Network misconfigurations

Azure Application Gateway without Web Application Firewall

Platform(s)
Compliance Frameworks

CCPA, cis_8, CPRA, HITRUST, iso_27001_2022, iso_27002_2022, Microsoft Cloud Security Benchmark, mpa, New Zealand Information Security Manual, NIST 800-171, NIST 800-53, PDPA, UK Cyber Essentials

Description

Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications, offering various Layer 7 load-balancing capabilities. Azure Web Application Firewall (WAF) on Azure Application Gateway provides centralized protection of your web applications from common exploits and vulnerabilities, like SQL injections, Cross-Site Scripting, malware uploads, and DDoS attacks. The Azure Application Gateway - {AzureApplicationGateway} is configured without Azure Web Application Firewall, which leaves the Azure Application Gateway`s backend instances not secured.
Need help?

Get a free Security Risk Assessment. Start today

A screenshot of the Orca platform dashboard summarizing all of your cloud security risks

Personalized Demo

See Orca Security in Action

Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.

Get a Demo