As of December 31st, 2023 ThreadFix 2.X has reached End of Life and is no longer supported. For any further information please contact the Success and Implementation team.

WAFs

Owned by Hector Ruiz (Unlicensed)
Last updated: Oct 28, 2020 by Daniel Colon
2 min read

WAF API's have been deprecated as of ThreadFix version 2.8.

What are WAFs and Why are They Useful?

When developing a web application with known security vulnerabilities, it can be useful, in some situations, to prevent those issues from arising using a Web Application Firewall (WAF), rather than fixing the code where the issue arises. A WAF works by taking data from known vulnerabilities and creating a firewall which prevents requests/responses associated with the endpoints from each specific vulnerability.

ThreadFix allows you to generate WAF rules for a particular application using vulnerabilities from submitted scans. ThreadFix can integrate with the following WAFs:

  • Barracuda Web Application Firewall

  • BIG-IP ASM

  • DenyAll rWeb

  • Imperva SecureSphere

  • mod_security

  • SteelApp Web App Firewall



Creating a WAF

First, make sure that you have an application with uploaded vulnerabilities. Then, navigate to the WAFs page; path: Configuration (cog) → Integrations → WAFs



Click the 'Create WAF' button and then input a name for your WAF and select the type of WAF your are generating rules for.



Attaching WAF to Application

Navigate to the application detail page for the application which you wish to generate WAF rules for. Click Action → Edit/Delete → Set WAF



Select the WAF you have created in the previous step or create a WAF if you wish.

Save your changes.



Generating WAF Rules

Navigate back to the WAF index page and click the 'Rules' button for the desired WAF. You can select which team/application pair to generate rules for and also select the action the WAF will take when a WAF rule has been fired.



After your WAF rules have been generated, you can then save the WAF by either copying the text underneath the 'WAF Rules' section, or by hitting the 'Download Waf Rules' button.

These rules can then be added to your WAF for use with your application.



Uploading WAF Logs to ThreadFix

After you have generated WAF rules for an application, applied them to your WAF, and then have run the applications with the WAF attached to it, you can then upload a WAF log file to ThreadFix. As a result, ThreadFix will then provide data which shows how many times each rule has been fired according to the log.



www.threadfix.it | www.coalfire.com
Copyright © 2024 Coalfire. All rights reserved.

This Information Security Policy is CoalFire - Public: Distribution of this material is not limited.