Cloud-based WAF service “BLUE Sphere”
About BLUE Sphere
The cloud-based WAF service "BLUE Sphere" provides all-in-one multi-layered security functions such as WAF (Web Application Firewall), protection against DDoS attacks, and website tampering detection. In addition to these security functions, we also provide DNS monitoring and cybersecurity insurance as basic services to provide strong defense against cyber attacks.
| BLUE Sphere service details | BLUE Sphere |
|---|
Features of BLUE Sphere
① WAF function to prevent attacks on web applications
WAF is a security service that protects against unauthorized access that attempts to steal information or tamper with websites by exploiting vulnerabilities in web applications. BLUE Sphere is a DNS-switchable cloud/SaaS WAF service, so it can protect the network layer, which cannot be covered by IPS/IDS/firewalls alone.
In addition, in order to prepare for unknown cyber attacks that are created every day, we analyze attack methods and set up defenses (behavioral analysis and signature update operations).
② Avoiding suspension of web services using DDoS protection function
DDoS is when a malicious attacker takes over another person's PC and accesses a large amount of the target's website or server, intentionally compromising the availability of the target and disrupting web services. This is a cyber attack that will force you to stop using the service.
When BLUE Sphere detects a large amount of traffic due to an abnormal simultaneous attack, it immediately blocks it and protects the operational resources of web services.
③ Website tampering detection
If a cyberattack occurs in which an attacker illegally logs in to a web server and rewrites the website, not only will the web service be shut down, but website viewers may be infected with malware or redirected to phishing sites. There is a risk that you may be induced to do so.
By copying the original website information in advance, BLUE Sphere can detect it immediately by checking the integrity of the website in the unlikely event of a tampering attack.
BLUE Sphere main security features
Advanced security features/compliant standards
| 1 | PCI-DSS V3.1 compliant |
|---|---|
| 2 | OWASP TOP10 @2017 |
| 3 | Supports L3/L4/L7 DDoS attacks |
| 4 | Advanced reputation-based bot protection |
Main attacks that can be defended against
| Attacks on web applications that can be defended against | DoS/DDoS attacks that can be defended against |
| include injection | TCP SYN Floods |
| Privacy output filtering | HTTP Post Floods |
| stealth commanding | Brute Force |
| SQL Injection | HTTP Cache Control |
| Privacy file filtering | TCP FIN Floods |
| Request method filtering | HTTP XMLRPC PingBack attacks |
| File upload/invalid URL | TCP Ack Floods |
| Buffer overfollow cookie poisoning | HTTP SSL Saturation |
| Cross-site scripting (XSS) | TCP RST Floods |
| request header filtering | TCP Fragment attacks |
| URI access control | Ping of Death |
| extension filtering | Amplified DNS DDoS |
| Website tampering/invalid HTTP | HTTP GET Floods |
| Unauthorized access/Unicode directory rubbersal | HTTP HEAD Floods |
| Parameter tampering | DNS NXDomain Floods |
| directory listing | RUDY |
| Input content filtering | ICMP Floods |
| Response header filtering | TCP Syn Spoofed |
| - | Slowloris |
| - | Smurf,As well as other attacks |
