A Comprehensive Analysis of AppTrana, the Ideal Application Security Solution from Indus face:
Any website that is accessible over the internet is at risk of being attacked, therefore website security is no longer a choice in modern times. Attackers engage in this behavior for a variety of motives, the most common of which are the pursuit of notoriety and the acquisition of information regarding competitive situations.
No matter what caused the breach, the financial consequences are severe, and regardless of the size of the firm, any website that is accessible over the internet need an all-encompassing security solution.
Review of AppTrana, an Application Security Platform Designed for the Masses
In this article, we are going to discuss AppTrana from Indusface, which is one of the most all-encompassing application security solutions currently available.
Customers are provided with a website accelerator, a web application scanner (WAS), a web application firewall (WAF) that is totally managed, and integrated DDOS protection when they purchase AppTrana because it is a fully integrated solution (CDN).
AppTrana presents a novel approach to application security and promotes the practise of determining an application’s risk posture and strengthening the links in the chain that are vulnerable in order to provide efficient protection. It provides a general solution and leaves management up to the customer, which distinguishes it from the majority of WAF solutions on the market today.
It is generally very difficult to find a solution that provides automated rules that patch these vulnerabilities immediately, and it becomes the responsibility of the customer to ensure that the vulnerabilities are patched. Even though the other solutions provide an option to import scan results from different vendors due to the diverse nature of solutions, it is generally very difficult to find a solution that provides automated rules that patch these vulnerabilities immediately.
However, customers do not typically possess the necessary level of knowledge to successfully do the task at hand. However, the consumer does not need to be concerned about expertise when using AppTrana. Through its managed offering, AppTrana provides full coverage. The company’s security professionals develop the rules, and the company does not require its customers to have any knowledge of the subject.
Salient Features
The following is a list of some of the most notable characteristics of AppTrana:
#1) Never Miss a Vulnerability: AppTrana gives you the option to run frequent automated scans that seek for OWASP Top 10 vulnerabilities, so you never miss an opportunity to find a security hole. Customers also have the option of performing grey box testing by supplying credentials that are legitimate.
#2) Manual Pen-Testing: Customers can also request manual pen-testing, which involves security experts checking your site to determine whether or not there are any complex vulnerabilities in the business layer that hackers can exploit. 3) Automated Pen-Testing: Automated pen-testing is another option for customers.
#3) Patch Vulnerabilities AppTrana WAF is pre-packaged with core rule sets that have been developed by industry professionals and are designed to defend your website from the OWASP Top 10 vulnerabilities. Vulnerabilities that are discovered can be corrected immediately using this tool.
4. Checks for False Positives: Customers have the option of requesting that professionals monitor their site for false positives and make adjustments to the site’s policies in order to verify that there are no false positives.
#5) Custom Patches: If the basic rules are unable to resolve the vulnerabilities, then the request for custom patches, which would be prepared by security specialists and ensure comprehensive protection, can be made.
#6: Deployment Is Completed in a Few Minutes With No Downtime Involved The entirety of the deployment is completed in a short period of time. Each site is automatically onboarded to support both HTTP and HTTPS traffic once it is added to the network. The architecture of AppTrana, which was designed from the ground up on AWS, takes into consideration both performance and security.
The extremely stable and scalable architecture guarantees that the machines will auto-scale based on the load, protecting against any latency that may occur in the process. There is no requirement for the customer’s end to carry out any new infrastructure deployments.
#7) DDoS Protection: AppTrana provides comprehensive DDOS protection, which guarantees the availability of your website. AppTrana delivers DDOS protection on two different levels.
• Rate control rules and captcha protection that are activated automatically in the event that DDOS assaults are suspected.
• In the event of continuous Layer 7 DDOS attacks, specialists write automatic alerts and specific rules depending on the attack pattern in order to thwart more advanced attacks.
#8) Accelerate the Performance of Your Website: AppTrana, in cooperation with Tata Communications, offers an integrated content delivery network (CDN) that assists in accelerating the performance of your website. The Whole Site Acceleration (WSA) technology offered by Tata Communications provides lightning-fast speed as well as carrier-grade resilience, all of which are necessary to guarantee that the information is always instantly accessible everywhere in the globe.
AppTrana: A Peek Behind the Curtain
As part of our evaluation of AppTrana, we are going to go through the process of onboarding a website onto a premium subscription and exploring the dashboard.
Getting Off the Ground
By registering a free trial account with AppTrana through this link, you will have the ability to conduct a hands-on test for your website or web application.
Due to the fact that we have opted for a premium plan, there will be no free trial period, and you will be required to either supply credit card information or a licence. If you are interested in evaluating the product before purchasing it, you should test the Advance plan, which offers a risk-free trial period of 14 days. In the interest of accuracy, we shall now proceed with the premium plan that is being reviewed.
After you have provided the site that you wish to secure, the following step will be to review the configuration and make sure that it is accurate. After that, you will move on to the next phase. CDN is activated in the settings by default (Actually it is a two-step process which will be explained later).
After that, it would be required of the customer that they submit their SSL certificate. This is necessary in order to decrypt the HTTP traffic and check it for potential attacks.
The customer also has the option of using the free Letsencrypt certificate, in which case AppTrana will automatically produce a certificate for the domain, and the customer will not be required to supply a certificate of their own. Another option available to the customer is to purchase an Entrust certificate from Indusface.
After this, you will be prompted to perform a CNAME change so that traffic is sent to the AppTrana infrastructure. Once this is done, the onboarding process will be finished, and protection will begin as soon as possible. The fact that there is no downtime at any point during the onboarding process is the finest aspect.
Portal Review
After the CNAME record has been updated, the website is successfully integrated into the AppTrana SaaS infrastructure. The safeguarding of the site will now begin as soon as this is done.
• By default, sites are on-boarded into the system using the block mode, and Advanced Rules are applied to the site. Indusface claims that these restrictions have been fine-tuned to ensure that there are zero false positives by preventing any disruptions to users’ ability to access the website.
• Additionally, the Premium Rules are placed on log mode and are monitored by Indusface’s team of qualified security professionals. On the basis of the monitoring, the security specialists at Indusface make any required adjustments to the rules and then tailor those rules so that they suit the requirements of the application. After some time has passed, typically within a week and a half, the site is upgraded to Premium Rules. Premium users are the only ones who have access to this particular option.
Now, let’s have a peek at the portal. Once you have successfully logged into the portal, you will be brought to the dashboard page. This is a clear and concise high-level summary page that provides information about the website’s configuration, including their status in relation to vulnerabilities detected and assaults seen, as well as whether or not any actions are required.
Any site can be chosen by the user, and further exploration of that site can yield further information. If you navigate to the Summary page, you will be presented with further information regarding the selected website’s current status.
Understanding Risk Profile
Now, let’s take a look at the detect page, which is where users may acquire information about the vulnerabilities that have been discovered on the site. It includes in-depth information on the various types of vulnerabilities that were discovered.
Additionally, the protection and patch status of the vulnerabilities discovered can be viewed. On this page, you’ll find information such as whether or not the vulnerability can be protected using Advanced Rules, Premium Rules, or Custom Rules. If the vulnerability can be protected by a custom rule, then the user can request the protection by selecting the button labelled “Request Custom rule.”
The request is then forwarded to the Indusface team, where it is reviewed by our security specialists, who then draught the regulations on your behalf. The premium subscription includes an infinite number of user-defined rules. The advanced strategy includes two different individualised rules.
Additionally, the users can initiate the automated scan at any moment and for an unlimited number of times from this location. Additionally, they have the option to request manual pen testing (PT). Experts in the field of security conduct PT, during which they search for flaws that can’t be found with the use of automated scanners.
Before beginning the test, security professionals will contact the user to have a better understanding of the application and then send the request for a PT scan to the Indusface team. In most cases, it is finished within a period of four weeks after the request has been made. This option is only accessible through the Premium Subscription and users are only allowed one scan per year to use it. A second licence has to be purchased in order to perform subsequent scans.
A User has the option to additionally download a comprehensive report of the security flaws discovered on the site. It gives exhaustive information regarding the vulnerability that was discovered as well as the solutions that may be used to address it.
Protection and Keeping an Eye on Things
The protection and monitoring page of AppTrana is more of an analytics view than anything else because AppTrana is a fully managed solution. This view assists users in comprehending what is being secured, what kinds of threats are being blocked, and so on. Users are not required to take a significant amount of action, as a general rule.
Aside from that, if consumers want to make any additional adjustments or modifications, AppTrana wants them to contact their round-the-clock support team so that the company may make customised changes on the backend. In practise, it is not expected of a user to be a security specialist, and they offload the management of WAF from the customers.
The monitoring page offers information regarding the improvements that the security team has implemented for the site as well as the effectiveness of those modifications.
Settings Page
Users are given the opportunity, via the settings page, to make any changes they deem necessary to the domain that has been onboarded by the service in order to provide protection. From this location, they are able to alter the forwarding address, as well as change the plan and refresh the SSL certificate.
The AF Settings page offers a few streamlined choices that can be helpful in resolving any issues that may arise.
The WAF might be in a variety of different states at any given time.
• Log & Block is the default state, and the rules will be modelled as blocks when in this state.
• Log Mode: This is the mode that is utilised at any stage of the debugging process. If the Web Application Firewall (WAF) is switched to log mode, each rule will continue to keep an eye on the traffic even though the action will change from blocking bad requests to logging them. Helpful for debugging any rules that are acting in an unexpected manner.
• Disabled: When in this condition, WAF is effectively turned off, and all traffic is routed through WAF.
• Bypass is a very intriguing choice that may be made with AppTrana. This is functionally comparable to the fail-open option that is offered by on-premise vendors.
You should already be aware that in order for protection to take effect, you need to direct traffic through AppTrana Infra, and that for efficient protection of Origin, AppTrana recommends limiting access to the backend to only AppTrana’s IP address. This information should be common knowledge by this point.
Now, if there are any unforeseen complications or if any modification in the backend needs to be tested without WAF for some time, then the users would need to perform a CNAME change and whitelist the external IPs, which is a tedious process that any business would have to go through.
AppTrana has provided a useful workaround with its bypass feature. When the bypass mode is activated, the traffic does not go through the WAF infrastructure; instead, it simply goes through a TCP proxy and reaches the backend from the same IP address as AppTrana. This mode functions as a fail open and is very helpful when troubleshooting.
Acceleration of the Website
Once you have onboarded in WAF, the user searching for website acceleration should click the enable button for the CDN tab. At this point, the Indusface team monitors the site and adds the needed Cache settings. As was previously said, CDN enablement is a 2-step process.
After the customer has completed all of the necessary configurations, they may return to this page and change the Cache Status to ON in order to activate the CDN.
Cost of using AppTrana
To get started on their AppTrana Journey, a customer can select any one of the following plans at their discretion.
• The Basic Plan is completely free forever. AppTrana’s automatic scanner may be used to quickly determine the site’s Risk Posture, which is a good place to start.
• The Advance Plan is priced at $99 per month and includes a free trial period of 14 days. Start right away protecting yourself from the vulnerabilities that were found.
• Premium Plan: For a monthly fee of 399 dollars, you can receive full protection from AppTrana. Included in the price is unlimited custom rules as well as one premium scan once every year.
Conclusion
They have made sure that application security is now available to the general public by providing a free basic plan in addition to various premium plans. AppTrana is a comprehensive solution for application security.
To make certain that WAF operates in block mode without hiccups, the management section requires a good deal of attention to detail in terms of both managing and configuring the rules.