Over the last year, Yottaa has been hard at work bolstering our security offerings, so that our customers may benefit from our award-winning e-commerce optimization while also ensuring peace of mind from rogue activity on their origin infrastructure. In that time, we have delivered enhancements to our existing Layer 3-7 WAF, introduced real-time dashboards for granular analysis of traffic, and introduced Origin Shield. Today, we are pleased to announce the arrival of our latest security feature - the Yottaa Threat Signature WAF.
Yottaa Threat Signature WAF
An effective security architecture requires a layered approach. With Yottaa's existing features, we've been able to effectively mitigate many known bad actors based on location, user agent, traffic request rate, and other visitor context. With our latest addition, we are further identifying these bad actors based on well-known attack vectors, such as:
- SQL Injection
- Cross Site Scripting
- Cross Site Request Forgery
These attack vectors form the majority of the risk identified within the OWASP TOP 10 specification, year in and year out. Protection from these attacks is often a key security requirement for internal - and often external - certifications.
New Features & Services
With the introduction of the Yottaa Threat Signature WAF, Yottaa Client Services now offers a customized on-boarding experience. During on-boarding, Yottaa Engineers will tailor a rule set that balances your need for layered security while also mitigating many of the false positives typically found with open-source or off-the-shelf implementations.
The Yottaa Portal includes new features to assist the on-boarding and on-going management of the WAF, including:
- "Learn" vs. "Active" Modes - Configure the Threat Signature WAF to simulate blocking activity, in order to dial in the rule set and reduce false positives. Once properly configured, switch into "active" mode to actively block traffic.
- Enhanced Security Dashboard - In real-time, you can now drill into specific segments of your traffic that have been "learned" or "blocked", across both the Layer 3-7 WAF and the Threat Signatures WAF. Track the effectiveness of your layered security by identifying the most active rules and the patterns that those rules are matching on. Even export those matched requests to CSV to perform further analysis.
- Self-Service Log Access - Users can configure access to the raw security logs in order to perform even more granular root cause analysis. Logs are updated hourly and accessible from Amazon S3.
The Yottaa Threat Signature WAF is an add-on service to the Yottaa platform. If you are interested in learning more about the feature, please contact your client services representative or support.