll also go over potential 100% guaranteed Zero Day mitigations! Exciting stuff so stay tuned :)
######################################################################################
This is Part 1 of 2 for Chapter 2. This two part chapter includes a real successful Database ex-filtration attack that will include the logs, the events detected, and how it was executed.
In part 1 we explore the "Gold Standard" for WAF Logging. We show how using a CSV (Comma Separated Value) style log format vs. a Key/Value pair and is the best way to go. We cover the differences of TCP vs. UDP specific to WAF logs which is best. We also demonstrate a unique and very reliable delimiter for a CSV style log format that is nearly 100% guaranteed to not fail parsing for WAF logs. We also show our ASM WAF Super Massive Splunk query that gives exceptional details about WAF events.
Part 2 will be even better as the story climaxes when we dive into the SQLi (SQL Injection) discoveries and attacks that led to the full database being dumped including the actual logs of the server dumping the database. We'll continue to expand on how to save money and maximizing value when it comes to logs as well.
######################################################################################
In this initial video of our WAF Life Series, we discuss the basics of what a WAF is, where it should be placed, some basic layer concepts, regulations, onions, comparisons and more. There's a lot covered at a very high level overview but there's much more to cover since this is barely even scratching the tip of the iceberg.
######################################################################################
"Education is the most powerful weapon which you can use to change the world." - Nelson Mandela