Palo alto WAF risk assessment

gajji229
L0 Member

‎06-13-2024 10:34 AM

I got request to do PA WAF risk assessment for my environment, do you have any suggestions how should i do Any documents/steps/url that i can follow to do the same.
0 Likes Likes

JayGolf
Community Team Member

‎06-14-2024 09:09 AM - edited ‎06-14-2024 09:16 AM

Hi @gajji229 ,

 

Hope you're doing well!

 

If you have a public-facing web application that handles sensitive data, it's a good idea to include a dedicated Web Application Firewall (WAF) in your architecture alongside your Next-Generation Firewall (NGFW). You might want to check out Prisma Cloud's Web-Application and API Security (WAAS) offering—it could be a great fit for your organization's needs.

 

When doing your assessment, consider the differences between NGFW and WAFs. It's important to determine whether it's acceptable for your organization to operate without a dedicated WAF. Keep in mind that assessing just the NGFW might not cover all the crucial areas a WAF is designed to protect.

 

LIVEcommunity team member
Stay Secure,
Jay
Don't forget to Like items if a post is helpful to you!

Please help out other users and “Accept as Solution” if a post helps solve your problem !

Read more about how and why to accept solutions.
0 Likes Likes

PavelK
Cyber Elite
Cyber Elite

‎06-16-2024 06:06 PM

Hello @gajji229

 

to only add what Jay mentioned it is crucial to enabled inbound ssl decryption to allow Firewall have a full visibility into incoming traffic.

 

Kind Regards

Pavel

Help the community: Like helpful comments and mark solutions.
0 Likes Likes