MANAGED WEB APPLICATION FIREWALL SERVICES

MANAGED WEB APPLICATION FIREWALL SERVICES

SECDATA.COMFOR MORE INFORMATION PLEASE CONTACT US T: +44 (0)1622 723400 | E: info@secdata.com

SERVICE DESCRIPTION Web applications have become the primary way with which businesses interact with their customers, staff and other stakeholders however, web applications are the biggest source of risk for organisations with hackers targeting applications in increasingly sophisticated ways. Having a web application compromised can cause severe disruption and can harm a business’s income and reputation.

A Web Application Firewall (WAF) is designed to protect web applications through a combination of signatures and policy based control. However, most businesses can’t deal with the ongoing burden of upgrades, patches and policy changes without a large and experienced team, regular training and key vendor support. Businesses often rely on an unmanaged or misconfigured WAF that provides a false sense of security and poses real risks to business-as-usual. From giving hackers a window of opportunity, to blocking legitimate traffic, a poorly managed WAF can severely disrupt business critical services.

Our managed WAF service solves these problems, helping to ensure your applications always remain secure and available by providing a comprehensive managed service for market-leading technologies from F5 Networks. Our service includes unlimited configuration changes, unlimited patches and upgrades as well as comprehensive, proactive monitoring and reporting. The 24x7x365 service is delivered by security-cleared engineers with the highest level of accreditation from our UK-based Security Operations Centre (SOC).

KEY BENEFITS• Reduce risk: Expert Web Application Firewall

(WAF) configuration, management and monitoring with an immediate response to any issues

• Protect your brand: Continuous, proactive WAF monitoring helps safeguard business-critical connectivity: protecting revenues, customer loyalty and brand reputation

• Focus on your business: By entrusting security to experts with over 25 years’ experience, your overstretched technical staff can focus on your core business

• Access to scarce expertise: Our engineers are security-cleared and have the highest industry accreditations; their single-minded focus will keep your business secure

KEY SERVICE FEATURES• Expert device management: Keep pace with

upgrades, patches and policy changes• Policy tuning: Learning from good behaviour to

detect bad• Tailored for you: Use of pre-built web application

security policies tailored to your applications• Stay ahead of emerging threats: Get access to

the latest threat intelligence and proactive device configuration to protect against emerging threats

• Continuous proactive monitoring: 24x7x365 expert support from SecureData’s UK SOC, with real-time alerting of potential threats and service availability issues

• On-going engagement:- Unlimited access to SecureData’s security experts and SOC

- A designated technical point of contact or Technical Guardian

- Access to Dedicated Incident, Problem Management and Change Teams

- Regular status meetings with the SecureData Service Management team

• Client portal: Clear service visibility through an interactive, visual interface

• Full reporting: Providing a clear view of application activity and attempted attacks

TECHNICAL COMPONENTS • Unlimited signature, policy and rule-base changes to proactively protect against

new and emerging threats.• Full risk assessment for all changes.• Ongoing policy tuning, learning from good behaviour to detect bad.• Application layer DoS and DDoS detections, including: HASH DoS, Slowloris, Floods,

Keep dead and XML bombs.• SSL termination, allowing inspection and mitigation of concealed, malicious threats.• SSL certification renewal monitoring.• Geolocation based application access control.• A dedicated Technical Account Guardian and ongoing service engagement with

regular service reviews.• ISO27001 compliant services delivered from UK-based SOC.• 24x7x365 pro-active monitoring of key device metrics.• Unlimited 24x7x365 access to Dedicated Incident, Problem Management and

Change Teams.• Weekly off-site backups of policies and hardware configuration.• Critical, major and minor updates and upgrades, including feature releases.• Remote re-builds subject to an RMA process.• Regular reports containing application activity, attempted attacks and incidents

reported.• Annual health and capacity checks, including software/hardware suitability reviews. • Access to the SecureData Portal.• Access to vulnerability database and threat advisory information.• Automated vulnerability scanning of external estate.

PROTECT

PROTECT

SECDATA.COMFOR MORE INFORMATION PLEASE CONTACT US T: +44 (0)1622 723400 | E: info@secdata.com

MANAGED WEB APPLICATION FIREWALL SERVICES

WHY SECUREDATA Cybersecurity specialistsSecureData specialises in cybersecurity services and solutions, with a 25-year track record of delivering managed services to some of the largest companies in the world.

Outstanding expertiseOur Managed WAF service is delivered by our UK-based SOC - delivering immediate, 24x7x365 access to specialists who will deal with emerging threats and help ensure continuous availability.

Extensive security insightSecureData’s Greater Intelligence platform processes over 30 billion security events per month, giving us unparalleled access to current and emerging threats. SensePost, our elite consulting arm, is at the forefront of cybersecurity - providing insight into the criminal mind-set. We use this information to ensure our Managed WAF customers are as secure as they possibly can be.

Vendor insightsOur close partnership with F5 Networks provides superior access to their technical experts and product roadmaps - keeping our SOC’s knowledge ahead of the game.

Complementary servicesWe offer a broad range of services that complement our Managed WAF service and strengthen your security posture, including Managed Firewall, Managed IDS/IPS, Managed Threat Detection, Managed Vulnerability Scanning and Managed Compliance Monitoring.

ABOUT SECUREDATASecureData is a leading provider of cybersecurity services and solutions.

SecureData looks beyond point technologies to address cybersecurity as a whole. The company offers a comprehensive set of professional and managed security services across the entire attack continuum. For over 25 years SecureData has been helping organisations assess risks, detect threats, protect assets and respond to breaches quickly and effectively ensuring essential IT infrastructure always remains secure and available. SensePost, the consulting arm of SecureData includes some of the world’s most preeminent cybersecurity experts. Trusted by both corporate and military organisations across multiple countries, SensePost helps organisations to protect IT infrastructure and stay ahead of evolving cybersecurity threats. Operating across the UK, South Africa and the USA, SecureData has an enviable track record having delivered cybersecurity services for many business sectors including finance, insurance, retail, property, professional services, technology and government.

@SECUREDATAEUROPE @SECDATAEU WWW.SECDATA.COM

@SENSEPOST @SENSEPOST WWW.SENSEPOST.COM

PROTECT