Evaluación de soluciones WAF open source

Llompart Artigues, Jaume

Please use this identifier to cite or link to this item: http://hdl.handle.net/10609/149578

Title:	Evaluación de soluciones WAF open source
Author:	Llompart Artigues, Jaume
Tutor:	Mendoza Flores, Manuel Jesús
Others:	Garcia-Font, Victor
Abstract:	Currently, a company's website is a critical asset, being the target of cybercriminals seeking to attack it with the purpose of obtaining confidential information, perpetrating new attacks, or simply damaging the organization's image. Faced with these threats, administrators turn to Web Application Firewalls (WAFs) to prevent issues in web applications, making them an essential pillar to safeguard the confidentiality, integrity, and availability of digital assets. This work focuses on the use of open-source WAF solutions. It describes the main vulnerabilities of web applications, along with background, functionality, and the importance of WAFs as a security component to ensure the confidentiality, integrity, and availability of business information. We implemented a laboratory to mitigate common attacks on the vulnerable web application, OWASP Mutillidae II, using WAF solutions against threats such as SQL Injection, XSS, and File Inclusion, which are listed in the top 10 of the Open Web Application Security Project (OWASP). Subsequently, after launching the attacks and analyzing the detected vulnerabilities, the performance and accessibility of each WAF solution were evaluated as an integral part of the research. The ultimate goal is to determine which of the three analyzed WAF solutions stands out as the superior option for companies to choose as an open-source WAF solution.
Keywords:	web WAF aplicaciones seguridad
Document type:	info:eu-repo/semantics/masterThesis
Issue Date:	24-Jan-2024
Publication license:	http://creativecommons.org/licenses/by-nc-nd/3.0/es/
Appears in Collections:	Trabajos finales de carrera, trabajos de investigación, etc.