- Wij nemen de verantwoordelijkheid - Pakken complexe vraagstukken op - Zorgen voor een hoge beschikbaarheid - Single point of contact
We hebben jarenlange ervaring met transities van organisaties naar Cloud-oplossingen. Wil je hier meer over weten neem dan contact met ons op.
We hebben jarenlange ervaring met IT security voor diverse bedrijven. Wil je hier meer over weten neem dan contact met ons op.
Most companies are driven by digitalization pressure rather than a desire to take control of their own Digital Development.
Managed Services behoort tot de kern van onze bedrijfsvoering en dat maakt ons tot de aangewezen partner voor organisaties. Wil je hier meer over weten neem dan contact met ons op.
By: Hans-Petter Fjeld and Abel De Kat Angelino, Information Security Engineers at Basefarm
You might think, and you could even be right in that your own web application is perfectly written with zero bugs, so that no attacker can obtain information they should not be able to. But what about the software surrounding your web application? Unfortunately, this software often is things you don’t have control over like frameworks, web servers, operating systems, and sometimes even hardware.
The aim of a Web Application Firewall (WAF), is to ensure that your web application is kept safe even if there are coding mistakes in it or in any of the underlying systems or frameworks it runs on top of.
A WAF, given the correct setup of rules, could for example protect your web application against unknown threats, so called Zero Days. One example is the Command Injection exploit that was released for Apache Struts which allowed an attacker to simply modify the Content-Type header, in order to gain direct access to the server, which would have allowed the user to steal data and move further into the network. By utilizing a WAF, customers were able to protect themselves against the attack even before a patch was available. This was possible because the intelligence built into it could recognize that a Command Injection was attempted and thus block it.
In another layer, you would have your Web Server which your web application runs on top of. Vulnerabilities occurs on it from time to time, and sometimes they will not get patched. One example is CVE-2017-7269 which had a known exploit available, but Microsoft said they wouldn’t patch. In this case, a WAF would be able to assist you.
As you can see, it’s not only your own web application that is a target here, it’s your entire environment. So, even though there is never a silver bullet when it comes to IT-Security, you should always work to keep your code as well-written as possible to avoid potential breaches. Moreover, a WAF is one of the most important aspects when it comes to your ability to defend your web application against data breaches.
-Let’s Be Careful Out There (Hill Street Blues)
If you are interested read more here:
Or contact us and we will get back to you!
Wij gebruiken cookies om ervoor te zorgen dat onze website voor de bezoeker beter werkt. Daarnaast gebruiken wij o.a. cookies voor onze webstatistieken.
Click on the different category headings to find out more. You can also change some of your preferences. Note that blocking some types of cookies may impact your experience on our websites and the services we are able to offer.
These cookies are strictly necessary to provide you with services available through our website and to use some of its features.
Because these cookies are strictly necessary to deliver the website, you cannot refuse them without impacting how our site functions. You can block or delete them by changing your browser settings and force blocking all cookies on this website.
These cookies collect information that is used either in aggregate form to help us understand how our website is being used or how effective our marketing campaigns are, or to help us customize our website and application for you in order to enhance your experience.
If you do not want that we track your visist to our site you can disable tracking in your browser here:
We also use different external services like Google Webfonts, Google Maps and external Video providers. Since these providers may collect personal data like your IP address we allow you to block them here. Please be aware that this might heavily reduce the functionality and appearance of our site. Changes will take effect once you reload the page.
Google Webfont Settings:
Google Map Settings:
Vimeo and Youtube video embeds:
1. COOKIES 1.1 What are cookies?
By using the website you consent to that Basefarm stores cookies on your computer. Cookies are small text files that are placed on your computer while you are browsing a website.
Cookies are also used to collect information on how the website is used. In addition, with our cooperation partners we collect anonymous information of which browsers that visit the website to show relevant advertising (interest based advertising).
1.3 Manage your cookies
Most browsers are set up to automatically accept cookies. By changing your browser’s settings you can choose between accepting cookies, receiving information when a cookie is placed, or blocking cookies. The way to manage cookies may differ between browsers, but normally the menu is reached through tools or alternatives. If you decide to block Basefarm’s cookies, this may limit the functionality of the website.
You can find more information about cookies and how to delete or block cookies on the website www.allaboutcookies.org.
1.4 More detailed information
Pardot, visitor_id128211, lpv128211
2. Data controller Basefarm AS, reg. no. 982 211 743, Nydalen Allé 37a, 0484 Oslo, Norway, is the data controller in relation to personal data being processed on the Norwegian and English versions of the website. Basefarm AB, reg. no. 556638-0639, Sveavägen 159, 113 46 Stockholm, Sweden, is the data controller in relation to personal data being processed on the Swedish version of the website. Basefarm BV reg. no. [•], Beechavenue 106, 1119 PP Schiphol-Rijk, Netherlands, is the data controller in relation to personal data being processed on the Dutch version of the website. The aforementioned Basefarm entities are collectively referred to as “Basefarm” in the following. You will find Basefarm’s contact information under section 10.
4. What data may Basefarm collect? The personal data Basefarm may collect includes information about your name and contact details such as address, telephone number and e-mail address, company and any other information you provide. If you apply for a job at Basefarm, Basefarm will process your CV as well as any other information you attach with your application.
5. How does Basefarm process personal data? The personal data collected by Basefarm is used to manage customer relations, assess potential employees and assist customers and website visitors with any requests or inquiries made on the website. The information may also be used for monitoring and development of Basefarm’s business and website, for example by analyzing statistics of website visitors, and to protect Basefarm’s rights. If you apply for a job, Basefarm only uses your personal data for the purposes for which you provided the information. However, Basefarm may save interesting applications even after the recruitment period is over. Such applications may also be transferred to other entities within the Basefarm group.
6. To whom may Basefarm disclose the information? Basefarm will not sell, lease or otherwise transfer any personal data collected to a third party. Basefarm may however transfer the personal data to other companies within the Basefarm group or to business partners if it is necessary to fulfil its obligations towards you. Personal data may be disclosed if it is necessary to: a) Comply with applicable law, regulation or similar or to comply with a legal process, request or order from an executive authority; b) Defend Basefarm’s legal interests; or to c) Detect, prevent, or otherwise avoid fraud, security breaches or technical issues.
7. Links to external websites Basefarm’s website may contain links to third-party websites. Basefarm is not responsible for the processing of your personal data on such websites.
8. Amendments If this policy is amended, Basefarm will publish the amended policy at www.basefarm.com with information about when the amendments will enter into force. If Basefarm carry out any significant changes to the policy, Basefarm may choose to inform by e-mail or by publishing a message on the website.
9. The right to information and recifications You have the right to require information about what personal data Basefarm is processing about you and for what purposes. You are also entitled to have any incomplete or inaccurate data rectified, erased or blocked. Please see the contact information in section 10 should you have any questions about how Basefarm processes your personal data.
10. Basefarm’s contact information If you have any questions relating to Basefarm’s processing of personal data, or if you want to invoke your right to access data, please contact relevant Basefarm entity on the address set out below: Norway/Global: Basefarm AS PO Box 4488 Nydalen 0403 Oslo Sweden: Basefarm AB Sveavägen 159 113 46 Stockholm Netherlands: Basefarm BV Beechavenue 106 1119 PP Schiphol-Rijk
11. Security measures Basefarm has taken the organizational and technical security measures required to protect personal data against unauthorized access, modification and deletion.
Keep in touch with us - we’re aware that your inbox is a sacred place, and we’ve, built this page to put you in control.
With your email registration you are accepting that Basefarm is storing your personal data information and is using it to administrate your registration. We would like to send you personal emails with company news, content, invitation to events, webinars, reports, offerings, product and service information. Please check the boxes below what kind of personal information you would like to receive from us.
I am hereby giving consent that Basefarm is sending me emails on following topics: