Empowering Security Customers with Web Application Firewall APIs
Verizon Digital Media Services is pleased to announce the launch of a public configuration API for our Web Application Firewall (WAF), which is part of Verizon DEFEND. This launch enables a complete API-driven management of our WAF. Customers can now create, update and delete WAF configurations and get detailed WAF event logs through our RESTful APIs.
DEFEND’s APIs empower our customers and partners in a variety of ways and open up many possibilities:
- Automation and ease of configuration management: WAF configuration API empowers your security staff to programmatically automate configuration actions. All security functions that are available in the DEFEND user interface are now available through the API. This includes the ability to create WAF Profiles and Instances, turn WAF rules on and off, blacklist and whitelist IP addresses and countries and other key functions. If your web application is under attack, and you need to block a set of malicious IP addresses in WAF, you now have the option to create scripts and automate that action.
- Flexible and detailed visibility of security events: Our DEFEND Dashboard provides multiple graphs of security events, tables that show the top 10 attributes of events and multi-level filtering functions. But sometimes that is not enough. Many customers prefer to obtain the event log data and slice and dice it themselves. They also want to store the data offline for further long-term analysis.
Our Event Log API, which has existed since the inception of the WAF, enables all of these actions. It supplies event log data in JSON format and allows extensive filtering to help you identify trends of security events and to perform root cause analysis of serious security issues.
- SIEM Integration: Many customers rely on their in-house Security Incident and Event Management (SIEM) tools to collect and correlate data across multiple security products, including WAFs. Our Event log API allows customers to do that for the DEFEND WAF. Popular SIEM tools can pull WAF event log data from our API and perform further analysis on it. The analytical output of SIEM tools combined with automated actions using our configuration API allows you to close the loop on end-to-end WAF management.
- Partnerships: In 2016 we are looking to expand our external partnerships for DEFEND, to enhance technical features and to increase the global reach of the product. Our WAF APIs empower our partners to manage multiple customer accounts with ease and help drive technical integrations. As our partnership program grows, the need for automation will grow, and APIs will play a critical role in enabling customers to maximize the effectiveness of the DEFEND WAF.
- Internal Empowerment: Our WAF APIs also empower our internal support and professional services teams to address security events on behalf of our customers with agility.
To ensure the security of customer data and configuration, all DEFEND APIs require a user-account-specific authentication token and secure communication using SSL encryption.
For more information on the APIs, please consult the Help Center documentation in our Media Control Center (MCC) or Contact Us.
Rupali Deshmukh – Software Engineer
Vikas Phonsa, Senior Product Manager – Security Solutions