Scribd Logo
Upload

Welcome to Scribd!

  • Bfsi Waf

    Uploaded by

    amitmulik
    6 views1 page
    Research paper

    Original Title

    bfsi_waf (1)

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Research paper

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    6 views1 page

    Bfsi Waf

    Uploaded by

    amitmulik
    Research paper

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    WEB APPLICATION SECURITY

    INDUSTRY – BFSI

    Introduction
    DOYEN’s customer, an India-based urban multi-state Co-operative banking institution, faced increasingly malicious
    threats encapsulated within HTTP protocol hitting their servers. In addition, they wanted a way to prevent DDOS
    attacks on the network and applications. As a Bank, they also needed to be PCI-DSS compliant and meet OWASP top
    10 guidelines to secure the customers’ data and transactions. In short, they needed a solution that can protect their
    critical Internet Banking and Mobile Banking Applications against web attacks.
    The Bank chose DOYEN to propose and implement a suitable solution to tackle these challenges.

    KEY CHALLENGES
    DOYEN’s Solution
     Protect their Internet Banking and Keeping in mind the customer challenges, DOYEN suggested FortiWeb -
    Mobile Banking application Web Application Firewall as the appropriate solution. This application
    against web attacks. firewall ticks all points required by the Bank such as OWASP top 10
     Meet PCI-DSS compliance guidelines and other attacks, optimum application delivery with Layer 7 load
    requirements. balancing, hardware accelerated SSL offloading, compression and caching,
     SSL Offloading. IP reputation service to block botnets and other malware sources, in-built
     Not able to achieve data analytics
    vulnerability scanner module, parameter validation and prevention of
    and reporting.
     Meet OWASP TOP 10 guidelines
    unknown application attacks by auto learning.
    Leveraging its deep expertise on security technologies and understanding,
    DOYEN successfully implemented the solution in the customer network. The
    solution now helps customer protect their critical web applications, improve
    SOLUTION FEATURES application performance and satisfy PCI DSS compliance requirements.
    Through FortiGate, the Bank could now derive data for analytics and
     Out-of-the-box protection reporting while improving the performance greatly.
    against OWASP TOP 10 and other
    attacks.
     Optimum Application delivery
    with Layer 7 load balancing, Outcomes and Benefits
    hardware accelerated SSL
    One of the greatest benefits was reduction of the load on the web server by
    Offloading, compression and
    offloading SSL to the FortiWeb – Web Application Firewall. This allowed the
    caching.
     IP Reputation service to block Bank’s team to focus more on management by automatically and
    botnets and other malware dynamically profiling user traffic. In addition, automated signature updates
    sources. keep the defenses up-to-date
     In-built Vulnerability Scanner
    module.
     Parameter Validation
     Prevents unknown application
    attacks by Auto Learning.

    To learn how we can help write to us at info@doyeninfosolutions.com

    Copyright @ 2016 Doyen Infosolutions | doyeninfosolutions.com

    You might also like