Blog

Results of one year web-application-firewall-in-the-Combell-cloud

Beginning of 2013 we moved our cluster of web-application-firewalls-in-the-cloud from our datacenter in Germany to the Combell datacenters in Belgium.

There were two important reasons for that:

1. We noticed an increase in attacks so we needed better support, a fully-redundant datacenter and a professional partner

2. We received more questions from larger organisations to use our ZIONSECURED with their security requirements:

  • Environment must be hosted in an ISO 27001 certified datacenter
  • The solution must be hosted in Belgium
  • 24/7 monitoring of the environment

After one year we can provide you with the following statistics:

1. Availability of our solution: 100%

2. Our shield blocked 4 million attacks

3. The web sites that we protect are located in the Combell datacenter and in non-Combell datacenters in Belgium, the Netherlands, Ireland (Amazon Web Services), Switzerland (Linode),..

4. Almost all customers experienced an increase in performance because of the performance of the Combell network, the high-end servers and the caching mechanism in place

5. Web sites that are attacked once are continuously probed for vulnerabilities

6. Most seen attack is file inclusion, path traversal, access violations and SQL Injection

Statistically, there was a decrease in number of attacks on Saterday, compared with the other days of the week:

Most attacks originated in the US, Belgium and China. US and China is not really surprising, but because most of our customers are Belgian web sites (yes, we are a Belgian security company) these sites are targeted with automated scans.

Important remark regarding the 25,6% for the US: these include Qualys scans from our customers against their web sites so the real number of attacks will be around the same figure as for BE and CN

Conclusion:

If you have a website, a mobile app, an API, a web service, .. you are attacked daily (except on Saturday) from different countries including your own.

If you don't test you web application's security (PHP file inclusion, SQL Injection, default vulnerable applications, ...) and you don't have a web application firewall you will get hacked easily and quickly.

A hacked web server can be used to attack other web sites, steal customer data or even worse: a gateway to attack your database and internal network.

More information about our ZIONSECURED shield: http://www.zionsecurity.com/product/zion-secured

For a free trial: http://try.zionsecured.com

Add comment