Ask us a question

You are here

Approach WAF, an innovative technology combined with extended expertise

WAF, an essential security tool

Web Application Firewalls (WAF) can monitor, detect, and block web-based attacks by inspecting the content of the traffic so as to improve the security of your web applications. They are complementary to traditional network firewalls that can only block traffic based on its origin and destination..

"We have drawn on our in-depth cyber security expertise and methodology to develop an innovative and unique WAF that provides proven effective security at limited license cost. "

Approach WAF, much more than a traditional WAF

Traditional WAFs often fail in practice due to “bad” implementation and deployment :

  • They are black boxes. They contain obscure one-size-fits-all "magic rules" that generate unexplainable false positives. This often leads to the deactivation of most of the rules that are supposed to protect the application.
  • They allow most traffic and expect you to explicitly add most of security. As a result, security is generally very limited and does not cover the full spectrum of the content.
  • They lack an integrated methodology to manage their configuration, deployment and maintenance. As a result, WAF configurations are often not in line with the applications.

Approach WAF offers a completely different and innovative approach to ensure proven effective security:

  • By default, the “deny all” rule is applied to all traffic. Security is therefore extended to the full spectrum of the content; no part could be mistakenly “forgotten”.
  • Rules are activated to allow expected traffic only. Our WAF includes many preconfigured rules that will suit most of your applications. The Approach WAF is transparent and open and can therefore be easily used with full knowledge of the purpose of such rules.
  • We have developed a fully integrated methodology to ensure proper implementation and maintenance.

Here is an highlight of our major differentiators compared to traditional commercial WAFs and the main Open Source solution:

 Logo Approach Waf
Approach WAF
Logo Approach Waf
OWASP ModSecurity
Core Rule Set
Traditional
commercial WAF's
Approach WAF Logo Attack Pattern detection
Approach WAF Logo Default "Deny all"
Approach WAF Logo Behavioural & history analysis
Approach WAF Logo Scalability (H&V)
Approach WAF LogoMulti-environment
Approach WAF Logo Transparent and open
Approach WAF LogoGood Practice enforcement
Approach WAF LogoComplete Management Framework

Approach WAF, more value for less money

The licence cost is minimal by relying on open-source technologies. You mainly pay for security expertise.
Furthermore a “deny all” philosophy translates into an immediate level of security. In other words, more security for less money.

Approach WAF, two editions for two different needs

Approach WAF is available in two versions coming with the same modules and the same security features.
The difference lies in the pre-configuration and in the customization capabilities.

 
Advanced Edition

Standard Edition
Approach WAF Logo Security Features  
Approach Security Framework
Approach Management Framework
Default "Deny all" (H&V)
Full control on white listing
   
Approach WAF Logo Deployment & Management  
Multi-environment
Redundant & Scalable
Easy 3rd party integrationt
Transparent and open
   
Approach WAF Logo Full Managed servicesOptionalOptional
  • The “Advanced Edition” is intended for datacentres and large companies. It is entirely customizable and aims to be tightly integrated in your environment with your own technologies. This version is preconfigured with the “deny all” philosophy and white listing must be explicitly activated.
  • The “Standard Edition” is a standalone virtual machine, with pre-activated security rules that will allow most common traffic. The operating system and the core components cannot be modified.

For both versions, you can subscribe to a service to have Approach managing the WAF and its evolution.

Approach WAF, from a custom implementation to a product



Client references

Publications

Published on 12 September 2019

FinTech Belgium Cyber Security Classrooms – Approach presentations available for download


Read more

Published on 22 May 2019

Keep your IBAN secret, it could be easily abused!

National press coverage: Approach has discovered a critical flaw in major online shops  They all...
Read more

Published on 16 May 2019

Approach opens an office in Antwerp

In order to pursue its growth ambitions and become the Belgian reference in cyber security, Approach opens a second office...
Read more

Published on 05 April 2019

Get a grant for your IT security projects - Brussels-Capital Region

Since March 25, 2019, micro, small and medium-sized companies that have a headquarters in the Brussels-Capital Region can...
Read more

Published on 13 March 2019

Web Application Firewalls: where do we stand?

Approach has been invited by ISACA Belgium to write a technical briefing about the WAF technology. Dowlnoad the...
Read more

Published on 31 October 2018

ModSecurity extensions by Approach Belgium

Download the additional input filters developed by Approach for ModSecurity.  
Read more

Published on 12 October 2018

How do you deal with low risk level vulnerabilities ?

Nothing should be left behind when speaking in terms of security...  A story by David Bloom, Cyber-Security Consultant...
Read more

Published on 04 April 2018

Rise of DDoS Amplification Attacks

Since the end of February 2018, we’ve seen a rise of DDoS Amplification attacks, with in some case more than 1Tbps of...
Read more

Events

26November

Louvain-La-Neuve (4 hours )

How to ensure a successful and fast ISO 27001 certification?

Join us and ISACA Belgium on November 26th as from 17:30 ! 
Read more

Our approach to cyber-security

Our customers benefit from the expertise and talent of our people, combined with pragmatic and proven methods and the efficiency brought by our assets:

1

Expertise and talent

Since 2001 we have applied our experience in cyber-security gained in various industries, from small to large businesses. Our people are seasoned, certified professionals who continuously improve and extend their knowledge.

2

Pragmatic and proven methods

We rely on most recognised, easily auditable and adopted standards and good practices and apply them pragmatically. We always tailor our approach to your particular context, needs and organisation culture.

3

Asset-based approach

We make use of the most advanced and reliable tools and solutions to support our services. This enables us to be more efficient during delivery, enforce the use of standard auditable methods and provide transparency about our achievements and your results.

+
Certified professionals
0+
Success stories
0
Year of establishment
+ 0%
Average annual growth