SLASCONE is secured by the Azure Web Application Firewall, which is a cloud-native service that protects web apps from common web-hacking techniques such as SQL injection and security vulnerabilities such as cross-site scripting.
if you are using our SaaS solution (my.slascone.com), then you already profit from the WAF. No further actions are necessary.
PRIVATE AZURE DEPLOYMENT
If you deployed SLASCONE in your own Azure subscription as described here, then you have to explicitly deal with this issue, since Azure's WAF is an optional part of SLASCONE's initial installation. The reason that this step is optional is that:
- you may already have the Azure WAF (or any other WAF technology) in place. In such a case, you need to configure SLASCONE's routing accordingly.
- the SLASCONE API is not public, in which case a WAF is not necessary. The API should not be public if it is only consumed from within Azure or through a dedicated IP range.
If none of these applies, our team can install Azure WAF in combination with Azure Front Door or Application Gateway.