Introduction

Completed

Azure Web Application Firewall is an Azure service that protects web applications from common attacks such as SQL injection and cross-site scripting. The protection extends beyond OWASP (Open Worldwide Application Security Project) top 10 attacks. It can also detect malicious bot attacks, API attacks, and application layer DDoS attacks.

Suppose you work for Contoso, Ltd., a financial-services company in Seattle with major offices located throughout the world. Contoso's compute environment runs as Azure virtual network resources. These resources include several existing and planned web applications that serve customers, vendors, and employees.

The Contoso IT staff is concerned that their web applications are the target of malicious attacks using common exploits such as SQL injection. IT wants to protect their apps. However, their web development team lacks the expertise, time, and budget to write the necessary protection code.

Suppose you're a senior Contoso web developer. You're responsible for researching and recommending a way to protect Contoso's web applications. You've been asked to evaluate whether Azure Web Application Firewall can protect your web apps from attacks that use common exploits.

In this module, you learn the basics of Azure Web Application Firewall. Those basics consist of what it is, how it works, and when you should use it. By the end of this module, you'll have the knowledge needed evaluate whether Azure Web Application Firewall can protect Contoso's web apps from common attacks.

Learning objectives

In this module, you’ll:

  • Explain how Azure Web Application Firewall works to protect Azure web apps from known threats.
  • Evaluate whether Azure Web Application Firewall is the right solution to protect your Azure web apps from malicious exploits.
  • Identify and describe use cases for Azure Web Application Firewall.

Prerequisites

To get the best learning experience from this module, you should have:

  • Beginner-level knowledge of Azure, including Azure virtual networks, Azure App Service, Azure Front Door, and Azure Application Gateway.
  • Beginner-level knowledge of networking, including IP addresses, HTTP/HTTPS request parameters, and HTTP request methods.
  • Beginner-level knowledge of cloud computing, including availability and web applications.