Okay, So mitigating strategies. We talked about many of those throughout this chapter, but I want to specifically talk about a handful of devices, primarily sort of thinking about hardware. Not necessarily, but thinking about the devices that we can implement the help.
So the first device that I have here is a wafa web application firewall. So this is a layer seven firewalls specifically designed to understand. Http. Traffic malformed headers to prevent malicious http requests that could cause dinamo service.
Uh, this would be something that would mitigate issues with cross site scripting. So ultimately, when you're looking at web based attacks
or attacks, it is specifically exploit applications. Web abs? Well, obviously, Web application firewall would be useful. So ultimately, that will be placed in the D. M. Z request Will go through the waft before Ford along to your server.
Um, ***, just because I want to say *** but database activity monitoring is another layer seven device, and this'll would be something that would examine what is
directed at your database. Now it's much bigger than just looking at, specifically sequel commands,
you know, ultimately, it's monitoring, examining what's going on with your database so this could give you information on users that are accessing either illicitly or legitimately a CZ well as providing some security against actual coding instances.
um xml gateways again. XML based. So something's not gonna necessarily be a catch all but ultimately looking to secure those AP eyes that are gonna be based on XML and ultimately secure
those sorts of transitions, if you would, Or
firewalls, firewalls we know or necessity in any environment. Their job is to examine traffic, make decisions based on often based on rules or rule set, perhaps defined by an administrator primarily looking at separating out domains of trust they can give us,
uh, you know, log information so that we can see the type of traffic that's being allowed
a CZ well, as give us information on statistics on the network, a p I gateways again, this goes to a P eyes so that we're looking at ensuring the AP eyes were working and consistently,
that they're consistently providing the degree of security that we need, I guess from service to service. Maybe So I was thinking of that, and then our last is our deal piece systems these systems are all about detecting ex filtration of data,
whether it's through printing, whether it's through exporting, whatever that may be. But usually,
DLP systems examined that of based on specific formats, so we could go much more in depth on each of these. It's not necessary, but I would recognize when each of these devices would be appropriate for use.