|
|
本帖最後由 kosipoy770 於 2024-3-5 12:02 編輯
Based on the premise that it is impossible to completely protect against malicious attacks, it is also essential to formulate guidelines that describe how to respond in the event a security incident occurs. It is also a good idea to conduct vulnerability assessments on websites and web services. By identifying and defeating vulnerabilities that are the starting point for attacks in advance, it is possible to strengthen security. 2. WAF may cause false detection/blocking If the security level of WAF is too strict, it may cause false positives and even block normal communication.
On the other hand, if the security level is too relaxed, the risk of attacks that exploit vulnerabilities will increase. Adjusting the security level requires specialized knowledge and experience, and if possible, it is best Phone Number List to have security personnel who can handle false positives and false blocking. However, it is also true that it is becoming difficult to secure such human resources.
In cases where it is difficult to secure human resources to operate WAF, one option may be to outsource to a company that handles WAF operation services. However, when outsourcing operations, it is important to check the implementation that have implemented it, and choose a company that has established implementation and operation know-how. 3. There is a risk of website suspension When operating a WAF, it is important to remember that there is a risk of website outage.
|
|
發表於 2024-3-5 12:00:53