Azure Web Application Firewall

Version: Azure Web Application Firewall.

Azure Web Application Firewall (WAF) on Azure Application Gateway provides centralized protection of your web applications from common exploits and vulnerabilities. Netsurion collects all the audit log events for your Azure WAF. You can then drill down into each event to see who accessed it, from where and when.

Netsurion data source integration for Azure WAF allows you to monitor the following components:

  • Security: Scanner detected, Invalid HTTP request detected, PHP injection attack detected, SQL Injection attack detected, XSS attack detected.
  • Operation: WAF network access and access failure details.

After the Azure WAF is configured to deliver events to the Netsurion's Open XDR platform, the dashboards and reports can be configured into Netsurion's Open XDR platform.

Some of the Data Source Integrations available in Netsurion are listed below.

Alerts

Type Name Description
Security Azure WAF - OWASP ruleset scanner detected This alert is generated when the WAF OWASP rule is matched or detected for scanner detection.
Security Azure WAF - OWASP ruleset Invalid HTTP request detected This alert is generated when the WAF OWASP rule is matched or detected for invalid protocol requests on site.
Security Azure WAF - OWASP ruleset path traversal attempted This alert is generated when the WAF OWASP rule is matched or detected for path traversal attempt on site.
Security Azure WAF - OWASP ruleset PHP injection attack detected This alert is generated when the WAF OWASP rule is matched or detected for path traversal attempt on site.
Security Azure WAF - OWASP ruleset possible remote file inclusion (RFI) attack detected This alert is generated when the WAF OWASP rule is matched or detected for remote file inclusion attempt on site.
Security Azure WAF - OWASP ruleset possible session fixation attack detected This alert is generated when the WAF OWASP rule is matched or detected for session fixation attack detected on site.
Security Azure WAF - OWASP ruleset protocol-attack detected This alert is generated when the WAF OWASP rule is matched or detected for protocol attack detected on site.
Security Azure WAF - OWASP ruleset remote command execution detected This alert is generated when the WAF OWASP rule is matched or detected for command execution on site.
Security Azure WAF - OWASP ruleset SQL injection attack detected This alert is generated when the WAF OWASP rule is matched or detected for SQL injection attack on site.
Security Azure WAF - OWASP ruleset XSS attack detected This alert is generated when the WAF OWASP rule is matched or detected for XSS attack on site.

Reports

Type Name Description
Security Azure WAF - Application gateway firewall activity This report will provide detailed information on azure application gateway firewall traffic and detection of OWASP rules and other rules matched or detected, based on the configuration.

Documentation

The configuration details are consistent with Netsurion's Open XDR platform version 9.x or later, and Azure WAF.

Download Integration Guide for more information.

This site uses cookies to store information on your computer. Some are essential to make our site work; others help us improve the user experience. By using the site, you consent to the placement of these cookies. Read our Privacy Statement to learn more.

I Accept