Best pratices are essential to maintain an efficient web security level of your infrastructure and to be protected from threats of every day.
Here are listed several best practices recommended by DenyAll :
Have the latest supported product version
Maintain i-Suite up to date with the latest supported version to have new security updates, mostly system, but also to have the latest bugfixes.
Have the latest version of security patterns
Web technologies are constantly evolving and web applications are greatly diversified, this lead to new vulnerabilities and new exploits every day.
Deny All regularly publishes security patterns updates to improve detection, to avoid false positives and to block new attacks.
Have the latest OpenSSL update
Cryptographic protocols are the center of the communication security. Vulnerabilities can be critical and have to be patched as quickly as possible.
We can refered to the HeartBleed vulnerability or Logjam and POODLE attacks.
Use secure protocols and strong ciphers
Take care about the use of the SSLv3 protocol which is deprecated (remember the POODLE attack). Favor only TLS 1.1 and TLS 1.2 protocols with strong ciphers.
Watch security logs regularly
Security logs identify all attacks blocked by the security policies. Watch the security logs regularly to detect any strange behavior like increasing blocked requests, on which tunnel...
Some strange behaviors and blocked requests can help you to adapt your security policies quickly.
Have a recent configuration backup
To prevent any crash (product, hardware...), it is essential to keep a recent backup in order restore configurations quickly.
Use our use cases
To help you to protect your applications, some use cases are available to meet specific needs.
DenyAll recommends the implementation of the following use cases to help you to optimized the security of your applications :
After the announcements of attacks for the 15th January 2015, the ANSSI (Agence Nationale de la Sécurité des Systèmes d'information) have published documents (FR only) describing recommendations and best practices for cybersecurity :