Best pratices are essential to maintain an efficient web security level of your infrastructure and to be protected from threats of every day.
Here are listed several best practices recommended by DenyAll :
Maintain i-Suite up to date with the latest supported version to have new security updates, mostly system, but also to have the latest bugfixes.
Available on your my.denyall.com space.
Web technologies are constantly evolving and web applications are greatly diversified, this lead to new vulnerabilities and new exploits every day.
Deny All regularly publishes security patterns updates to improve detection, to avoid false positives and to block new attacks.
The latest version of security patterns is available on your my.denyall.com space.
We invite you to see your best practices to perform an efficient security patterns update : Updating security rules
Cryptographic protocols are the center of the communication security. Vulnerabilities can be critical and have to be patched as quickly as possible.
We can refered to the HeartBleed vulnerability or Logjam and POODLE attacks.
The latest OpenSSL version is available on your my.denyall.com space.
Take care about the use of the SSLv3 protocol which is deprecated (remember the POODLE attack). Favor only TLS 1.2 protocol with strong ciphers.
For more details see SSL Cipher Profiles.
Security logs identify all attacks blocked by the security policies. Watch the security logs regularly to detect any strange behavior like increasing blocked requests, on which tunnel...
Some strange behaviors and blocked requests can help you to adapt your security policies quickly.
To prevent any crash (product, hardware...), it is essential to keep a recent backup in order restore configurations quickly.
Backups can be automaticaly generated and exported with Scheduled Tasks.
To help you to protect your applications, some use cases are available to meet specific needs.
DenyAll recommends the implementation of the following use cases to help you to optimized the security of your applications :
It is important to keep in mind that the activation those use cases can be ponctual according to events (like cyber-attacks).
Those use cases should not be deployed without studing impacts and avoid unavailability issues on your applications.
After the announcements of attacks for the 15th January 2015, the ANSSI (Agence Nationale de la Sécurité des Systèmes d'information) have published documents (FR only) describing recommendations and best practices for cybersecurity :