Your AI WAF is leaving you 100% vulnerable…

I love technology. I’m the biggest sucker for buying new gadgets with flashing lights. So, as you can imagine (and despite the obvious privacy concerns) I absolutely love my AI driven (well, somewhat AI driven) Google Home ecosystem.

Like smart home tech, AI has permeated the Cyber Security industry faster than you can say “Is AI really the solution we need here?” Almost every solution touts the use of AI, endpoint malware and antivirus products, user behaviour analytics platforms and both network and application firewall solutions.

With such heavy adoption by some big industry names it might come as a surprise for me to say that when push comes to shove your fancy AI powered, Next-Gen application protection IS NOT going to save you from a real attacker.

AI Powered Defense 101

Whether you’ve bought or are evaluating a RASP, WAF, or another defensive application security solution, a number of vendors make the claim that their product is better in every way through the use of AI, and that AI will effectively block or stop all attacks dead in their tracks.

In the application security scenarios, AI has become the gatekeeper ultimately deciding “yes, allow this” or “no, deny that”. In the end it doesn’t matter how complicated the algorithm, the outcome is either yes or no.

But what about those critical vulnerabilities, like weak session entropy, logic or authorisation bugs which can’t simply be blocked? And by blocking those requests and vulnerabilities you’d actually break the application?

Detect & Block vs Find & Fix

If you’re responsible for an application and someone reports a security issue, you’d fix it right? A developer would interpret the vulnerability, make a decision then implement the changes required to patch it.

With the increasing time and cost of addressing application vulnerabilities many are seeking alternatives to traditional vulnerability management and code remediation. When evaluating options like Next-Gen WAF and RASP and with the promise of AI blocking all attackers and attacks, why spend money patching an issue when you can simply detect and block it?

The simple answer is an AI driven WAF has no understanding of business logic or the intended workflows within an application. It has no idea that an attacker could manipulate the query string or a URL and jump the payment step to order something without paying. It is also blind to authorization issues, to an AI decision engine requests to www.acmebank.com/account?id=123 and www.acmebank.com/account?id=456 are both legitimate however the accounts belong to two different individuals. Simply put, a human can determine that these both constitute critical security issues, whereas a machine cannot.

While specific, these two examples (and there are many, many more) illustrate that AI by itself cannot protect against those types of vulnerabilities which businesses should care about most; Those issues that would result in a data breach or allow fraudulent activity to occur.

Thankfully we’re not yet in the age of Skynet and self-aware AI. AI cannot write code or implement new business logic itself, this still requires human input; Ergo the same skills it takes to implement business logic within applications are those it takes to reverse it and hence those to exploit or defend it.

Practical uses for AI

If you’ve already purchased an AI application security tool don’t stress, there are some practical uses for AI including outlier detection. In fact this common approach is how most AI engines determine whether a request is legitimate or not. Large amounts of data is analyzed to determine “typical” legitimate user behavior and requests outside acceptable thresholds are blocked. While this approach is ineffective at stopping a human attacker E.g. viewing another user’s bank account it has shown to be an effective deterrent against bots and attacks like credential stuffing.

Depending on your application, its known issues, and your specific WAF requirements an AI powered solution might be sufficient to protect your app today. However, the key question to answer is, why pay for any solution which can’t deal with those critical issues that you are likely to face in the future?

The answer is… Virtual Patching

If you’ve read this far there’s good news, the alternative to time consuming, expensive code remediation is Virtual Patching. Virtual Patching as the name implies is an approach to vulnerability remediation whereby patches are applied inline without having to change the application itself. Virtual patches are typically applied using a DevSecOps model by cybersecurity teams in a fraction of the time taken by development teams or 3rd parties.

AI and signature powered WAF technologies are fairly effective at blocking basic attacks including SQL injection and Cross-Site Scripting. Injection and basic attacks account for approximately 50% of those issues found by penetration testers. Virtual patches that transform the application’s behavior are the solution for the remaining 50%, which your AI WAF vendor would otherwise confirm that you must use developers and fix yourself.

For those fellow techies who are keen to understand Virtual Patching in more detail or would like to know how to DIY you can view my colleague Kirk Jackson’s excellent presentation here.

Beware “The Emperor’s New Clothes”

If you’ve read any of my other articles, you’ll know I typically write about things that frustrate me, and this one is no different. Specifically I’m thinking about an AI powered WAF datasheet I saw last week which claimed 100% OWASP coverage. I’m sure a number of you are also thinking “that’s impossible” with something that can only inspect and block individual requests, and you’d be right!

I strongly believe cybersecurity vendors need to be more transparent about how their products work. They need to take ownership for outlining the cases in which their solutions are effective, but most importantly highlight those where their solution cannot provide the outcomes required. The majority of WAF customers aren’t and shouldn’t need to be cybersecurity experts. Ultimately it only takes one single vulnerability to result in a successful exploit or breach. 99% secure is still 100% vulnerable.

100% secure sounds great, but DIY Virtual Patching isn’t for me…

If you haven’t worked it out already, then I should I tell you that I work for RedShield. RedShield offers a complete vulnerability detection, mitigation and virtual patching solution using Gartner Magic Quadrant tools as an easily consumable cloud service. Our programmable interception proxy allows us to both detect and block malicious traffic (like other AI WAFs), and also transform application logic to achieve 100% vulnerability mitigation. As a team we provide you the “secure” outcome for your applications and your organization without configuring anything yourself.

I’m sure you’re thinking this all sounds great! However, don’t simply take my word for it. If you have issues that you don’t how to fix or would like us to determine your exposure to CVE’s like Apache Struts and other application issues, contact me for a free, candid 30-minute discovery session.